Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
File: 404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa (raw, json)
Hash identifier: EI9DP2KjO8efzjIyThEdu2ROuDsKusU9PNzwNnPadLM=
Subject key identifier: 86:2C:12:73:C9:06:0F:77:B4:3F:75:F0:7F:F2:2B:AA:C2:3E:94:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0DF22DA2F18B0E240F79AE3131D4F8E43EC59005
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
Signing time: Tue 05 Aug 2025 20:20:13 +0000
ROA not before: Tue 05 Aug 2025 20:20:13 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d017::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:f2:2d:a2:f1:8b:0e:24:0f:79:ae:31:31:d4:f8:e4:3e:c5:90:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:20:13 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=c6f1b3b5f2133477706690a0ce93f6fa6229d12a88fe83d1c0745cccc3c628ea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:04:4a:00:f3:94:47:80:52:71:4c:17:66:31:
a6:f0:6c:de:44:5f:2e:60:05:c4:36:36:84:b0:d7:
a3:26:23:b2:1d:df:24:29:ae:85:6b:b5:cb:e3:d6:
12:7a:08:91:07:89:2a:b6:d3:29:99:20:dd:de:0c:
64:cf:90:78:b7:fa:ac:52:ca:e2:1f:5c:83:fe:a9:
b8:52:81:9f:8b:80:b7:fc:f8:1b:11:e5:f3:35:7c:
30:b5:60:b1:f3:cc:3d:f9:b6:03:1c:cb:8e:47:9e:
06:c3:bb:d1:a6:54:65:67:9b:06:9d:5c:5c:bc:37:
cc:c1:b3:62:b6:8b:35:b8:b3:64:7e:5d:43:cc:b1:
c7:38:74:d2:66:0b:c5:53:9c:4d:af:06:e8:8b:af:
c7:21:52:66:e0:90:ea:d2:fb:5d:9f:97:af:ba:db:
4f:3e:91:e1:42:84:8c:03:f8:b1:93:b9:ca:80:66:
ff:54:21:7d:dd:2d:e9:75:d4:c1:1b:83:66:b5:db:
5d:a1:29:b9:06:df:33:f2:cf:e9:f0:c7:0b:97:7c:
ee:be:3c:f1:c9:06:89:d0:ad:0a:8a:10:85:64:94:
ec:72:e0:df:6a:62:9f:f1:2f:21:d2:82:15:30:d8:
ae:63:fd:c4:cf:42:0d:8b:a2:97:f0:a4:c7:32:43:
c6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:2C:12:73:C9:06:0F:77:B4:3F:75:F0:7F:F2:2B:AA:C2:3E:94:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d017::/36
Signature Algorithm: sha256WithRSAEncryption
11:58:0f:a4:a4:a5:e2:11:2d:86:0b:ba:2c:77:60:5e:0f:6e:
e7:5a:bf:9e:0f:4f:b3:32:ab:9b:6e:0d:e5:36:c1:7f:cc:b7:
a2:21:1c:e0:c1:cf:03:88:43:38:c7:78:2f:c8:f3:00:a4:4f:
bd:ab:f6:d7:78:fc:90:26:e8:e6:bd:6f:35:d5:e1:fc:d2:44:
f5:50:bb:9d:db:01:ce:a6:d5:3f:d3:b8:e4:a7:18:14:19:48:
48:33:99:7b:00:10:85:eb:58:0e:26:0e:68:83:ba:1b:33:7c:
44:c0:b8:c9:02:df:78:44:29:15:2e:b9:ff:f4:8c:8c:1e:af:
24:65:18:81:c3:3e:26:01:60:96:9a:37:cc:0a:79:ed:de:0c:
10:e9:af:f0:b2:47:56:bf:f7:e6:a6:de:ac:ff:56:a5:4a:98:
39:15:9f:86:d4:b5:68:d3:71:30:fb:c1:9a:6b:a3:d1:7a:bd:
01:e7:ca:91:d0:31:17:e9:3c:eb:15:8c:5f:a2:be:5d:c1:76:
e7:b6:80:66:b8:c8:8f:79:39:42:ad:3e:8a:95:d6:26:1b:f9:
df:6e:e7:3d:3f:bd:38:f8:59:08:22:1d:6e:35:e4:31:fb:5f:
77:57:d5:40:5d:34:a7:ca:de:9b:ef:12:a9:f1:11:c0:67:1c:
1a:70:dd:83
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDfItovGLDiQPea4xMdT45D7FkAUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDIwMTNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2ZjFiM2I1ZjIxMzM0Nzc3MDY2OTBhMGNlOTNmNmZhNjIyOWQxMmE4OGZl
ODNkMWMwNzQ1Y2NjYzNjNjI4ZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJAESgDzlEeAUnFMF2YxpvBs3kRfLmAFxDY2hLDXoyYjsh3fJCmuhWu1y+PW
EnoIkQeJKrbTKZkg3d4MZM+QeLf6rFLK4h9cg/6puFKBn4uAt/z4GxHl8zV8MLVg
sfPMPfm2AxzLjkeeBsO70aZUZWebBp1cXLw3zMGzYraLNbizZH5dQ8yxxzh00mYL
xVOcTa8G6IuvxyFSZuCQ6tL7XZ+Xr7rbTz6R4UKEjAP4sZO5yoBm/1Qhfd0t6XXU
wRuDZrXbXaEpuQbfM/LP6fDHC5d87r488ckGidCtCooQhWSU7HLg32pin/EvIdKC
FTDYrmP9xM9CDYuil/CkxzJDxkMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSGLBJz
yQYPd7Q/dfB/8iuqwj6UnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA0ZWYxYWYtZTA1Mi00MWI4LWEwYmYtNzBlM2ZhMGFhMDUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BcA
MA0GCSqGSIb3DQEBCwUAA4IBAQARWA+kpKXiES2GC7osd2BeD27nWr+eD0+zMqub
bg3lNsF/zLeiIRzgwc8DiEM4x3gvyPMApE+9q/bXePyQJujmvW811eH80kT1ULud
2wHOptU/07jkpxgUGUhIM5l7ABCF61gOJg5og7obM3xEwLjJAt94RCkVLrn/9IyM
Hq8kZRiBwz4mAWCWmjfMCnnt3gwQ6a/wskdWv/fmpt6s/1alSpg5FZ+G1LVo03Ew
+8Gaa6PRer0B58qR0DEX6TzrFYxfor5dwXbntoBmuMiPeTlCrT6KldYmG/nfbuc9
P704+FkIIh1uNeQx+193V9VAXTSnyt6b7xKp8RHAZxwacN2D
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:27 2025 by rpki-client