Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
File: 66a53b3f-eb55-4869-ac1a-f83569ee728f.roa (raw, json)
Hash identifier: Up2xK+Wzqm28G7LLN09Fvvoqk4prB5/6ttd7iUfMMi0=
Subject key identifier: B9:20:C6:F9:F7:81:BD:8F:08:4B:54:BA:B2:CE:F8:9F:A5:59:96:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 517360809BB3C32AF0BCFB5D95DE8A934BC48A78
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
Signing time: Fri 22 Aug 2025 15:11:13 +0000
ROA not before: Fri 22 Aug 2025 15:11:13 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:73:60:80:9b:b3:c3:2a:f0:bc:fb:5d:95:de:8a:93:4b:c4:8a:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:11:13 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=4875b259e5230f3fd6aa1651720d31ef1c2b092261fb91b0857183029501e446, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:49:fe:58:a9:e5:4f:6a:73:93:f1:6b:f6:0e:
dc:69:f0:0c:17:cd:37:67:e2:f5:80:d9:7f:f1:0c:
fa:1c:92:bb:b2:f7:fa:17:b0:6f:49:ef:1a:15:00:
39:43:7d:b8:12:37:41:1f:e4:c7:55:76:0e:06:36:
c6:26:8a:95:3f:eb:0d:a7:42:6e:72:8a:66:36:ea:
1f:f0:78:17:42:aa:a6:fa:d8:7a:55:ff:4e:3b:8d:
25:00:dd:93:45:db:79:7f:3a:30:4c:e4:e7:40:9e:
b4:6e:3b:0e:7e:6f:9d:d6:8d:15:e2:20:c2:4b:23:
e6:82:7e:10:ae:39:5f:a9:dc:2e:a5:53:12:0f:73:
52:c6:15:12:14:c0:b7:b1:6e:d7:97:84:59:b1:d9:
29:67:1c:39:6d:6d:3d:e2:39:1f:52:ff:06:ee:99:
77:32:49:01:62:cd:55:4a:96:cc:5b:7e:af:54:7f:
03:71:49:11:d5:d8:1a:44:e3:0d:ad:fc:b0:7c:00:
12:57:37:a4:6b:6f:89:f7:0f:88:8b:e8:95:5b:cc:
76:16:d5:e3:f9:30:57:ed:88:39:f3:10:6d:3a:bf:
6e:af:7a:a4:18:75:9c:5d:4d:e8:09:46:2a:fc:b3:
d9:81:07:5d:d3:21:6c:ea:5b:35:50:f7:70:8c:ae:
4b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:20:C6:F9:F7:81:BD:8F:08:4B:54:BA:B2:CE:F8:9F:A5:59:96:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a53b3f-eb55-4869-ac1a-f83569ee728f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8000::/40
Signature Algorithm: sha256WithRSAEncryption
c6:b1:61:b2:a8:02:a7:e5:7a:31:3f:db:2f:44:b7:cd:78:41:
92:db:ff:38:6e:25:40:dd:37:7b:19:cb:73:31:98:76:e8:48:
ad:f7:c4:1e:27:2c:4a:33:e0:8a:f1:e6:14:bd:39:d1:38:b0:
d3:04:b7:c3:da:1b:47:0c:f1:e1:fb:09:e1:57:9f:5b:d0:49:
09:e3:8a:40:60:41:13:ea:bf:cb:b1:41:85:7d:df:9e:4d:a8:
3d:32:37:c9:9d:1b:98:26:99:a1:de:dc:7c:6d:a6:e6:fb:6d:
05:54:2c:3a:93:0d:f8:aa:bb:c3:13:87:8a:64:a8:69:eb:48:
59:48:ae:15:97:4b:64:d7:57:d3:ca:22:65:2f:c0:5b:ee:c1:
53:93:fa:6d:8e:e2:b1:ed:8e:2e:ab:14:92:01:b4:c2:b7:33:
a2:9c:14:77:95:33:5d:2f:7f:c8:54:02:86:7d:c3:c1:cc:ba:
20:dc:7f:43:20:fa:25:b7:af:7f:93:d0:a4:1f:25:4c:3d:03:
a3:5d:41:81:eb:63:58:2b:19:01:c9:fb:2d:28:00:a6:7b:97:
fa:9b:bd:7c:f2:e7:dd:d6:8f:60:c8:0b:ab:84:6f:f8:a8:88:
2d:3c:bc:bb:7b:03:9f:93:d7:61:bb:23:b3:bf:69:b4:a9:e5:
44:c4:fa:b8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUXNggJuzwyrwvPtdld6Kk0vEingwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTExMTNaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4NzViMjU5ZTUyMzBmM2ZkNmFhMTY1MTcyMGQzMWVmMWMyYjA5MjI2MWZi
OTFiMDg1NzE4MzAyOTUwMWU0NDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNJ/lip5U9qc5Pxa/YO3GnwDBfNN2fi9YDZf/EM+hySu7L3+hewb0nvGhUA
OUN9uBI3QR/kx1V2DgY2xiaKlT/rDadCbnKKZjbqH/B4F0KqpvrYelX/TjuNJQDd
k0XbeX86MEzk50CetG47Dn5vndaNFeIgwksj5oJ+EK45X6ncLqVTEg9zUsYVEhTA
t7Fu15eEWbHZKWccOW1tPeI5H1L/Bu6ZdzJJAWLNVUqWzFt+r1R/A3FJEdXYGkTj
Da38sHwAElc3pGtvifcPiIvolVvMdhbV4/kwV+2IOfMQbTq/bq96pBh1nF1N6AlG
Kvyz2YEHXdMhbOpbNVD3cIyuS7sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS5IMb5
94G9jwhLVLqyzvifpVmWjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjZhNTNiM2YtZWI1NS00ODY5LWFjMWEtZjgzNTY5ZWU3MjhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSA
MA0GCSqGSIb3DQEBCwUAA4IBAQDGsWGyqAKn5XoxP9svRLfNeEGS2/84biVA3Td7
GctzMZh26Eit98QeJyxKM+CK8eYUvTnROLDTBLfD2htHDPHh+wnhV59b0EkJ44pA
YEET6r/LsUGFfd+eTag9MjfJnRuYJpmh3tx8babm+20FVCw6kw34qrvDE4eKZKhp
60hZSK4Vl0tk11fTyiJlL8Bb7sFTk/ptjuKx7Y4uqxSSAbTCtzOinBR3lTNdL3/I
VAKGfcPBzLog3H9DIPolt69/k9CkHyVMPQOjXUGB62NYKxkByfstKACme5f6m718
8ufd1o9gyAurhG/4qIgtPLy7ewOfk9dhuyOzv2m0qeVExPq4
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:36 2025 by rpki-client