Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/61a0530d-8d0b-4fd7-8bef-6b8c99c3df33.roa
File: 61a0530d-8d0b-4fd7-8bef-6b8c99c3df33.roa (raw, json)
Hash identifier: qznVD0C3ixk5VLe85+YxamkABJLJY7wsbT39vZ/5Zek=
Subject key identifier: A2:1F:BD:43:6E:1A:CD:33:77:5D:AC:1A:2F:B1:1B:62:20:C9:D6:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69EA6BCD8F8864EB941F81B91FE92FBE19094BD6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/61a0530d-8d0b-4fd7-8bef-6b8c99c3df33.roa
Signing time: Tue 05 Aug 2025 19:51:35 +0000
ROA not before: Tue 05 Aug 2025 19:51:35 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:ea:6b:cd:8f:88:64:eb:94:1f:81:b9:1f:e9:2f:be:19:09:4b:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:51:35 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=49a17982bc1bbebfce72de8c220a78870f10b0fde84648f6d234492300d85115, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5c:f8:41:0e:cc:47:9c:e7:c8:28:fe:88:16:
78:1b:fe:86:f8:7e:b3:41:32:01:03:a1:2e:e9:60:
ba:2d:0f:c9:0d:5b:b6:23:d9:21:2c:2b:38:bf:32:
2d:cb:db:78:0b:d9:09:3d:b2:8b:6e:24:33:d3:9f:
ff:47:b3:43:93:3f:64:29:90:68:6c:e0:6c:8a:c7:
cb:96:77:2e:73:31:ba:e0:f5:69:fb:be:c8:68:5c:
99:20:95:8d:2e:60:a1:e4:f6:45:7a:8b:59:1c:a9:
08:03:6e:ca:eb:8b:02:f9:a0:94:0b:f6:a0:71:0a:
92:e4:2c:22:e8:3f:e3:2e:4a:a3:d7:ed:37:64:b5:
73:ad:fa:0b:d8:f3:8e:99:88:1c:3a:d1:d4:4b:e8:
c1:b8:d9:37:5f:d4:bb:7a:1e:72:32:42:58:b9:2d:
a2:1e:87:a7:8f:06:80:36:0d:57:62:b4:0e:80:d5:
a8:7e:49:ef:b6:72:f4:79:7c:53:cf:9e:c4:31:01:
53:16:ca:c8:d9:4c:c5:73:32:e8:20:7b:e5:91:52:
9e:96:2a:e8:fd:38:34:29:1d:3b:03:e3:6c:13:9f:
03:0f:63:3e:79:11:f8:c5:d3:aa:b1:97:ae:64:c6:
ab:c9:a4:6c:77:d4:a4:14:98:cd:5f:49:70:4d:9e:
a2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:1F:BD:43:6E:1A:CD:33:77:5D:AC:1A:2F:B1:1B:62:20:C9:D6:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/61a0530d-8d0b-4fd7-8bef-6b8c99c3df33.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:a000::/40
Signature Algorithm: sha256WithRSAEncryption
09:1c:ae:a8:01:2d:dc:0b:f0:d5:5e:74:05:ff:09:d6:2b:21:
27:1a:06:40:5d:ed:c7:4d:64:22:32:c4:d3:54:f6:1c:56:ca:
2e:a2:31:61:83:0e:72:80:a0:33:c8:b8:a5:3a:6c:11:e7:90:
01:a1:70:e6:27:39:6a:fc:1e:f5:97:12:fb:9c:05:1f:cd:5d:
84:cd:38:8c:fd:9b:cb:bb:a2:ff:1e:a4:5a:9d:96:fe:6b:7b:
52:ff:d5:75:83:0f:2e:73:4a:f0:04:c1:d1:65:bd:0f:73:57:
12:c0:1e:07:a1:0e:1b:ee:59:b7:78:04:6b:5e:a1:90:9c:c4:
73:7b:65:b9:16:96:b6:4b:c8:9d:00:70:80:bd:03:8b:a1:a3:
e9:0f:90:29:d3:3c:82:46:a3:bc:a3:4e:81:19:d4:82:9e:ac:
90:e4:37:ff:c4:5e:6f:6c:a7:c6:fd:78:51:e9:6f:f9:1d:af:
8d:7a:14:ec:75:41:85:4c:c6:09:67:72:77:df:15:fb:46:a2:
ad:76:42:a0:23:2d:ba:b1:5c:26:22:95:e6:48:66:95:69:45:
a7:c0:85:ae:d4:21:d9:8d:a6:c5:77:d8:93:d9:1f:11:36:51:
f5:81:3c:45:e8:6b:c1:5e:ee:25:d5:08:e4:67:2e:cf:97:d5:
55:33:8e:05
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaeprzY+IZOuUH4G5H+kvvhkJS9YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUxMzVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5YTE3OTgyYmMxYmJlYmZjZTcyZGU4YzIyMGE3ODg3MGYxMGIwZmRlODQ2
NDhmNmQyMzQ0OTIzMDBkODUxMTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJtc+EEOzEec58go/ogWeBv+hvh+s0EyAQOhLulgui0PyQ1btiPZISwrOL8y
LcvbeAvZCT2yi24kM9Of/0ezQ5M/ZCmQaGzgbIrHy5Z3LnMxuuD1afu+yGhcmSCV
jS5goeT2RXqLWRypCANuyuuLAvmglAv2oHEKkuQsIug/4y5Ko9ftN2S1c636C9jz
jpmIHDrR1EvowbjZN1/Uu3oecjJCWLktoh6Hp48GgDYNV2K0DoDVqH5J77Zy9Hl8
U8+exDEBUxbKyNlMxXMy6CB75ZFSnpYq6P04NCkdOwPjbBOfAw9jPnkR+MXTqrGX
rmTGq8mkbHfUpBSYzV9JcE2eovMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSiH71D
bhrNM3ddrBovsRtiIMnW/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjFhMDUzMGQtOGQwYi00ZmQ3LThiZWYtNmI4Yzk5YzNkZjMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWg
MA0GCSqGSIb3DQEBCwUAA4IBAQAJHK6oAS3cC/DVXnQF/wnWKyEnGgZAXe3HTWQi
MsTTVPYcVsouojFhgw5ygKAzyLilOmwR55ABoXDmJzlq/B71lxL7nAUfzV2EzTiM
/ZvLu6L/HqRanZb+a3tS/9V1gw8uc0rwBMHRZb0Pc1cSwB4HoQ4b7lm3eARrXqGQ
nMRze2W5Fpa2S8idAHCAvQOLoaPpD5Ap0zyCRqO8o06BGdSCnqyQ5Df/xF5vbKfG
/XhR6W/5Ha+NehTsdUGFTMYJZ3J33xX7RqKtdkKgIy26sVwmIpXmSGaVaUWnwIWu
1CHZjabFd9iT2R8RNlH1gTxF6GvBXu4l1QjkZy7Pl9VVM44F
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:49:26 2025 by rpki-client