Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42fc7c20-224c-4e3b-8c6c-851926d0e396.roa
File: 42fc7c20-224c-4e3b-8c6c-851926d0e396.roa (raw, json)
Hash identifier: p+8z9n3EjtdPaUGMOyOHRsIwrkraWHqUkQuRvVuUCsE=
Subject key identifier: 29:C7:C1:CB:3B:BD:B9:59:01:96:9B:07:FE:2E:99:76:AC:7B:A3:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 430F23CDD1514947BBB9E0548C08041A339BF356
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42fc7c20-224c-4e3b-8c6c-851926d0e396.roa
Signing time: Fri 15 Aug 2025 15:50:01 +0000
ROA not before: Fri 15 Aug 2025 15:50:01 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:0f:23:cd:d1:51:49:47:bb:b9:e0:54:8c:08:04:1a:33:9b:f3:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:50:01 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=c0963c1ad5a308cb5961ec56823d22ace4ed062cb534711e35e8eb2d8ba03987, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0d:86:46:bb:b8:73:c2:e7:2d:0e:ab:15:14:
24:dd:1d:c9:97:a6:b0:1e:bc:01:3c:52:8c:4c:40:
22:75:52:36:42:f7:15:85:ec:a6:cb:36:a4:a6:89:
90:5e:b4:83:b1:30:6a:d5:13:85:c7:d0:c1:1c:74:
cd:b4:e9:bb:30:16:c5:61:73:07:4d:84:d2:f0:66:
ef:08:b6:0e:f6:48:18:95:fe:ce:21:4c:9c:c9:d2:
c8:47:42:7b:66:e8:95:ea:72:5d:77:52:4f:ba:0b:
8a:9d:e5:32:80:f6:28:97:d4:c2:a5:3b:49:71:51:
9f:ba:6d:a3:02:a7:f2:b8:89:0d:ca:ad:fb:fa:ce:
48:2f:80:67:16:54:4b:63:a9:fe:95:a0:41:e0:a6:
21:93:d0:23:05:fb:2f:c9:b0:e1:9b:94:9c:3a:02:
52:da:d9:99:19:f3:d0:9c:29:bc:b3:db:3d:55:4c:
9b:1e:1c:d9:39:ae:68:2c:9a:0e:4d:be:bd:af:7a:
d9:eb:e9:00:2b:a9:26:8c:fe:1a:43:0b:8b:85:f4:
61:3d:7a:86:24:e5:22:1f:df:39:9e:44:02:88:a2:
a7:85:fa:c9:2e:48:7e:69:bd:92:6c:55:de:e3:bd:
8a:a4:ce:16:cd:14:d9:10:25:29:9b:96:e4:2a:2d:
1c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C7:C1:CB:3B:BD:B9:59:01:96:9B:07:FE:2E:99:76:AC:7B:A3:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42fc7c20-224c-4e3b-8c6c-851926d0e396.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:c000::/40
Signature Algorithm: sha256WithRSAEncryption
86:5f:29:b1:49:04:62:42:88:55:4e:65:e7:c7:e9:a6:95:de:
c1:77:3c:ea:b4:04:72:cb:1c:7b:18:51:fe:84:ef:75:bd:9a:
29:05:aa:4f:55:e7:d3:5d:21:21:ce:8b:ee:ad:e1:2a:d9:b1:
f2:ff:05:e4:d5:db:73:82:de:be:df:70:55:28:aa:c4:10:e5:
1c:16:49:22:8a:a5:c3:e9:34:ab:1c:95:a4:c5:1f:03:ca:04:
f0:5e:d9:11:49:a8:6b:1d:63:12:be:b1:cc:c5:4e:0e:d8:a2:
c3:81:17:25:e2:86:d4:15:de:8c:e0:73:a0:24:47:dd:77:0d:
7c:d0:bf:85:79:c0:29:df:1e:f3:fa:6b:42:5a:34:4a:3a:98:
57:95:56:15:6f:32:22:96:8c:92:73:3c:c0:1f:7c:41:55:e6:
5d:d9:b8:73:6c:5f:4e:f4:62:23:be:e8:54:11:62:5a:2b:a2:
31:45:da:a4:50:cf:d7:05:35:08:34:bf:78:6c:cb:20:d2:85:
5b:c3:74:69:80:2d:1b:b6:e4:d8:2a:aa:69:a2:38:3c:15:af:
12:52:53:8e:cb:68:ba:a9:53:53:41:bb:a6:a5:fb:ce:3b:36:
d0:11:7c:5b:34:27:47:47:26:5f:ee:44:1f:68:84:4c:7a:5a:
69:45:ac:28
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQw8jzdFRSUe7ueBUjAgEGjOb81YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTUwMDFaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwOTYzYzFhZDVhMzA4Y2I1OTYxZWM1NjgyM2QyMmFjZTRlZDA2MmNiNTM0
NzExZTM1ZThlYjJkOGJhMDM5ODcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMNhka7uHPC5y0OqxUUJN0dyZemsB68ATxSjExAInVSNkL3FYXspss2pKaJ
kF60g7EwatUThcfQwRx0zbTpuzAWxWFzB02E0vBm7wi2DvZIGJX+ziFMnMnSyEdC
e2bolepyXXdST7oLip3lMoD2KJfUwqU7SXFRn7ptowKn8riJDcqt+/rOSC+AZxZU
S2Op/pWgQeCmIZPQIwX7L8mw4ZuUnDoCUtrZmRnz0JwpvLPbPVVMmx4c2TmuaCya
Dk2+va962evpACupJoz+GkMLi4X0YT16hiTlIh/fOZ5EAoiip4X6yS5Ifmm9kmxV
3uO9iqTOFs0U2RAlKZuW5CotHM8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQpx8HL
O725WQGWmwf+Lpl2rHujEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDJmYzdjMjAtMjI0Yy00ZTNiLThjNmMtODUxOTI2ZDBlMzk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DLA
MA0GCSqGSIb3DQEBCwUAA4IBAQCGXymxSQRiQohVTmXnx+mmld7BdzzqtARyyxx7
GFH+hO91vZopBapPVefTXSEhzovureEq2bHy/wXk1dtzgt6+33BVKKrEEOUcFkki
iqXD6TSrHJWkxR8DygTwXtkRSahrHWMSvrHMxU4O2KLDgRcl4obUFd6M4HOgJEfd
dw180L+FecAp3x7z+mtCWjRKOphXlVYVbzIiloySczzAH3xBVeZd2bhzbF9O9GIj
vuhUEWJaK6IxRdqkUM/XBTUINL94bMsg0oVbw3RpgC0btuTYKqppojg8Fa8SUlOO
y2i6qVNTQbumpfvOOzbQEXxbNCdHRyZf7kQfaIRMelppRawo
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:44:46 2025 by rpki-client