Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
File: 2ab74891-6199-47fc-bcde-b8022379067c.roa (raw, json)
Hash identifier: oWKs9nmUcRyBszrHR22dj2QY0KnsTl0TtZZEN12JlMM=
Subject key identifier: 08:3A:D7:F8:0F:52:78:DA:20:DE:F1:8D:B2:5B:7F:E1:A8:AD:D1:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58D089443843EEE0FCB7EC19FF58ABD3B3CF5FE6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
Signing time: Wed 06 Aug 2025 00:50:52 +0000
ROA not before: Wed 06 Aug 2025 00:50:52 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:d0:89:44:38:43:ee:e0:fc:b7:ec:19:ff:58:ab:d3:b3:cf:5f:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:52 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=1640884e44d2bc578d6f66b496d9f76906e8d8237405a1ffd07d814ed5af54c9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:1a:05:11:26:f2:ff:69:33:6c:2e:50:56:82:
93:5f:5b:1f:54:bf:06:34:56:21:d2:a9:a3:77:61:
bc:49:d1:dc:fd:0d:44:34:61:af:43:d9:8d:fd:ea:
0c:00:63:23:7e:7f:4a:76:3e:a9:06:3e:87:c8:28:
94:3c:fe:b3:b1:15:e6:91:07:5d:e2:43:93:b8:22:
49:78:93:de:9b:1c:ff:95:14:bb:83:d9:c7:29:ff:
fa:8e:fe:cc:94:d6:76:a3:9b:62:22:a9:2f:00:16:
3f:59:60:c3:08:d5:03:42:41:0b:5a:f8:00:a1:92:
6f:4a:d9:ff:8a:7c:19:09:2a:dd:5c:5a:44:26:1d:
50:f0:c8:cf:41:67:bc:70:03:8f:8c:1b:cc:e1:a8:
89:cb:d4:99:c9:d7:33:a3:fb:78:b8:63:25:e3:10:
6e:9a:d7:b7:a6:fb:8c:7f:35:d2:04:2d:fb:29:12:
cb:2b:e8:18:f2:12:fa:7b:98:cb:b3:a3:dd:77:00:
5e:5f:39:7f:d1:11:72:25:d9:8f:7d:c3:20:36:99:
bd:a3:bf:6c:1a:d5:f5:05:6d:64:52:30:95:60:41:
c5:a0:0d:6e:1f:28:11:fd:b0:dc:db:c0:6c:dc:dd:
3e:54:03:4f:46:99:4e:5e:5d:ba:4e:56:5b:36:d1:
dd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:3A:D7:F8:0F:52:78:DA:20:DE:F1:8D:B2:5B:7F:E1:A8:AD:D1:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:4000::/40
Signature Algorithm: sha256WithRSAEncryption
aa:f1:99:19:d4:d6:d2:22:73:50:59:7a:a3:cb:4c:cc:e3:ed:
e5:b3:bc:73:30:78:fb:96:7d:7d:cc:64:50:f6:e4:0d:d4:30:
94:13:f3:01:9d:d6:b3:f3:01:4b:d4:61:53:ee:ae:e1:11:be:
9b:6c:bd:ec:86:2c:94:27:0d:6f:af:58:73:f4:6a:2a:34:a0:
fc:6e:08:a3:03:6a:91:7e:31:8e:7b:13:f7:bc:8a:c7:53:89:
8d:1b:df:71:e6:6d:cb:08:0a:b4:ea:17:8b:0e:29:d3:f7:35:
fc:62:10:ac:c0:bf:5f:da:5d:0f:91:12:5e:56:9d:12:b3:96:
2a:81:3c:97:93:95:78:e6:8c:f2:f5:88:36:81:68:ba:14:b6:
8d:74:0c:ec:ce:37:ef:9f:ec:b3:45:5d:8d:d2:fd:7c:71:16:
66:1c:1c:e1:7a:f7:d6:a8:8b:c6:f3:d3:e5:a0:35:32:84:12:
f3:18:f4:89:0b:48:74:85:54:59:36:49:09:2a:02:7e:c2:4d:
33:07:e0:ea:3c:17:47:35:d3:c1:9c:1f:f2:56:3b:0c:3e:b3:
3b:b6:25:1e:3f:1c:fe:99:25:7a:52:44:2a:69:d0:b3:2e:25:
50:84:92:8e:34:ce:ee:65:d8:7d:e7:63:64:70:c4:c0:7f:80:
85:24:b4:a5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWNCJRDhD7uD8t+wZ/1ir07PPX+YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwNTJaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2NDA4ODRlNDRkMmJjNTc4ZDZmNjZiNDk2ZDlmNzY5MDZlOGQ4MjM3NDA1
YTFmZmQwN2Q4MTRlZDVhZjU0YzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANkaBREm8v9pM2wuUFaCk19bH1S/BjRWIdKpo3dhvEnR3P0NRDRhr0PZjf3q
DABjI35/SnY+qQY+h8golDz+s7EV5pEHXeJDk7giSXiT3psc/5UUu4PZxyn/+o7+
zJTWdqObYiKpLwAWP1lgwwjVA0JBC1r4AKGSb0rZ/4p8GQkq3VxaRCYdUPDIz0Fn
vHADj4wbzOGoicvUmcnXM6P7eLhjJeMQbprXt6b7jH810gQt+ykSyyvoGPIS+nuY
y7Oj3XcAXl85f9ERciXZj33DIDaZvaO/bBrV9QVtZFIwlWBBxaANbh8oEf2w3NvA
bNzdPlQDT0aZTl5duk5WWzbR3RkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQIOtf4
D1J42iDe8Y2yW3/hqK3RAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmFiNzQ4OTEtNjE5OS00N2ZjLWJjZGUtYjgwMjIzNzkwNjdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhA
MA0GCSqGSIb3DQEBCwUAA4IBAQCq8ZkZ1NbSInNQWXqjy0zM4+3ls7xzMHj7ln19
zGRQ9uQN1DCUE/MBndaz8wFL1GFT7q7hEb6bbL3shiyUJw1vr1hz9GoqNKD8bgij
A2qRfjGOexP3vIrHU4mNG99x5m3LCAq06heLDinT9zX8YhCswL9f2l0PkRJeVp0S
s5YqgTyXk5V45ozy9Yg2gWi6FLaNdAzszjfvn+yzRV2N0v18cRZmHBzhevfWqIvG
89PloDUyhBLzGPSJC0h0hVRZNkkJKgJ+wk0zB+DqPBdHNdPBnB/yVjsMPrM7tiUe
Pxz+mSV6UkQqadCzLiVQhJKONM7uZdh952NkcMTAf4CFJLSl
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:45 2025 by rpki-client