Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
File: 2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa (raw, json)
Hash identifier: ixO+AHa7hXTEjxx2UUHxNaXqOgz72HLZqi3sp3jPziw=
Subject key identifier: 1C:CC:41:4A:49:22:46:3E:2E:6D:A9:9E:DE:ED:D3:67:F0:A5:B2:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 084851569089FA40D083E3FAA6B2B66E9733BA70
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
Signing time: Tue 05 Aug 2025 19:31:33 +0000
ROA not before: Tue 05 Aug 2025 19:31:33 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:48:51:56:90:89:fa:40:d0:83:e3:fa:a6:b2:b6:6e:97:33:ba:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:31:33 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=800adb2a0bf925e403719c11cbe0ff56532dac565d9cafd834d4383081b5f0f2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:8e:8c:30:0e:63:8a:73:95:e3:74:b4:86:f1:
7f:be:04:ed:d8:a8:70:59:7f:ac:24:79:be:00:12:
b2:0e:42:5c:32:e0:58:77:e9:1b:76:10:ec:cb:2b:
b9:c7:28:ed:71:e0:8e:40:26:c6:cd:28:a0:a4:4f:
41:44:a1:e2:f0:72:c4:46:3b:62:13:1d:93:29:bb:
e2:f2:6b:ec:0c:3e:5c:31:a7:fb:93:08:25:2b:49:
4e:9a:f5:7e:2a:10:1a:fa:a0:2f:26:79:7d:7b:44:
ac:b2:0d:b6:82:1b:0f:86:bd:f4:9e:6b:66:4d:43:
55:5e:ec:94:7b:a2:04:02:70:3e:5e:9f:c3:e1:e3:
37:1b:ac:e9:3d:4d:43:eb:b2:d2:1b:4a:6e:d2:51:
bf:b2:d1:88:e2:69:86:07:9c:16:b5:c6:f6:84:96:
da:dc:5e:79:89:f2:b2:8e:26:dc:e3:cc:73:cd:49:
7b:aa:86:0e:67:f4:3e:ca:31:aa:95:46:f6:4c:6e:
37:5f:56:9d:20:2a:f3:74:4b:39:69:55:ea:90:60:
d0:89:3f:79:52:9d:7c:bd:cd:18:00:4d:4a:40:7d:
a1:f4:03:ff:28:38:db:ea:0d:1d:ad:86:9c:7f:9c:
42:27:5c:63:8c:cb:0e:a6:d7:2e:a7:70:89:60:42:
f4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:CC:41:4A:49:22:46:3E:2E:6D:A9:9E:DE:ED:D3:67:F0:A5:B2:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6000::/40
Signature Algorithm: sha256WithRSAEncryption
52:dc:4b:b4:8a:99:2d:94:2b:53:0b:60:fa:55:d9:9f:4f:24:
02:83:ab:81:7e:26:db:4e:95:b6:0b:98:04:36:9b:68:48:f6:
c8:b3:8f:5c:12:9a:f5:ca:f3:89:ca:44:15:3b:46:e3:77:66:
20:17:db:13:ef:2c:dd:3f:f6:86:93:26:91:38:73:b5:52:fe:
1a:f2:f2:7d:a4:d6:0d:7e:81:73:42:47:31:8f:6d:75:2b:93:
dc:d7:83:3b:2f:ee:33:a0:94:2c:b3:a9:7a:32:45:16:06:82:
6b:43:54:9a:05:a3:a1:8c:ed:fc:cf:04:13:2d:2e:2e:10:85:
27:85:ca:b1:36:15:3d:44:22:a7:dc:4d:de:a9:9d:5b:ff:0a:
06:11:d3:53:7a:2f:2d:c6:31:f5:2d:90:34:b4:52:94:6d:38:
6b:4c:e3:7c:cc:37:d3:99:34:1c:09:2e:89:ff:1f:f6:12:1b:
f6:d2:5b:73:2d:11:7e:bf:0d:e6:65:83:8d:ea:66:46:a8:5e:
40:1f:7d:e0:d1:55:43:ae:f5:77:15:01:c5:b7:ac:06:8b:66:
9e:4b:7b:df:ae:23:e5:f5:08:86:63:b1:70:d3:f3:40:59:7f:
b2:80:da:51:ab:10:37:44:d2:a1:f2:80:71:2f:fb:c4:3b:f3:
75:aa:47:55
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCEhRVpCJ+kDQg+P6prK2bpczunAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMxMzNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwMGFkYjJhMGJmOTI1ZTQwMzcxOWMxMWNiZTBmZjU2NTMyZGFjNTY1ZDlj
YWZkODM0ZDQzODMwODFiNWYwZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOiOjDAOY4pzleN0tIbxf74E7diocFl/rCR5vgASsg5CXDLgWHfpG3YQ7Msr
ucco7XHgjkAmxs0ooKRPQUSh4vByxEY7YhMdkym74vJr7Aw+XDGn+5MIJStJTpr1
fioQGvqgLyZ5fXtErLINtoIbD4a99J5rZk1DVV7slHuiBAJwPl6fw+HjNxus6T1N
Q+uy0htKbtJRv7LRiOJphgecFrXG9oSW2txeeYnyso4m3OPMc81Je6qGDmf0Psox
qpVG9kxuN19WnSAq83RLOWlV6pBg0Ik/eVKdfL3NGABNSkB9ofQD/yg42+oNHa2G
nH+cQidcY4zLDqbXLqdwiWBC9PUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQczEFK
SSJGPi5tqZ7e7dNn8KWy0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmIwZGUxMmEtZWMxZC00NjViLThmMzgtNjhhMmRkNmExOWRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABg
MA0GCSqGSIb3DQEBCwUAA4IBAQBS3Eu0ipktlCtTC2D6VdmfTyQCg6uBfibbTpW2
C5gENptoSPbIs49cEpr1yvOJykQVO0bjd2YgF9sT7yzdP/aGkyaROHO1Uv4a8vJ9
pNYNfoFzQkcxj211K5Pc14M7L+4zoJQss6l6MkUWBoJrQ1SaBaOhjO38zwQTLS4u
EIUnhcqxNhU9RCKn3E3eqZ1b/woGEdNTei8txjH1LZA0tFKUbThrTON8zDfTmTQc
CS6J/x/2Ehv20ltzLRF+vw3mZYON6mZGqF5AH33g0VVDrvV3FQHFt6wGi2aeS3vf
riPl9QiGY7Fw0/NAWX+ygNpRqxA3RNKh8oBxL/vEO/N1qkdV
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:41 2025 by rpki-client