Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
File: 2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa (raw, json)
Hash identifier: Q6Y2IoEgJnmaTrJfCWCC2EhMUWT0Ra2bQvEbNnFABsw=
Subject key identifier: 2E:2E:A6:74:80:EC:62:09:B0:D7:2D:69:34:E8:2D:9C:3B:DC:D6:23
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 388A242866642F8A92BCE08EAC6D1221C4D3382E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
Signing time: Tue 05 Aug 2025 19:11:21 +0000
ROA not before: Tue 05 Aug 2025 19:11:21 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:8a:24:28:66:64:2f:8a:92:bc:e0:8e:ac:6d:12:21:c4:d3:38:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:11:21 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=33621111999663fcbf5c04e6532cc6a853764b40ff5211cdca497012d6c2c29c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:07:fb:cb:62:b1:04:35:b8:71:f0:30:9f:9d:
5f:f3:d4:2d:a9:84:c1:4f:b3:d1:6d:8f:98:7b:b5:
16:4e:4b:93:fc:ee:92:3a:ef:3f:f4:8a:ef:b6:99:
fa:63:d9:e0:ba:34:f5:32:2c:28:01:a1:43:85:c9:
7f:71:89:33:0a:f2:3d:09:8b:45:57:d7:56:7d:3e:
9f:f5:72:31:34:11:b0:c3:29:d8:64:03:7d:23:60:
33:9e:ac:8e:48:b5:09:6d:dc:1a:94:5b:26:89:a6:
a6:80:6c:d0:80:20:5a:d6:39:49:85:07:91:b4:21:
6d:b5:25:f9:55:6c:5d:b9:17:26:4a:65:1a:84:30:
15:e4:28:b1:dd:25:e9:fa:09:16:26:0e:a4:a9:d3:
1d:e3:59:04:e3:54:58:11:18:72:4e:1a:d7:d4:06:
4d:b0:80:56:64:9a:20:e9:6a:46:68:59:f4:4f:fc:
b0:78:60:89:2e:37:1e:49:19:cb:ee:ea:a1:23:ca:
a2:93:2d:bb:9f:f2:c1:7b:d1:a9:2b:18:d2:d1:c3:
64:02:12:f0:ba:49:99:df:84:3b:ee:87:26:d7:00:
e0:22:0b:28:c4:89:0d:80:80:a1:22:33:df:ca:a5:
32:30:6d:2a:06:f1:47:a5:a6:47:3e:78:14:66:03:
86:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:2E:A6:74:80:EC:62:09:B0:D7:2D:69:34:E8:2D:9C:3B:DC:D6:23
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a93bdc2-823c-416a-ac40-6f6c823bcef9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:1080::/48
Signature Algorithm: sha256WithRSAEncryption
40:3b:3d:88:5f:5a:45:79:c3:78:7b:4d:b5:79:35:d7:7f:ea:
76:21:ee:d2:1f:c6:7c:e6:58:94:a6:77:21:05:de:22:00:d2:
44:52:bd:e3:10:2a:c7:51:44:7d:91:9b:94:fa:5e:ae:1f:ce:
a2:bd:c0:1a:cf:4b:a9:ed:ea:ae:43:e4:43:03:cf:33:4a:40:
1e:85:8e:98:6d:87:4a:ae:54:bf:e1:d5:9e:df:be:6a:8a:51:
da:5d:9f:8d:4b:89:0d:16:4e:99:df:24:51:3f:16:e9:5d:09:
79:a8:e5:6f:77:3b:4b:10:b3:3e:85:74:9c:88:43:43:e1:fa:
4b:1b:37:e6:2c:4b:49:0d:b0:9f:3d:07:4a:95:c1:71:89:ec:
34:3d:17:02:24:e8:5a:2a:57:f9:00:1d:49:2e:6e:43:fe:a3:
5d:b4:20:56:8a:b8:70:4a:06:58:8b:7c:e0:e0:51:73:dc:7f:
56:ba:df:a9:58:d2:5c:c9:28:24:7d:72:f8:fd:3d:bb:c6:62:
40:1e:60:c5:47:e7:bf:f2:e3:e5:8a:da:46:94:ee:cb:be:b4:
ff:30:47:7b:2a:39:39:ed:7f:78:17:16:e4:ef:1d:c8:ca:7b:
a5:a7:22:57:02:99:09:ce:1e:5c:81:62:63:d7:d1:48:c9:f1:
29:66:74:97
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOIokKGZkL4qSvOCOrG0SIcTTOC4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTExMjFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzNjIxMTExOTk5NjYzZmNiZjVjMDRlNjUzMmNjNmE4NTM3NjRiNDBmZjUy
MTFjZGNhNDk3MDEyZDZjMmMyOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMH+8tisQQ1uHHwMJ+dX/PULamEwU+z0W2PmHu1Fk5Lk/zukjrvP/SK77aZ
+mPZ4Lo09TIsKAGhQ4XJf3GJMwryPQmLRVfXVn0+n/VyMTQRsMMp2GQDfSNgM56s
jki1CW3cGpRbJommpoBs0IAgWtY5SYUHkbQhbbUl+VVsXbkXJkplGoQwFeQosd0l
6foJFiYOpKnTHeNZBONUWBEYck4a19QGTbCAVmSaIOlqRmhZ9E/8sHhgiS43HkkZ
y+7qoSPKopMtu5/ywXvRqSsY0tHDZAIS8LpJmd+EO+6HJtcA4CILKMSJDYCAoSIz
38qlMjBtKgbxR6WmRz54FGYDhpMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQuLqZ0
gOxiCbDXLWk06C2cO9zWIzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmE5M2JkYzItODIzYy00MTZhLWFjNDAtNmY2YzgyM2JjZWY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAQDs9iF9aRXnDeHtNtXk113/qdiHu0h/GfOZY
lKZ3IQXeIgDSRFK94xAqx1FEfZGblPperh/Oor3AGs9Lqe3qrkPkQwPPM0pAHoWO
mG2HSq5Uv+HVnt++aopR2l2fjUuJDRZOmd8kUT8W6V0Jeajlb3c7SxCzPoV0nIhD
Q+H6Sxs35ixLSQ2wnz0HSpXBcYnsND0XAiToWipX+QAdSS5uQ/6jXbQgVoq4cEoG
WIt84OBRc9x/VrrfqVjSXMkoJH1y+P09u8ZiQB5gxUfnv/Lj5YraRpTuy760/zBH
eyo5Oe1/eBcW5O8dyMp7paciVwKZCc4eXIFiY9fRSMnxKWZ0lw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:08 2025 by rpki-client