Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
File: 2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa (raw, json)
Hash identifier: yqL1kw68mwEC2XRT8ZGaODB990XyOOdnBmbMS3ONaqU=
Subject key identifier: 25:17:64:AA:3C:8B:28:8D:51:48:CE:39:27:BE:CA:FF:03:ED:71:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 18BB32D609D2545FC31B7313407B54E34FF81776
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
Signing time: Tue 05 Aug 2025 20:01:40 +0000
ROA not before: Tue 05 Aug 2025 20:01:40 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:bb:32:d6:09:d2:54:5f:c3:1b:73:13:40:7b:54:e3:4f:f8:17:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:01:40 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=1e4ca8923ba5b5670713c21b0a50f1f897361515499482d9b9b9644886c5c5b1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:33:5a:79:d9:f5:61:5b:de:3c:06:11:c2:59:
36:38:25:e0:a3:f3:9a:c5:a8:6e:21:4b:37:88:77:
f1:b7:3e:79:a0:04:e0:ac:bd:0a:dd:6d:47:43:2b:
e2:4d:c1:37:d4:c5:13:07:00:36:66:07:5c:8a:b2:
95:2b:a2:33:a2:af:9d:04:e1:e4:4c:37:3f:36:21:
0e:46:c1:48:b2:d8:23:da:9b:bd:e9:88:3c:17:99:
c4:bd:71:bd:8d:b4:e8:df:ec:59:d0:40:d3:10:8d:
a1:39:7a:ff:18:50:7d:df:44:a2:eb:da:de:bd:f2:
b5:3d:fd:b8:c2:cb:2c:b1:66:5f:0c:8f:05:e1:e5:
c4:47:08:11:5b:25:e6:89:d2:af:65:dc:4f:79:41:
92:c5:66:3d:38:b6:cd:65:44:fd:80:ee:36:bc:f0:
16:55:21:4c:c6:44:45:ed:16:c6:24:e5:d4:33:aa:
d1:20:6d:ce:b7:c1:34:70:5a:1b:72:fd:bd:51:3f:
fd:ef:7d:6f:1a:4d:ea:21:a7:3e:59:9e:aa:ae:cc:
b5:a6:20:ba:39:7d:b4:0f:dd:94:6f:bd:4f:2f:bf:
69:1c:72:29:1d:61:a0:7f:fe:2a:ee:c2:06:ff:bd:
11:b8:e5:3e:dc:1f:fe:c9:39:e7:0a:20:e5:cb:1a:
11:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:17:64:AA:3C:8B:28:8D:51:48:CE:39:27:BE:CA:FF:03:ED:71:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:9000::/40
Signature Algorithm: sha256WithRSAEncryption
99:10:37:26:80:05:99:ba:8f:b2:6c:d2:b9:4d:01:86:d4:c8:
e0:af:67:9a:2e:72:49:ea:4c:99:9c:d0:6b:27:78:16:a4:8b:
4f:54:9a:1d:13:12:fc:ad:f6:f6:a2:53:48:f7:81:31:18:aa:
05:74:44:cf:06:44:31:ea:bb:28:32:93:c3:b4:37:44:89:96:
77:89:22:3d:0e:1a:fb:76:5c:07:e4:51:28:b2:3a:d6:58:40:
cc:af:e4:86:47:14:92:2a:cd:49:f4:9e:e5:23:e6:9f:96:32:
e7:7c:f4:3c:60:39:9b:ca:9d:ba:40:bb:46:ff:4f:d3:46:dc:
42:d6:64:04:1f:49:b7:cf:03:4c:a0:4f:f5:0d:2d:9a:8a:6e:
82:cb:76:d6:a2:27:bd:dc:49:34:1c:df:9a:fa:98:b0:eb:2f:
a9:e0:ed:32:dd:3d:e3:7e:88:1f:d3:90:99:88:cb:c8:85:02:
e6:7a:bb:d6:7b:77:d2:8d:cb:4f:a5:9b:8e:78:a6:54:dc:ff:
e2:e9:08:5d:df:0f:25:8b:fe:7c:79:c0:7a:61:f4:65:23:86:
a9:00:95:9e:e3:7e:43:64:f7:f7:aa:74:19:09:a2:ed:75:71:
12:2a:04:fb:b8:fd:5d:aa:81:15:c6:86:ea:6b:29:29:58:cf:
c0:ff:b9:f6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGLsy1gnSVF/DG3MTQHtU40/4F3YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAxNDBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlNGNhODkyM2JhNWI1NjcwNzEzYzIxYjBhNTBmMWY4OTczNjE1MTU0OTk0
ODJkOWI5Yjk2NDQ4ODZjNWM1YjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOYzWnnZ9WFb3jwGEcJZNjgl4KPzmsWobiFLN4h38bc+eaAE4Ky9Ct1tR0Mr
4k3BN9TFEwcANmYHXIqylSuiM6KvnQTh5Ew3PzYhDkbBSLLYI9qbvemIPBeZxL1x
vY206N/sWdBA0xCNoTl6/xhQfd9Eouva3r3ytT39uMLLLLFmXwyPBeHlxEcIEVsl
5onSr2XcT3lBksVmPTi2zWVE/YDuNrzwFlUhTMZERe0WxiTl1DOq0SBtzrfBNHBa
G3L9vVE//e99bxpN6iGnPlmeqq7MtaYgujl9tA/dlG+9Ty+/aRxyKR1hoH/+Ku7C
Bv+9EbjlPtwf/sk55wog5csaEQkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQlF2Sq
PIsojVFIzjknvsr/A+1xMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRmYjIwMmYtNjIwMi00OGRhLWEzYjMtOTRmMWFjMDAwYmM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCZEDcmgAWZuo+ybNK5TQGG1Mjgr2eaLnJJ6kyZ
nNBrJ3gWpItPVJodExL8rfb2olNI94ExGKoFdETPBkQx6rsoMpPDtDdEiZZ3iSI9
Dhr7dlwH5FEosjrWWEDMr+SGRxSSKs1J9J7lI+afljLnfPQ8YDmbyp26QLtG/0/T
RtxC1mQEH0m3zwNMoE/1DS2aim6Cy3bWoie93Ek0HN+a+piw6y+p4O0y3T3jfogf
05CZiMvIhQLmervWe3fSjctPpZuOeKZU3P/i6Qhd3w8li/58ecB6YfRlI4apAJWe
435DZPf3qnQZCaLtdXESKgT7uP1dqoEVxobqaykpWM/A/7n2
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:57 2025 by rpki-client