Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
File: 2f449809-abd8-4202-adc3-ce8dd1767b62.roa (raw, json)
Hash identifier: /l+WMMHpaWrAsGJ1nYZuh29XYbPkau1ctJxPS3eC/mY=
Subject key identifier: ED:09:B8:1B:54:05:81:AF:7E:9B:23:B5:95:D0:4F:66:4E:08:FB:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 164085D6C2E9CCE08789EFBA9E7E3F7F7C93E0C4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
Signing time: Wed 06 Aug 2025 00:51:23 +0000
ROA not before: Wed 06 Aug 2025 00:51:23 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:40:85:d6:c2:e9:cc:e0:87:89:ef:ba:9e:7e:3f:7f:7c:93:e0:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:51:23 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=a379eb34fe654da8589054c45efcd3e6bfbc892d966ea6b471697af613cf1b27, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:81:c5:b8:eb:52:26:c8:f0:5a:db:60:33:07:
b3:5f:3d:5c:c7:22:a1:99:87:d9:b3:f2:17:f8:cd:
e5:f8:77:41:43:73:74:08:c2:90:00:4e:fc:ea:7a:
08:da:cc:c3:04:82:20:14:bb:0a:09:da:06:c3:13:
7e:89:3e:cc:a2:03:d0:05:9e:7d:e2:38:f3:a2:c9:
68:d7:d8:37:28:5e:32:6a:23:e6:34:8e:9f:41:f3:
4e:02:f8:07:da:a1:11:a3:f0:91:f0:71:8e:c2:16:
40:4f:8e:d5:5d:99:dc:e2:60:c7:2a:9f:c1:32:85:
50:03:33:5b:1a:bd:75:4b:a9:b5:7a:46:6f:25:b7:
06:6e:93:7d:fa:50:64:5a:78:72:9a:37:e2:6f:1d:
0a:2a:3a:be:0d:3b:10:ce:ab:af:84:a4:78:df:54:
24:d5:88:a9:31:c7:d7:de:c3:be:98:94:7a:82:aa:
fa:f5:e9:47:2e:aa:d0:7b:a8:d9:93:5f:1e:2e:cf:
94:4f:3f:ac:6e:01:e7:ae:b8:7e:62:1a:d9:6c:44:
97:7f:a6:c2:38:12:66:5f:6f:9e:09:a3:6e:80:c5:
45:09:1a:28:aa:5d:26:11:33:c7:b3:c8:15:ff:3a:
92:32:be:dc:c9:14:06:00:aa:63:d7:a9:d7:db:58:
dc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:09:B8:1B:54:05:81:AF:7E:9B:23:B5:95:D0:4F:66:4E:08:FB:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:5000::/40
Signature Algorithm: sha256WithRSAEncryption
a7:2d:5f:ff:55:d0:0a:b0:4e:03:c4:49:cd:02:2f:76:27:7a:
f4:4f:0d:4c:96:84:7b:ed:65:92:07:04:b2:54:bd:f9:af:09:
45:95:5d:b7:22:f1:db:23:70:ae:39:5b:89:3e:15:2b:53:a2:
a3:a9:65:40:8b:32:bd:d2:ad:ac:17:64:bf:aa:e2:2f:2b:c4:
04:2c:ad:7f:ea:b7:00:bd:35:96:46:bc:8e:ba:52:ad:98:f6:
36:14:77:71:26:41:6d:dd:82:12:3c:d0:3b:61:3e:f5:0b:bc:
c6:f4:d6:66:76:9b:e6:ec:64:c0:1d:11:2d:5f:11:bc:e4:ad:
cc:4a:6d:b2:5b:33:54:1a:da:da:29:48:b2:ef:0d:7d:61:cd:
10:82:2f:11:9c:43:00:c7:66:8a:b4:47:c4:b6:1b:43:2e:1e:
98:a2:08:d2:bb:a3:78:b2:4f:71:3a:b1:56:cb:aa:b8:54:82:
6a:42:7a:71:dd:9e:d9:f9:3e:c3:24:d8:34:91:b1:18:87:d2:
86:43:12:d7:09:7f:1d:b5:f6:1b:d4:4d:f0:f3:bf:ef:f3:be:
93:eb:56:db:8f:27:f9:ed:d5:88:5d:7f:a9:48:ae:67:49:94:
1e:01:fb:1d:90:5d:c7:ac:65:78:74:e9:d0:3c:90:ff:af:36:
7d:83:c0:3f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFkCF1sLpzOCHie+6nn4/f3yT4MQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUxMjNaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzNzllYjM0ZmU2NTRkYTg1ODkwNTRjNDVlZmNkM2U2YmZiYzg5MmQ5NjZl
YTZiNDcxNjk3YWY2MTNjZjFiMjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGBxbjrUibI8FrbYDMHs189XMcioZmH2bPyF/jN5fh3QUNzdAjCkABO/Op6
CNrMwwSCIBS7CgnaBsMTfok+zKID0AWefeI486LJaNfYNyheMmoj5jSOn0HzTgL4
B9qhEaPwkfBxjsIWQE+O1V2Z3OJgxyqfwTKFUAMzWxq9dUuptXpGbyW3Bm6TffpQ
ZFp4cpo34m8dCio6vg07EM6rr4SkeN9UJNWIqTHH197DvpiUeoKq+vXpRy6q0Huo
2ZNfHi7PlE8/rG4B5664fmIa2WxEl3+mwjgSZl9vngmjboDFRQkaKKpdJhEzx7PI
Ff86kjK+3MkUBgCqY9ep19tY3FsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTtCbgb
VAWBr36bI7WV0E9mTgj7ajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmY0NDk4MDktYWJkOC00MjAyLWFkYzMtY2U4ZGQxNzY3YjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCnLV//VdAKsE4DxEnNAi92J3r0Tw1MloR77WWS
BwSyVL35rwlFlV23IvHbI3CuOVuJPhUrU6KjqWVAizK90q2sF2S/quIvK8QELK1/
6rcAvTWWRryOulKtmPY2FHdxJkFt3YISPNA7YT71C7zG9NZmdpvm7GTAHREtXxG8
5K3MSm2yWzNUGtraKUiy7w19Yc0Qgi8RnEMAx2aKtEfEthtDLh6YogjSu6N4sk9x
OrFWy6q4VIJqQnpx3Z7Z+T7DJNg0kbEYh9KGQxLXCX8dtfYb1E3w87/v876T61bb
jyf57dWIXX+pSK5nSZQeAfsdkF3HrGV4dOnQPJD/rzZ9g8A/
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:27 2025 by rpki-client