Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b00c63-4d48-46a2-a2ac-c6d3bf6953bd.roa
File: 37b00c63-4d48-46a2-a2ac-c6d3bf6953bd.roa (raw, json)
Hash identifier: sUselJnriYPgN0M6PqOw9qDS1+Z9jM7fIe/HvuoIu4Q=
Subject key identifier: 91:8E:9B:5C:BA:FB:B1:F2:98:12:E6:39:04:17:72:1C:8C:E6:D0:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6EB961E50AA2C6AE1C9AB895EA330773698D5E48
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b00c63-4d48-46a2-a2ac-c6d3bf6953bd.roa
Signing time: Fri 22 Aug 2025 15:10:45 +0000
ROA not before: Fri 22 Aug 2025 15:10:45 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:8000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:b9:61:e5:0a:a2:c6:ae:1c:9a:b8:95:ea:33:07:73:69:8d:5e:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:45 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=f9e152c79238f21b5e95eb860ac47934a789c62d655aaa81a86d141383c2580d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:44:30:f4:cf:5e:2e:86:8f:18:50:69:6d:ae:
d2:6f:ba:eb:5b:90:68:83:cd:4b:93:66:41:0d:9a:
d3:ab:e5:e8:3d:2b:fe:35:ff:73:2f:df:6b:2b:77:
dc:f4:32:0d:2b:56:f7:bf:86:46:80:ae:2a:5e:0e:
a0:ac:ec:b7:86:19:63:ce:82:d2:cd:14:6f:d6:ae:
da:c0:20:f8:1f:15:78:39:22:5b:f9:c9:19:e0:05:
d9:a3:61:9d:4e:9b:11:ab:ec:16:c2:d8:05:55:6e:
77:c6:5f:2c:de:71:f3:6d:a4:95:f7:41:4e:94:be:
af:49:48:40:4c:c1:c7:5b:ec:42:33:bd:af:c3:06:
8e:d6:2c:02:33:6c:3c:4f:a7:e6:00:61:8d:f8:95:
25:8e:f1:30:f3:14:b3:15:63:97:18:23:d0:bf:34:
96:c3:3f:45:90:de:1b:00:dc:78:b9:72:1c:00:7e:
03:75:c5:74:a2:51:aa:d9:52:6d:c6:f4:71:8f:f4:
25:52:c6:6a:07:66:8e:2d:cc:75:8d:1b:2f:8f:4a:
e0:a0:80:5c:4e:d1:6e:8d:97:12:4d:1b:8f:ad:96:
1f:c3:42:ca:2a:dd:01:54:16:21:9b:62:80:ed:c4:
67:23:94:a6:5c:ad:cf:fb:4e:ee:30:65:fd:47:4a:
77:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:8E:9B:5C:BA:FB:B1:F2:98:12:E6:39:04:17:72:1C:8C:E6:D0:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b00c63-4d48-46a2-a2ac-c6d3bf6953bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:8000::/48
Signature Algorithm: sha256WithRSAEncryption
8c:03:db:6c:23:b5:2f:04:a9:a3:9e:a1:f5:d2:2e:09:50:a1:
6c:d6:dc:b0:e6:d4:d9:a5:6b:a7:dc:08:3d:91:f4:3f:c3:29:
fa:fb:67:a8:30:da:a5:6b:5b:b0:59:e1:a5:f6:f5:d5:b9:ac:
9b:97:ce:37:ed:13:d0:54:f1:4d:eb:da:d6:92:0c:5a:a0:84:
ab:30:ce:4a:c3:89:65:fb:e6:44:9a:75:99:99:32:f9:a0:e3:
e0:f1:3a:5f:08:99:93:e0:ac:b4:f0:57:de:d2:5c:aa:17:bb:
89:45:34:03:e8:16:d5:74:81:16:b3:e1:77:21:f8:78:69:31:
f9:c6:3f:13:9b:04:73:10:e8:14:14:e4:81:ea:1c:6e:38:3a:
36:ec:34:3f:82:8a:23:02:2c:0c:ea:96:28:7c:c0:23:2a:ed:
22:a0:79:6a:4f:56:8f:0c:d0:f4:2e:19:e8:49:ad:d3:0f:76:
19:0e:55:28:06:e9:a5:ba:da:49:5d:a9:23:03:8f:21:63:2c:
31:21:be:c4:10:a2:8a:cb:f9:88:1e:1c:b1:cb:11:0a:45:b5:
e4:5d:62:ec:34:e4:2b:57:2f:0e:91:24:8c:95:d6:d1:eb:b6:
37:88:66:92:42:bb:4c:02:56:d8:88:59:26:91:96:e1:89:3c:
13:4a:93:38
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbrlh5Qqixq4cmriV6jMHc2mNXkgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwNDVaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5ZTE1MmM3OTIzOGYyMWI1ZTk1ZWI4NjBhYzQ3OTM0YTc4OWM2MmQ2NTVh
YWE4MWE4NmQxNDEzODNjMjU4MGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJBEMPTPXi6GjxhQaW2u0m+661uQaIPNS5NmQQ2a06vl6D0r/jX/cy/fayt3
3PQyDStW97+GRoCuKl4OoKzst4YZY86C0s0Ub9au2sAg+B8VeDkiW/nJGeAF2aNh
nU6bEavsFsLYBVVud8ZfLN5x822klfdBTpS+r0lIQEzBx1vsQjO9r8MGjtYsAjNs
PE+n5gBhjfiVJY7xMPMUsxVjlxgj0L80lsM/RZDeGwDceLlyHAB+A3XFdKJRqtlS
bcb0cY/0JVLGagdmji3MdY0bL49K4KCAXE7Rbo2XEk0bj62WH8NCyirdAVQWIZti
gO3EZyOUplytz/tO7jBl/UdKd1MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSRjptc
uvux8pgS5jkEF3IcjObQlTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzdiMDBjNjMtNGQ0OC00NmEyLWEyYWMtYzZkM2JmNjk1M2JkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HaA
ADANBgkqhkiG9w0BAQsFAAOCAQEAjAPbbCO1LwSpo56h9dIuCVChbNbcsObU2aVr
p9wIPZH0P8Mp+vtnqDDapWtbsFnhpfb11bmsm5fON+0T0FTxTeva1pIMWqCEqzDO
SsOJZfvmRJp1mZky+aDj4PE6XwiZk+CstPBX3tJcqhe7iUU0A+gW1XSBFrPhdyH4
eGkx+cY/E5sEcxDoFBTkgeocbjg6Nuw0P4KKIwIsDOqWKHzAIyrtIqB5ak9WjwzQ
9C4Z6Emt0w92GQ5VKAbppbraSV2pIwOPIWMsMSG+xBCiisv5iB4cscsRCkW15F1i
7DTkK1cvDpEkjJXW0eu2N4hmkkK7TAJW2IhZJpGW4Yk8E0qTOA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:54:09 2025 by rpki-client