Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/29ccbf1f-bd18-437f-87cb-c8d85587cbea.roa
File: 29ccbf1f-bd18-437f-87cb-c8d85587cbea.roa (raw, json)
Hash identifier: CcNluEln4TwC0E71UCs44MtNsOq914Fcfheae1v91mo=
Subject key identifier: 3D:25:50:CB:98:59:40:B7:57:8D:FC:D3:98:B0:44:AF:09:24:E7:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37FDF2509E32434E32ECFEAB6346D144E16AE7B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/29ccbf1f-bd18-437f-87cb-c8d85587cbea.roa
Signing time: Tue 05 Aug 2025 18:41:37 +0000
ROA not before: Tue 05 Aug 2025 18:41:37 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8030::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:fd:f2:50:9e:32:43:4e:32:ec:fe:ab:63:46:d1:44:e1:6a:e7:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:41:37 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=3a537a219852dfdb6983a9a2dbd0142cf3a0c9c577cf7e1fde291104a748ad88, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:63:8d:ff:29:3f:06:2d:aa:17:9a:42:14:13:
95:76:9d:c5:0d:c4:40:18:6f:9c:8f:d0:e5:33:9e:
9f:00:cb:f0:bb:28:4d:15:7e:5a:78:99:e1:41:29:
ae:c2:20:f5:fb:b8:10:ee:5b:da:35:cd:0e:8a:c5:
83:4d:6a:90:aa:ec:84:1a:45:ac:e3:d2:c4:e8:3d:
3f:e8:7f:55:70:c3:f6:21:6f:b0:e6:08:7e:21:6e:
8d:51:2c:93:52:28:a6:aa:ed:eb:f0:da:80:55:ec:
1f:ad:22:18:41:ba:68:85:ef:ae:cd:ce:1a:43:83:
38:b7:9b:9c:07:14:9f:10:7a:ba:ca:32:fb:47:21:
bd:75:22:c9:12:47:60:31:48:ca:b3:e4:d0:44:59:
8a:95:58:52:73:de:9e:61:bc:ef:f2:8c:34:20:6d:
c3:8f:bf:4b:94:e8:ca:01:70:51:70:08:21:d0:51:
8d:e0:21:c3:71:2b:09:f4:09:2d:b3:5e:9d:e4:3f:
04:ea:6d:b8:04:72:21:91:6d:4a:59:c7:20:e3:db:
58:76:f4:25:d4:e8:09:65:46:67:54:c4:d4:bd:c5:
7d:b9:41:b2:db:28:2d:13:30:16:e4:01:69:84:29:
3f:fd:0d:c0:8f:61:f8:9e:ac:da:12:be:a9:53:00:
cc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:25:50:CB:98:59:40:B7:57:8D:FC:D3:98:B0:44:AF:09:24:E7:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/29ccbf1f-bd18-437f-87cb-c8d85587cbea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8030::/48
Signature Algorithm: sha256WithRSAEncryption
c8:cf:dc:81:42:e0:a8:05:a5:f4:60:8b:97:14:76:54:a2:39:
82:ff:62:20:17:a5:07:16:60:01:39:29:23:40:52:6a:a3:96:
b7:c0:4a:3e:90:a0:40:79:fa:2c:76:84:c5:21:06:93:52:9e:
42:39:71:1f:34:d7:6f:93:cf:74:12:35:1e:75:0f:7f:fc:34:
ec:21:60:b1:14:07:b3:0a:b4:5f:f5:0e:ae:1d:eb:b4:38:9f:
6c:20:db:55:e4:9e:78:3f:2d:89:da:31:8a:59:da:37:95:dd:
b9:7c:68:1a:2f:01:47:a4:cd:bc:97:bd:e9:fb:94:df:36:31:
ff:61:f5:33:4e:a6:43:e8:70:fe:24:a0:3a:77:7b:72:94:63:
c9:ee:14:b7:ec:18:23:da:9b:b8:51:ea:20:5e:7b:20:f5:85:
32:82:d0:73:cc:16:89:86:bb:77:8e:37:a4:8b:d9:fe:87:64:
65:ae:22:b8:66:49:b6:47:f0:96:d4:c0:37:54:ea:d2:a4:cb:
ee:65:7d:6f:f9:fe:90:5a:28:56:38:07:6d:16:0b:0f:5c:e1:
e5:97:6c:3c:5d:0c:05:50:c0:cd:80:78:bb:9a:b0:5a:be:ff:
a4:10:19:82:01:0a:30:ae:ac:41:8a:6a:a5:f6:95:7f:cf:cf:
fe:48:a4:46
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUN/3yUJ4yQ04y7P6rY0bRROFq57YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQxMzdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhNTM3YTIxOTg1MmRmZGI2OTgzYTlhMmRiZDAxNDJjZjNhMGM5YzU3N2Nm
N2UxZmRlMjkxMTA0YTc0OGFkODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI5jjf8pPwYtqheaQhQTlXadxQ3EQBhvnI/Q5TOenwDL8LsoTRV+WniZ4UEp
rsIg9fu4EO5b2jXNDorFg01qkKrshBpFrOPSxOg9P+h/VXDD9iFvsOYIfiFujVEs
k1Iopqrt6/DagFXsH60iGEG6aIXvrs3OGkODOLebnAcUnxB6usoy+0chvXUiyRJH
YDFIyrPk0ERZipVYUnPenmG87/KMNCBtw4+/S5ToygFwUXAIIdBRjeAhw3ErCfQJ
LbNeneQ/BOptuARyIZFtSlnHIOPbWHb0JdToCWVGZ1TE1L3FfblBstsoLRMwFuQB
aYQpP/0NwI9h+J6s2hK+qVMAzGsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ9JVDL
mFlAt1eN/NOYsESvCSTneDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjljY2JmMWYtYmQxOC00MzdmLTg3Y2ItYzhkODU1ODdjYmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
MDANBgkqhkiG9w0BAQsFAAOCAQEAyM/cgULgqAWl9GCLlxR2VKI5gv9iIBelBxZg
ATkpI0BSaqOWt8BKPpCgQHn6LHaExSEGk1KeQjlxHzTXb5PPdBI1HnUPf/w07CFg
sRQHswq0X/UOrh3rtDifbCDbVeSeeD8tidoxilnaN5XduXxoGi8BR6TNvJe96fuU
3zYx/2H1M06mQ+hw/iSgOnd7cpRjye4Ut+wYI9qbuFHqIF57IPWFMoLQc8wWiYa7
d443pIvZ/odkZa4iuGZJtkfwltTAN1Tq0qTL7mV9b/n+kFooVjgHbRYLD1zh5Zds
PF0MBVDAzYB4u5qwWr7/pBAZggEKMK6sQYpqpfaVf8/P/kikRg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:50:02 2025 by rpki-client