Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
File: 376be0fe-aebc-4855-80a4-ea95cf413b51.roa (raw, json)
Hash identifier: 9bAGooBhPKOBYm9U9uHHfJ5PvV1ikjWnh2NXMAara9E=
Subject key identifier: CD:39:56:1D:72:04:E0:D6:F4:5E:7F:82:05:79:0E:3A:0A:69:25:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63C21C3405F0CC758108692B737C14C4CE7224D3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
Signing time: Fri 15 Aug 2025 15:50:07 +0000
ROA not before: Fri 15 Aug 2025 15:50:07 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:c2:1c:34:05:f0:cc:75:81:08:69:2b:73:7c:14:c4:ce:72:24:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:50:07 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=bb22f97ff4c37c5bafa69a8877d3db3a1d065dfc1fdb0e61f91f259f9ecde2b6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b3:8e:c0:2f:06:2a:c7:31:5b:8f:df:05:22:
40:5e:01:82:cc:f3:9e:39:06:ce:cd:f6:37:6d:85:
4a:2e:ab:e7:19:77:21:39:d0:a5:37:f5:b1:ed:25:
54:53:8d:e3:a6:c3:8b:33:d0:05:6f:06:f3:b4:a3:
b3:bc:e3:af:de:86:ba:21:3d:17:6e:bf:71:85:22:
4d:b1:71:6c:e9:0f:02:1e:0b:7a:96:c7:e2:88:a8:
d3:ab:8b:9b:57:66:8c:46:aa:4e:43:f3:37:04:fd:
5f:64:dd:e0:69:74:8b:19:64:b7:0f:2f:b3:9a:cc:
4a:c2:79:d6:ba:0f:b6:cf:bb:bc:c9:eb:52:d7:46:
39:ab:a3:8c:b2:c8:7f:4d:32:37:c8:e2:e4:9b:54:
2b:fe:07:c6:cf:58:6b:16:82:2d:6f:7b:6a:e3:a5:
51:34:eb:d5:be:ce:39:22:f3:33:8f:4c:b6:be:b6:
60:df:e8:77:e8:6d:65:1d:15:6c:f1:72:a2:df:9b:
b7:47:fd:9e:4c:71:11:60:e1:68:4d:11:fd:eb:3f:
43:ca:fc:2a:1c:fa:0f:84:af:a4:a5:1e:b0:bc:58:
d7:be:ef:ab:12:ab:82:fa:7e:2d:16:c8:65:11:5b:
8a:e7:9b:9d:0c:ca:5f:07:51:d7:30:86:53:68:96:
82:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:39:56:1D:72:04:E0:D6:F4:5E:7F:82:05:79:0E:3A:0A:69:25:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/376be0fe-aebc-4855-80a4-ea95cf413b51.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:5000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:e9:63:8c:06:24:77:ea:01:a7:b0:ae:34:2b:9e:bb:26:ec:
10:e2:59:9d:34:98:1a:78:ac:e9:c4:e0:d6:0b:74:99:21:61:
7c:02:1d:ca:56:6c:54:ed:fa:4a:6f:cd:bf:4f:55:07:a8:d5:
54:dd:f8:1a:59:3d:c1:fa:a0:06:87:ce:6f:de:77:d8:87:3e:
d2:e1:8c:4b:a2:c2:25:00:ce:d6:29:d7:7d:fa:d1:17:1d:9b:
ef:2c:6e:47:a1:06:35:8f:65:c0:44:26:b8:f5:df:7b:e8:24:
90:21:5b:29:00:3c:5c:5f:32:f4:8a:c8:40:ec:b0:2f:b9:39:
da:5e:d0:dd:cb:4b:dc:ee:71:53:12:e9:ac:3b:06:cd:8c:b0:
15:03:1d:b7:8a:3c:ca:95:46:ac:04:4c:f5:0f:a5:1d:53:e1:
d3:fd:d7:2a:b8:02:02:e9:8e:29:4f:b1:5b:dc:7d:42:3f:e3:
2a:e5:ef:33:fc:bf:70:fc:e6:0d:02:ec:b8:ba:98:ff:b8:93:
34:18:66:41:a9:da:4b:fd:83:aa:61:5f:e5:d7:2c:75:d1:b1:
a0:a3:86:8c:a4:f6:a4:7d:02:db:8f:4a:70:71:61:69:27:89:
3e:23:8e:c6:24:8e:e5:86:ec:51:c2:30:ce:ca:04:aa:0e:53:
5c:28:41:81
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY8IcNAXwzHWBCGkrc3wUxM5yJNMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTUwMDdaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiMjJmOTdmZjRjMzdjNWJhZmE2OWE4ODc3ZDNkYjNhMWQwNjVkZmMxZmRi
MGU2MWY5MWYyNTlmOWVjZGUyYjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuzjsAvBirHMVuP3wUiQF4BgszznjkGzs32N22FSi6r5xl3ITnQpTf1se0l
VFON46bDizPQBW8G87Sjs7zjr96GuiE9F26/cYUiTbFxbOkPAh4LepbH4oio06uL
m1dmjEaqTkPzNwT9X2Td4Gl0ixlktw8vs5rMSsJ51roPts+7vMnrUtdGOaujjLLI
f00yN8ji5JtUK/4Hxs9YaxaCLW97auOlUTTr1b7OOSLzM49Mtr62YN/od+htZR0V
bPFyot+bt0f9nkxxEWDhaE0R/es/Q8r8Khz6D4SvpKUesLxY177vqxKrgvp+LRbI
ZRFbiuebnQzKXwdR1zCGU2iWgpcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTNOVYd
cgTg1vRef4IFeQ46CmklzjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mzc2YmUwZmUtYWViYy00ODU1LTgwYTQtZWE5NWNmNDEzYjUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA86WOMBiR36gGnsK40K567JuwQ4lmdNJgaeKzp
xODWC3SZIWF8Ah3KVmxU7fpKb82/T1UHqNVU3fgaWT3B+qAGh85v3nfYhz7S4YxL
osIlAM7WKdd9+tEXHZvvLG5HoQY1j2XARCa49d976CSQIVspADxcXzL0ishA7LAv
uTnaXtDdy0vc7nFTEumsOwbNjLAVAx23ijzKlUasBEz1D6UdU+HT/dcquAIC6Y4p
T7Fb3H1CP+Mq5e8z/L9w/OYNAuy4upj/uJM0GGZBqdpL/YOqYV/l1yx10bGgo4aM
pPakfQLbj0pwcWFpJ4k+I47GJI7lhuxRwjDOygSqDlNcKEGB
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:44:48 2025 by rpki-client