Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67233a4e-590e-4497-a72c-fe940d42b798.roa
File: 67233a4e-590e-4497-a72c-fe940d42b798.roa (raw, json)
Hash identifier: Rc0bTkkwVTNmZOnrlcpS5rXvIWnGrGBORQnamx6slwQ=
Subject key identifier: 11:2E:29:E9:9F:99:91:07:22:4A:7C:98:EA:86:67:F2:5C:06:4C:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21F3B1D7FC651235B2E5ABE83F542BCB78BA7695
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67233a4e-590e-4497-a72c-fe940d42b798.roa
Signing time: Tue 05 Aug 2025 20:20:18 +0000
ROA not before: Tue 05 Aug 2025 20:20:18 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:f3:b1:d7:fc:65:12:35:b2:e5:ab:e8:3f:54:2b:cb:78:ba:76:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:20:18 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=7f17a9eeb72eb323fe4d65c796a2252d2c8b07eb38386011de9c0f689c94fec5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:17:3a:bb:62:15:09:18:6e:9d:67:06:7b:13:
b3:d8:d3:01:8d:29:96:a9:9f:50:e9:78:3d:bf:5c:
36:02:0f:cd:83:d6:28:12:f3:e3:4c:0b:43:a1:f5:
1a:21:a6:90:9e:a0:49:3b:cb:13:84:ae:a1:ae:28:
2d:41:f5:d9:e2:21:3a:92:90:5f:be:09:94:94:b3:
78:5f:9c:bd:f6:68:92:2f:e0:51:aa:10:4b:56:92:
1f:b5:a5:9d:7d:70:cb:9b:7f:37:35:ba:a9:91:01:
9b:80:93:16:47:00:80:a8:db:b8:65:85:c0:24:10:
4a:ab:8d:ca:4e:4c:c1:36:1c:70:87:99:ce:e9:15:
6e:60:78:a1:d7:23:f6:25:84:1d:04:14:49:ba:19:
db:20:0c:01:ac:36:c8:74:e7:e9:ab:97:8b:46:db:
2a:6d:d4:1d:b0:54:e1:9b:db:22:a6:1d:c9:d8:03:
9a:e4:15:c8:a1:a0:aa:9f:45:79:8e:ae:0e:5d:da:
1a:06:ab:40:47:b2:ea:30:18:0d:2f:08:c5:9f:d6:
c5:98:f6:88:56:01:e9:6b:b8:9d:2b:9e:36:49:36:
f5:33:7e:21:8b:3a:dc:52:68:a3:09:63:ea:1e:ab:
f6:a4:97:61:ef:8a:12:64:3a:24:4d:88:2f:36:a4:
8b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:2E:29:E9:9F:99:91:07:22:4A:7C:98:EA:86:67:F2:5C:06:4C:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67233a4e-590e-4497-a72c-fe940d42b798.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c::/32
Signature Algorithm: sha256WithRSAEncryption
72:44:2a:44:e1:ef:d5:27:c4:04:fe:e7:7e:1a:92:dd:3d:ef:
64:f1:cd:73:8e:ed:25:ce:3c:07:82:fa:87:d0:08:86:d7:a8:
2f:ba:d5:ed:6b:0a:d9:9d:7c:47:6d:62:c1:e5:e2:f7:ca:75:
8d:f4:1f:a4:4e:77:54:1a:8c:ba:6d:ff:28:96:36:54:6d:2e:
b5:1c:5a:b3:ce:c1:1e:f1:f4:70:ba:85:6f:6e:07:8f:78:36:
68:92:7e:18:98:52:99:ec:37:56:7b:36:5f:3a:aa:98:85:56:
93:21:f0:8c:44:b9:5f:51:d7:00:36:97:80:1f:a1:d3:1a:3a:
70:61:45:19:2a:51:2c:5d:45:13:04:bc:49:99:d6:21:38:d1:
a3:43:8f:49:f7:21:a2:f3:45:99:e4:22:35:c2:c9:af:17:7f:
cc:bd:59:13:d7:ae:71:0a:d7:77:2d:51:ef:bb:c0:88:80:e5:
68:bd:df:47:c2:d7:49:52:04:bc:e4:45:59:f0:5a:16:df:fa:
0e:14:d2:8e:6f:e8:38:4d:dc:2e:d2:ee:81:bf:6f:ba:5f:8c:
2b:27:a1:3f:52:c6:5d:08:90:84:63:a9:dd:68:83:1a:12:91:
0c:e0:52:7f:f8:29:49:de:8e:8e:8b:94:1e:c7:9d:77:5c:71:
71:e7:3c:12
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUIfOx1/xlEjWy5avoP1Qry3i6dpUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDIwMThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmMTdhOWVlYjcyZWIzMjNmZTRkNjVjNzk2YTIyNTJkMmM4YjA3ZWIzODM4
NjAxMWRlOWMwZjY4OWM5NGZlYzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4XOrtiFQkYbp1nBnsTs9jTAY0plqmfUOl4Pb9cNgIPzYPWKBLz40wLQ6H1
GiGmkJ6gSTvLE4Suoa4oLUH12eIhOpKQX74JlJSzeF+cvfZoki/gUaoQS1aSH7Wl
nX1wy5t/NzW6qZEBm4CTFkcAgKjbuGWFwCQQSquNyk5MwTYccIeZzukVbmB4odcj
9iWEHQQUSboZ2yAMAaw2yHTn6auXi0bbKm3UHbBU4ZvbIqYdydgDmuQVyKGgqp9F
eY6uDl3aGgarQEey6jAYDS8IxZ/WxZj2iFYB6Wu4nSueNkk29TN+IYs63FJoowlj
6h6r9qSXYe+KEmQ6JE2ILzaki8UCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQRLinp
n5mRByJKfJjqhmfyXAZMjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjcyMzNhNGUtNTkwZS00NDk3LWE3MmMtZmU5NDBkNDJiNzk4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hww
DQYJKoZIhvcNAQELBQADggEBAHJEKkTh79UnxAT+534akt0972TxzXOO7SXOPAeC
+ofQCIbXqC+61e1rCtmdfEdtYsHl4vfKdY30H6ROd1QajLpt/yiWNlRtLrUcWrPO
wR7x9HC6hW9uB494NmiSfhiYUpnsN1Z7Nl86qpiFVpMh8IxEuV9R1wA2l4AfodMa
OnBhRRkqUSxdRRMEvEmZ1iE40aNDj0n3IaLzRZnkIjXCya8Xf8y9WRPXrnEK13ct
Ue+7wIiA5Wi930fC10lSBLzkRVnwWhbf+g4U0o5v6DhN3C7S7oG/b7pfjCsnoT9S
xl0IkIRjqd1ogxoSkQzgUn/4KUnejo6LlB7HnXdccXHnPBI=
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:08 2025 by rpki-client