Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
File: 38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa (raw, json)
Hash identifier: vvLcWw8IgX0uAtM2rj+9Ijf7BozPHQ5rDm0NBAJWzKA=
Subject key identifier: CD:97:73:72:F4:34:B0:4E:E6:B2:21:3B:63:01:F5:10:3B:9D:D4:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D88763526F2DE4A885455AFECBB9E357F79E2C0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
Signing time: Tue 05 Aug 2025 19:30:59 +0000
ROA not before: Tue 05 Aug 2025 19:30:59 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:88:76:35:26:f2:de:4a:88:54:55:af:ec:bb:9e:35:7f:79:e2:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:30:59 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=a64bc6ee7bc9f909aaacbc773714ea5025c5c6974fbe7440c2e4769f10d70b10, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f9:80:60:b5:71:a9:db:f4:99:c5:c6:ab:ac:
e4:ca:d8:47:63:01:ac:17:3b:24:4b:14:a2:04:e4:
07:61:a2:aa:6a:9e:e4:1c:93:17:17:77:35:a8:c1:
cb:ac:a8:a8:fb:d7:d7:ba:d1:45:90:3b:e0:57:3d:
f0:f1:30:1a:d0:c5:f7:8b:e3:b9:d3:6f:ce:c3:96:
a4:49:39:69:6a:48:15:11:76:fb:82:e8:57:f4:88:
18:fd:ad:8a:ed:2f:27:1d:9b:e1:af:41:c5:2f:ef:
8c:3b:18:67:ea:cb:a6:03:9d:8e:3b:2e:69:9c:98:
65:bc:85:8a:06:8c:43:98:04:bc:52:71:c9:90:b5:
70:5a:40:ed:bf:06:bc:3f:ed:17:f1:18:46:79:5c:
e1:f8:cf:28:a1:cf:e7:b4:81:5c:c1:d6:fa:92:d2:
36:3c:01:6b:af:c1:33:15:f9:ba:d8:60:1f:1c:3b:
b4:84:0c:ab:ce:37:d9:21:fa:cb:6d:8f:64:56:09:
f3:d9:67:a9:51:31:81:5b:e6:c7:42:bf:38:17:3a:
4f:b0:af:48:fa:c2:51:4a:9c:2b:ea:18:78:6a:61:
c4:aa:67:5c:3b:ea:80:78:21:04:79:71:38:5d:96:
7a:1f:8e:51:18:cc:cd:37:b1:03:9a:b6:ef:0f:f2:
ba:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:97:73:72:F4:34:B0:4E:E6:B2:21:3B:63:01:F5:10:3B:9D:D4:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:6000::/40
Signature Algorithm: sha256WithRSAEncryption
c4:58:ea:4d:02:63:13:c1:f1:c6:72:de:cb:b0:1d:74:c1:dd:
13:2a:57:99:52:2b:c1:4e:8c:18:f6:78:81:1d:fc:a4:c4:86:
b4:aa:9a:95:92:9e:6c:11:8c:ba:78:4c:ae:c7:8e:c1:9a:f6:
52:93:f8:39:74:ad:4b:83:7e:d8:73:ce:f3:6a:d0:5b:aa:9c:
8e:7c:24:33:26:dd:02:07:56:70:18:46:bd:3c:3f:8a:d6:be:
e3:bf:02:2d:bd:ac:a2:be:b1:33:53:9f:fd:18:ae:e8:01:c5:
31:8a:65:09:e7:77:15:37:d0:19:b2:db:59:a3:da:c8:b7:8a:
e1:81:ba:9a:26:13:bd:03:34:4c:05:33:15:fc:7b:1c:b6:4e:
6c:5f:e7:c1:c4:4d:f9:c7:ba:89:dc:43:b0:98:f0:ce:76:d5:
f8:ff:09:b9:bd:8d:f2:79:9a:ce:0a:9a:a1:e1:c6:25:c5:dd:
f7:2c:62:c9:02:43:90:0a:3a:52:0f:15:06:c5:11:a8:8e:66:
6f:6c:b5:87:f4:ad:76:de:7e:35:95:73:37:ec:07:7b:39:19:
fd:4c:80:31:1b:ed:fb:d2:79:59:7e:6b:29:bd:4a:ba:08:18:
2b:8e:ce:5c:82:d9:02:ca:15:29:28:5e:9a:57:8c:49:4f:9d:
ae:71:e3:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfYh2NSby3kqIVFWv7LueNX954sAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMwNTlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2NGJjNmVlN2JjOWY5MDlhYWFjYmM3NzM3MTRlYTUwMjVjNWM2OTc0ZmJl
NzQ0MGMyZTQ3NjlmMTBkNzBiMTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJz5gGC1canb9JnFxqus5MrYR2MBrBc7JEsUogTkB2Giqmqe5ByTFxd3NajB
y6yoqPvX17rRRZA74Fc98PEwGtDF94vjudNvzsOWpEk5aWpIFRF2+4LoV/SIGP2t
iu0vJx2b4a9BxS/vjDsYZ+rLpgOdjjsuaZyYZbyFigaMQ5gEvFJxyZC1cFpA7b8G
vD/tF/EYRnlc4fjPKKHP57SBXMHW+pLSNjwBa6/BMxX5uthgHxw7tIQMq8432SH6
y22PZFYJ89lnqVExgVvmx0K/OBc6T7CvSPrCUUqcK+oYeGphxKpnXDvqgHghBHlx
OF2Weh+OURjMzTexA5q27w/yurMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTNl3Ny
9DSwTuayITtjAfUQO53ULDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzhmOWMwZjAtYTEwOS00ODVjLWJkMmQtMmUxYTQ0MGI4NjRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVg
MA0GCSqGSIb3DQEBCwUAA4IBAQDEWOpNAmMTwfHGct7LsB10wd0TKleZUivBTowY
9niBHfykxIa0qpqVkp5sEYy6eEyux47BmvZSk/g5dK1Lg37Yc87zatBbqpyOfCQz
Jt0CB1ZwGEa9PD+K1r7jvwItvayivrEzU5/9GK7oAcUximUJ53cVN9AZsttZo9rI
t4rhgbqaJhO9AzRMBTMV/Hsctk5sX+fBxE35x7qJ3EOwmPDOdtX4/wm5vY3yeZrO
Cpqh4cYlxd33LGLJAkOQCjpSDxUGxRGojmZvbLWH9K123n41lXM37Ad7ORn9TIAx
G+370nlZfmspvUq6CBgrjs5cgtkCyhUpKF6aV4xJT52uceOG
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:13 2025 by rpki-client