Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa
File: 42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa (raw, json)
Hash identifier: nl3rjlS2MJvtpL1GYZZe6yMPN4iVBtugTCOH1qLyh7w=
Subject key identifier: D7:2A:B9:21:EA:AA:56:84:06:72:1F:09:2E:F6:2D:10:65:5F:82:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 104C7A28D039DF148AB7C60A55186F09AC52A2C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa
Signing time: Tue 05 Aug 2025 18:50:42 +0000
ROA not before: Tue 05 Aug 2025 18:50:42 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8090::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:4c:7a:28:d0:39:df:14:8a:b7:c6:0a:55:18:6f:09:ac:52:a2:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:50:42 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=d60fd22a91e2675981e7bf9abe91941462ca3922ff507dba9698d1970f78453a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:db:0e:a1:2c:94:6c:ee:b3:94:73:30:fb:c2:
72:3a:39:b1:d5:8b:79:b4:68:e2:a8:5a:7f:0b:d2:
ec:f5:a8:dc:75:99:fc:69:4f:de:91:a2:8d:d2:07:
77:1d:77:d2:9e:e8:df:45:f6:86:61:93:3b:55:15:
62:1a:44:ff:e2:3b:5e:d9:1c:6b:4c:c2:0b:2c:ea:
33:22:e5:4b:d2:da:60:a6:ff:86:aa:7c:2d:1e:1f:
96:46:c6:a9:45:ec:3b:23:ea:8e:a2:df:1f:d4:43:
04:78:58:25:c3:47:21:a8:8e:ca:ec:44:ff:c5:47:
05:aa:cf:81:6d:74:0b:d3:7e:80:a2:c8:54:16:c4:
15:2c:3d:cf:63:13:cb:a0:c1:68:7e:74:be:a6:c5:
fa:c1:d2:0c:37:cb:bd:b2:cd:cd:90:7a:b2:8d:30:
bb:bd:eb:a1:24:7d:d9:58:0d:8b:1a:0d:2c:f3:b7:
05:f6:17:1a:da:e7:b2:93:0a:70:9e:02:91:cf:6f:
23:70:18:d3:c7:a0:c2:5b:40:4a:8e:42:c6:2b:10:
aa:7f:73:ab:0c:dc:01:f4:01:8f:54:cd:25:f5:ee:
e5:5d:6a:45:12:a4:94:bb:72:72:2b:66:2f:e6:3b:
eb:31:47:6a:7f:03:27:4b:4e:db:a4:a3:04:a0:55:
0c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:2A:B9:21:EA:AA:56:84:06:72:1F:09:2E:F6:2D:10:65:5F:82:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42ef7d89-b9bf-460f-b906-7443d96f4a6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8090::/48
Signature Algorithm: sha256WithRSAEncryption
a9:7a:22:e6:df:49:a8:be:ea:c7:24:dc:6d:2c:9b:eb:59:9e:
25:0f:7f:aa:ef:c0:04:ae:94:c7:42:23:1e:6e:df:b4:64:20:
8b:bb:46:9a:ab:cd:dd:b9:74:0f:2e:4f:15:82:c6:ce:34:31:
79:f4:00:d7:e7:ba:bb:ee:78:3f:7a:17:c3:5e:79:9a:d1:76:
76:2c:62:8c:0a:10:f0:92:45:ab:eb:03:3b:03:29:44:5e:a3:
09:37:f2:89:82:f4:03:3c:7e:1e:18:f2:d1:9a:a3:36:a6:de:
42:d0:98:db:85:40:8c:c6:0a:f5:bf:1f:29:f9:74:13:d8:56:
9a:ef:74:99:4d:88:14:cb:b0:ca:d6:75:71:13:15:c0:bc:8c:
06:8e:9b:a6:66:c5:3d:6f:ac:28:17:bb:d8:86:ae:4a:8d:62:
b6:27:40:9f:9f:cf:fd:d7:40:29:a6:51:e1:95:86:62:e6:c1:
47:07:e5:49:51:8d:58:55:88:0b:e0:ae:48:8d:72:7a:8a:89:
b7:70:2e:70:7a:06:8f:b2:d8:da:0d:9f:cb:47:b5:d8:67:e9:
2d:47:65:20:a2:60:6a:0a:bf:64:bb:76:ca:f0:e0:6d:52:7d:
b0:1d:a2:15:fc:cc:2a:f9:73:c1:d5:fc:01:e0:b4:5c:69:4a:
ba:86:c6:ea
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEEx6KNA53xSKt8YKVRhvCaxSosgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODUwNDJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2MGZkMjJhOTFlMjY3NTk4MWU3YmY5YWJlOTE5NDE0NjJjYTM5MjJmZjUw
N2RiYTk2OThkMTk3MGY3ODQ1M2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbbDqEslGzus5RzMPvCcjo5sdWLebRo4qhafwvS7PWo3HWZ/GlP3pGijdIH
dx130p7o30X2hmGTO1UVYhpE/+I7Xtkca0zCCyzqMyLlS9LaYKb/hqp8LR4flkbG
qUXsOyPqjqLfH9RDBHhYJcNHIaiOyuxE/8VHBarPgW10C9N+gKLIVBbEFSw9z2MT
y6DBaH50vqbF+sHSDDfLvbLNzZB6so0wu73roSR92VgNixoNLPO3BfYXGtrnspMK
cJ4Ckc9vI3AY08egwltASo5CxisQqn9zqwzcAfQBj1TNJfXu5V1qRRKklLtycitm
L+Y76zFHan8DJ0tO26SjBKBVDD0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTXKrkh
6qpWhAZyHwku9i0QZV+CTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDJlZjdkODktYjliZi00NjBmLWI5MDYtNzQ0M2Q5NmY0YTZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
kDANBgkqhkiG9w0BAQsFAAOCAQEAqXoi5t9JqL7qxyTcbSyb61meJQ9/qu/ABK6U
x0IjHm7ftGQgi7tGmqvN3bl0Dy5PFYLGzjQxefQA1+e6u+54P3oXw155mtF2dixi
jAoQ8JJFq+sDOwMpRF6jCTfyiYL0Azx+Hhjy0ZqjNqbeQtCY24VAjMYK9b8fKfl0
E9hWmu90mU2IFMuwytZ1cRMVwLyMBo6bpmbFPW+sKBe72IauSo1itidAn5/P/ddA
KaZR4ZWGYubBRwflSVGNWFWIC+CuSI1yeoqJt3AucHoGj7LY2g2fy0e12GfpLUdl
IKJgagq/ZLt2yvDgbVJ9sB2iFfzMKvlzwdX8AeC0XGlKuobG6g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:02 2025 by rpki-client