Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
File: 2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa (raw, json)
Hash identifier: PTu45aQZ5ok3IbPFPBcxTKWWk8epKMpZM3k+uNkdNyo=
Subject key identifier: F9:D0:BA:50:F2:78:42:21:A1:DA:0F:61:62:FE:8C:D1:58:C7:35:C2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38DCF9C892DD36B5457BA70D347ED32AF1CC61E8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
Signing time: Tue 05 Aug 2025 19:41:18 +0000
ROA not before: Tue 05 Aug 2025 19:41:18 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:dc:f9:c8:92:dd:36:b5:45:7b:a7:0d:34:7e:d3:2a:f1:cc:61:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:41:18 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=2028073effdd1c7317580e5c11683c848920384fd9a871824f021b6ab07860d7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a5:da:c6:d9:e7:f8:83:f0:66:f2:a1:ab:a0:
86:76:67:f5:f5:81:b3:42:b3:cc:21:7d:46:75:ef:
27:be:79:92:80:53:6e:b5:a0:cc:56:b0:dc:94:8e:
b5:d5:9d:73:ff:85:cc:a8:aa:f3:f2:37:75:38:cb:
33:69:9a:01:ff:e3:d8:ae:95:cc:c1:b2:4a:e3:e7:
ce:b6:0e:6a:91:6e:88:4b:e7:0c:84:a2:0c:bb:69:
ca:a3:3a:59:20:e2:0b:4e:37:c9:c3:72:72:cd:65:
14:80:24:50:54:71:35:37:c2:88:dd:64:09:b7:46:
c2:54:4a:87:05:6e:22:d8:38:95:92:5e:bc:19:55:
82:8c:76:0b:51:31:bd:73:97:d1:3d:25:e5:03:14:
48:16:1f:65:40:25:df:ab:3c:ac:33:a1:2d:a9:66:
64:50:a6:24:72:e7:40:93:7a:b2:93:5c:21:f6:be:
ce:7b:dd:8c:c1:e9:ca:a6:5b:32:65:59:17:67:7e:
bd:1e:7e:9d:41:8b:50:04:bf:0a:8a:74:d4:99:4b:
71:4a:b8:e9:ea:34:5a:e5:64:77:80:ac:c2:7c:6f:
58:11:ee:3f:fd:80:8a:53:95:ff:fe:b8:28:d0:b7:
7a:a6:8d:1e:f6:ac:8e:51:08:73:2c:49:53:cd:1e:
43:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:D0:BA:50:F2:78:42:21:A1:DA:0F:61:62:FE:8C:D1:58:C7:35:C2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:a000::/40
Signature Algorithm: sha256WithRSAEncryption
b1:3a:59:18:7f:79:f5:08:14:ab:59:04:ce:ea:60:6c:c4:59:
e4:f9:e0:ca:f8:dc:2f:13:c1:47:e4:4d:f2:3d:08:b3:95:69:
e5:48:50:b5:15:ba:35:57:2a:99:f9:48:b4:1a:d7:0e:1d:16:
c0:d9:1f:0b:07:96:98:b0:c8:70:01:60:45:0e:3b:84:64:99:
a3:54:ae:d1:97:45:19:3a:0b:96:f4:ad:f5:fd:91:5b:9c:6a:
b6:f3:1d:19:0b:d8:4c:f7:49:99:96:52:9f:c9:26:3c:3f:a2:
9e:ba:af:96:a9:18:66:7d:04:b9:e7:90:cc:65:72:35:f5:d5:
69:c4:b5:e2:eb:95:c7:a7:dc:66:e2:d9:61:b1:3c:31:8f:68:
81:81:07:8b:bd:19:5a:87:5f:9b:a7:af:7f:da:e0:02:c6:d0:
8b:a2:2e:80:74:4e:bd:a2:48:0f:f0:e9:89:44:82:f4:2d:4c:
a3:f1:f6:f7:18:9e:c1:cc:b9:25:1d:0e:9e:e4:90:eb:43:f3:
78:4e:1a:8d:90:24:59:23:4d:85:2c:6e:1b:e8:69:0f:25:cc:
df:24:b0:f5:cb:40:85:26:0d:42:77:76:b1:68:48:33:ce:0d:
bd:64:a5:1f:7c:11:0c:5d:15:d8:61:21:df:15:09:dd:37:5f:
a2:cb:29:a3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUONz5yJLdNrVFe6cNNH7TKvHMYegwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQxMThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwMjgwNzNlZmZkZDFjNzMxNzU4MGU1YzExNjgzYzg0ODkyMDM4NGZkOWE4
NzE4MjRmMDIxYjZhYjA3ODYwZDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6l2sbZ5/iD8GbyoaughnZn9fWBs0KzzCF9RnXvJ755koBTbrWgzFaw3JSO
tdWdc/+FzKiq8/I3dTjLM2maAf/j2K6VzMGySuPnzrYOapFuiEvnDISiDLtpyqM6
WSDiC043ycNycs1lFIAkUFRxNTfCiN1kCbdGwlRKhwVuItg4lZJevBlVgox2C1Ex
vXOX0T0l5QMUSBYfZUAl36s8rDOhLalmZFCmJHLnQJN6spNcIfa+znvdjMHpyqZb
MmVZF2d+vR5+nUGLUAS/Cop01JlLcUq46eo0WuVkd4CswnxvWBHuP/2AilOV//64
KNC3eqaNHvasjlEIcyxJU80eQxcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT50LpQ
8nhCIaHaD2Fi/ozRWMc1wjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRjN2I1NjQtYzNlMS00OWVmLWE3OGMtZjM2ZjQxMzliNDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hig
MA0GCSqGSIb3DQEBCwUAA4IBAQCxOlkYf3n1CBSrWQTO6mBsxFnk+eDK+NwvE8FH
5E3yPQizlWnlSFC1Fbo1VyqZ+Ui0GtcOHRbA2R8LB5aYsMhwAWBFDjuEZJmjVK7R
l0UZOguW9K31/ZFbnGq28x0ZC9hM90mZllKfySY8P6Keuq+WqRhmfQS555DMZXI1
9dVpxLXi65XHp9xm4tlhsTwxj2iBgQeLvRlah1+bp69/2uACxtCLoi6AdE69okgP
8OmJRIL0LUyj8fb3GJ7BzLklHQ6e5JDrQ/N4ThqNkCRZI02FLG4b6GkPJczfJLD1
y0CFJg1Cd3axaEgzzg29ZKUffBEMXRXYYSHfFQndN1+iyymj
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:11 2025 by rpki-client