Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
File: 37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa (raw, json)
Hash identifier: 0f7T2TCFSSVnetkZ6QArXNf+p+OSwCNLvSSuOe6Z7Zk=
Subject key identifier: 9C:3D:FB:B3:8A:20:61:D5:2F:F2:C1:89:D3:40:B1:7C:2B:25:7B:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21A2F703D66DEAC772F4F9851A8B27E6F11D18A4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
Signing time: Tue 05 Aug 2025 20:01:22 +0000
ROA not before: Tue 05 Aug 2025 20:01:22 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:a2:f7:03:d6:6d:ea:c7:72:f4:f9:85:1a:8b:27:e6:f1:1d:18:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:01:22 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=bbdda8a44f66892d609cf7c96769e87bec0f8b2fe55ec66b50c2bba7a0d2c141, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:92:84:e1:bf:f4:0f:c8:5d:7f:13:77:12:81:
b1:b6:56:f5:24:a1:b6:b5:da:74:97:8f:c1:de:81:
da:c2:8c:f6:d1:63:09:51:4a:0c:40:e8:2b:22:81:
fe:1a:40:bb:9f:f8:da:5e:11:6c:72:85:73:81:a4:
70:32:b5:10:5d:c9:db:5e:b7:38:7e:5d:a5:2b:ba:
4f:e6:31:1f:d4:78:e9:66:0a:c2:2f:93:90:d5:27:
b4:be:7d:0b:c9:f2:cb:e0:e8:ff:b4:d0:6e:2e:84:
f6:8b:81:ef:41:e0:ea:df:32:b8:c7:d5:ac:2f:a3:
cc:12:68:9d:69:e3:dc:9d:61:a4:6b:f3:6f:74:a7:
11:a9:e8:9b:3f:4e:eb:0b:62:f3:15:c8:b9:43:e1:
ac:37:77:8a:0f:d0:cc:aa:5d:0a:a2:ca:c9:83:09:
0d:1c:76:8b:26:6d:f1:ce:4a:68:9e:12:bf:4d:0e:
c3:8b:48:cf:f0:c2:df:b7:fe:c3:3c:25:6e:4b:bb:
c0:94:50:ed:6b:41:df:39:9c:b6:b4:b4:9e:46:e0:
e9:59:cf:cb:75:1b:dc:0a:5f:49:7a:42:0b:cb:8a:
ce:57:b4:8e:da:93:0b:9b:2c:19:61:f0:57:fc:81:
e4:4a:a4:f7:a7:d4:22:73:e0:b9:06:ae:b5:db:05:
ff:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:3D:FB:B3:8A:20:61:D5:2F:F2:C1:89:D3:40:B1:7C:2B:25:7B:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:8000::/40
Signature Algorithm: sha256WithRSAEncryption
9e:ce:5b:65:52:69:7d:35:bf:03:1e:cd:d0:b3:29:01:33:00:
a7:99:2a:ab:7b:2e:9b:03:57:6e:1c:90:55:2c:19:1f:82:73:
45:1f:40:7c:fe:46:e6:1c:c2:ab:9d:5d:3d:c0:5c:13:0c:c3:
c8:c6:fb:a2:68:00:0f:8e:57:b3:bb:a8:d5:c5:8c:84:c5:6a:
bc:ae:25:8c:50:2e:b2:30:ad:6c:d5:48:82:d2:b7:3a:4f:b1:
dc:68:89:b2:c0:3e:bb:d5:b3:43:89:ad:77:45:72:e8:39:82:
95:a4:90:eb:46:d5:9c:2f:ef:70:e3:d1:41:79:12:d8:62:36:
01:3a:67:c0:f3:52:96:f4:05:e8:1b:77:fc:37:f4:12:3f:7a:
62:e1:a0:a6:64:71:37:2a:5d:bb:c2:5c:fc:ac:12:b8:8d:86:
71:46:ec:f6:79:1e:19:21:b8:26:ef:91:ac:57:2a:57:ad:71:
a6:92:cc:31:0c:38:ca:4e:6c:1b:1a:80:f4:66:91:fb:db:01:
e7:66:28:24:74:63:62:dd:73:ae:9f:3a:1d:45:cd:8b:47:2d:
e5:86:98:08:97:dc:03:ba:4f:16:22:1a:27:67:ea:a4:3d:8b:
73:e0:e3:ce:68:1b:2f:20:dc:75:92:f9:d5:80:5b:a2:fc:fb:
41:83:5f:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIaL3A9Zt6sdy9PmFGosn5vEdGKQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAxMjJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiZGRhOGE0NGY2Njg5MmQ2MDljZjdjOTY3NjllODdiZWMwZjhiMmZlNTVl
YzY2YjUwYzJiYmE3YTBkMmMxNDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyShOG/9A/IXX8TdxKBsbZW9SShtrXadJePwd6B2sKM9tFjCVFKDEDoKyKB
/hpAu5/42l4RbHKFc4GkcDK1EF3J2163OH5dpSu6T+YxH9R46WYKwi+TkNUntL59
C8nyy+Do/7TQbi6E9ouB70Hg6t8yuMfVrC+jzBJonWnj3J1hpGvzb3SnEanomz9O
6wti8xXIuUPhrDd3ig/QzKpdCqLKyYMJDRx2iyZt8c5KaJ4Sv00Ow4tIz/DC37f+
wzwlbku7wJRQ7WtB3zmctrS0nkbg6VnPy3Ub3ApfSXpCC8uKzle0jtqTC5ssGWHw
V/yB5Eqk96fUInPguQautdsF/8sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBScPfuz
iiBh1S/ywYnTQLF8KyV7IDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzdmODQ3OGYtNWVmOC00ZmU1LWI5YTItMWJiZDYwNWE2YWRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DaA
MA0GCSqGSIb3DQEBCwUAA4IBAQCezltlUml9Nb8DHs3QsykBMwCnmSqrey6bA1du
HJBVLBkfgnNFH0B8/kbmHMKrnV09wFwTDMPIxvuiaAAPjlezu6jVxYyExWq8riWM
UC6yMK1s1UiC0rc6T7HcaImywD671bNDia13RXLoOYKVpJDrRtWcL+9w49FBeRLY
YjYBOmfA81KW9AXoG3f8N/QSP3pi4aCmZHE3Kl27wlz8rBK4jYZxRuz2eR4ZIbgm
75GsVypXrXGmkswxDDjKTmwbGoD0ZpH72wHnZigkdGNi3XOunzodRc2LRy3lhpgI
l9wDuk8WIhonZ+qkPYtz4OPOaBsvINx1kvnVgFui/PtBg19Q
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:53 2025 by rpki-client