Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
File: 2cee858e-c572-427b-8123-23b2e05abc40.roa (raw, json)
Hash identifier: T895kOSb+cLKkxzHynYVwEABgtXvJ9IUXD3wz9WQN2g=
Subject key identifier: BF:74:C1:3C:6A:08:8B:E4:80:04:C7:6D:0C:86:D7:D7:5F:1D:BC:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7BFF1F7F617E3DA1036F1785807A1B181384B339
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
Signing time: Tue 05 Aug 2025 18:40:50 +0000
ROA not before: Tue 05 Aug 2025 18:40:50 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:ff:1f:7f:61:7e:3d:a1:03:6f:17:85:80:7a:1b:18:13:84:b3:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:40:50 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=1488c9612f4f2e9a83dbdc0abf9ddf886726d7447c06b30b9aba570eb28f3c07, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:89:36:57:87:8d:c9:4a:3f:d9:43:d7:a4:a3:
77:32:79:7a:bc:d2:73:8a:93:0a:08:6d:34:e4:83:
a9:10:c8:4a:03:a0:48:a1:8b:89:32:18:ce:ce:f1:
40:6d:21:d5:5b:02:fc:c8:dd:cb:de:e2:05:d4:f5:
b2:08:35:57:83:89:bd:4a:fc:5d:d1:a1:76:95:6f:
80:1a:05:6a:6b:4e:0b:64:b5:f0:ef:a4:52:95:dc:
83:1e:bf:14:e5:0a:12:01:bb:8d:ec:b0:5d:47:c4:
7c:45:c8:07:96:4a:31:a3:93:fe:67:01:fb:b1:6f:
1b:9c:69:47:06:82:b7:f2:af:6e:ea:61:64:0a:af:
f5:43:85:09:43:da:80:62:f7:ac:70:e2:e7:a0:28:
39:0a:d6:37:a2:d9:54:55:e2:52:f2:2d:f7:cd:02:
98:d7:df:76:c4:11:cb:37:9d:8a:7a:06:8f:3f:4b:
34:b0:cc:dc:40:46:dc:e8:bc:af:28:6d:a8:b7:c6:
40:93:ac:4e:bb:22:ae:e0:8a:1a:d4:64:4e:8e:d6:
61:4c:6f:ff:41:99:73:88:24:df:79:2a:2b:09:c1:
07:32:a8:2d:b2:11:39:e6:e8:04:ce:26:08:54:fa:
8c:c7:1e:54:90:36:ed:01:15:59:11:69:94:c8:b4:
ab:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:74:C1:3C:6A:08:8B:E4:80:04:C7:6D:0C:86:D7:D7:5F:1D:BC:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c080::/48
Signature Algorithm: sha256WithRSAEncryption
9e:0e:74:78:86:db:ea:50:a6:37:af:67:ed:a7:d3:61:3e:67:
67:bb:dc:b1:a0:1b:ed:b0:14:0e:29:74:10:80:43:e2:85:d6:
eb:d5:0b:58:3f:f7:1a:8b:40:2a:f4:20:d7:7b:72:4e:ee:f7:
db:d5:21:3f:07:56:b1:85:62:ee:4a:7e:dd:13:4b:2c:2a:a6:
68:53:5a:4b:0b:d0:78:a9:6a:45:9c:99:2c:29:95:3f:f5:02:
e3:85:c1:73:a6:bf:d4:bb:eb:97:7b:09:71:73:ca:43:68:b8:
cf:a5:cf:72:ed:b7:f2:ab:26:a4:48:1b:f3:6f:dc:15:c6:42:
81:71:e8:fd:af:c7:84:c8:30:2a:f9:0f:4e:c4:b6:4c:b8:ef:
7a:0e:c7:a3:d5:f4:17:15:c8:ed:b1:c0:6e:bd:98:d4:5d:88:
5c:ff:32:1a:9e:e4:59:6d:c5:88:ca:6d:52:17:6c:05:47:42:
60:11:88:b8:41:3f:ef:82:9f:cc:8f:ba:72:fb:85:3f:55:af:
f3:6a:57:69:c8:64:51:40:b4:ac:a8:52:c7:a4:06:ae:eb:19:
5f:a9:4f:96:e4:5e:4c:0b:43:0e:f8:b2:7a:84:95:7d:67:9b:
1e:d3:22:34:ce:ee:9f:b0:3b:38:10:2a:82:ea:35:a3:88:45:
86:d1:b1:05
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe/8ff2F+PaEDbxeFgHobGBOEszkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQwNTBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0ODhjOTYxMmY0ZjJlOWE4M2RiZGMwYWJmOWRkZjg4NjcyNmQ3NDQ3YzA2
YjMwYjlhYmE1NzBlYjI4ZjNjMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM6JNleHjclKP9lD16SjdzJ5erzSc4qTCghtNOSDqRDISgOgSKGLiTIYzs7x
QG0h1VsC/Mjdy97iBdT1sgg1V4OJvUr8XdGhdpVvgBoFamtOC2S18O+kUpXcgx6/
FOUKEgG7jeywXUfEfEXIB5ZKMaOT/mcB+7FvG5xpRwaCt/KvbuphZAqv9UOFCUPa
gGL3rHDi56AoOQrWN6LZVFXiUvIt980CmNffdsQRyzedinoGjz9LNLDM3EBG3Oi8
ryhtqLfGQJOsTrsiruCKGtRkTo7WYUxv/0GZc4gk33kqKwnBBzKoLbIROeboBM4m
CFT6jMceVJA27QEVWRFplMi0q30CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS/dME8
agiL5IAEx20MhtfXXx281TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmNlZTg1OGUtYzU3Mi00MjdiLTgxMjMtMjNiMmUwNWFiYzQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
gDANBgkqhkiG9w0BAQsFAAOCAQEAng50eIbb6lCmN69n7afTYT5nZ7vcsaAb7bAU
Dil0EIBD4oXW69ULWD/3GotAKvQg13tyTu7329UhPwdWsYVi7kp+3RNLLCqmaFNa
SwvQeKlqRZyZLCmVP/UC44XBc6a/1Lvrl3sJcXPKQ2i4z6XPcu238qsmpEgb82/c
FcZCgXHo/a/HhMgwKvkPTsS2TLjveg7Ho9X0FxXI7bHAbr2Y1F2IXP8yGp7kWW3F
iMptUhdsBUdCYBGIuEE/74KfzI+6cvuFP1Wv82pXachkUUC0rKhSx6QGrusZX6lP
luReTAtDDviyeoSVfWebHtMiNM7un7A7OBAqguo1o4hFhtGxBQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:31 2025 by rpki-client