Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
File: 67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa (raw, json)
Hash identifier: kjN38Tu9LpHIma3d4jE9+24Ck72fR5ZeVfgBl3ehIzo=
Subject key identifier: 6E:66:B0:8A:E9:62:DD:06:22:67:55:F4:D7:79:EE:7E:A7:E5:93:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16E40EA649DECB54CD1A40E4F40199A9D104014E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
Signing time: Fri 22 Aug 2025 15:11:16 +0000
ROA not before: Fri 22 Aug 2025 15:11:16 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:e4:0e:a6:49:de:cb:54:cd:1a:40:e4:f4:01:99:a9:d1:04:01:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:11:16 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=f523a510a86dbcb8556dde08bc6711adb6916a828772c5e23805fd8f3fe3ea4f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6a:b3:fe:9f:f3:bb:78:06:ff:06:e5:14:20:
41:70:6b:77:5c:fd:7c:c5:10:6f:6c:99:e7:7e:9f:
31:69:f4:61:fd:4a:1c:65:94:12:08:34:c0:cd:1c:
40:60:c8:48:78:ab:aa:07:7f:57:8e:f5:5f:fd:2c:
8d:92:f9:d5:e5:65:8d:70:2b:28:4f:09:81:69:e3:
48:4b:7f:68:e1:93:cc:ad:b6:c9:24:58:3d:e1:46:
3c:2d:58:a7:28:0c:5f:de:94:b7:ec:aa:10:bd:95:
22:9d:63:09:76:73:cc:7e:e1:63:f9:d3:1d:0e:be:
cd:29:2e:5d:b7:f1:b6:ad:da:4d:94:17:71:73:1f:
30:b6:19:35:4e:58:92:b8:ee:ee:89:9e:8f:d4:a0:
3b:e6:94:91:c0:f2:ee:ef:db:12:e1:f6:68:ea:01:
19:d5:e7:b6:77:e2:a9:14:ea:02:d4:aa:ac:98:ba:
b9:31:e6:5c:4e:82:cc:6a:89:fd:29:5c:00:ad:0a:
3b:48:70:e7:63:58:75:63:8f:6a:fa:6e:e7:b7:e2:
6b:e4:d2:bc:76:68:16:59:d3:3f:a7:0e:27:bd:c3:
22:94:ca:74:bc:fc:9d:02:24:f0:95:5b:f0:36:9d:
07:1c:83:42:98:1f:ef:50:30:4b:c2:f4:8c:a5:df:
05:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:66:B0:8A:E9:62:DD:06:22:67:55:F4:D7:79:EE:7E:A7:E5:93:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:6000::/40
Signature Algorithm: sha256WithRSAEncryption
8f:92:04:5f:0c:43:00:05:ed:5e:ce:76:f2:b1:89:a5:8f:ce:
ee:bb:c9:29:32:7b:3a:93:73:7f:49:6e:4b:9e:a8:71:66:27:
35:8d:58:93:41:06:6d:bd:f6:98:1a:4d:2b:da:2f:8e:f0:3f:
ce:fa:ac:3e:3d:3f:8c:84:c5:f4:89:3a:2f:72:8c:90:c3:2c:
86:6a:3c:66:3c:73:42:ef:c8:69:f8:a4:94:da:e6:98:96:59:
67:bc:f7:ed:08:37:4f:72:cd:56:df:94:08:7f:b7:21:82:48:
ac:a4:17:c8:49:c4:c5:69:ed:5e:d7:29:88:9a:d9:68:9c:09:
42:c1:21:f0:b9:a2:d0:02:a6:34:d3:49:76:58:a2:1c:83:87:
c6:09:ca:b0:13:3a:47:79:1a:ea:43:0e:ee:20:21:d2:45:36:
ba:e9:a6:c9:32:01:e1:93:9a:3d:8d:71:40:af:88:7d:0f:9b:
54:25:0a:db:77:87:a5:60:09:52:c6:80:3c:e5:7d:59:8a:95:
56:18:3d:9f:34:23:b4:a6:c7:c2:59:03:66:bb:df:02:e3:f7:
4a:2c:02:bf:95:40:70:13:4a:cb:70:f5:75:37:b8:ad:bd:e3:
3f:6a:8f:ef:20:e1:a1:06:bf:26:c2:5b:1a:07:3d:04:dc:98:
8f:04:e0:35
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFuQOpkney1TNGkDk9AGZqdEEAU4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTExMTZaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1MjNhNTEwYTg2ZGJjYjg1NTZkZGUwOGJjNjcxMWFkYjY5MTZhODI4Nzcy
YzVlMjM4MDVmZDhmM2ZlM2VhNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5qs/6f87t4Bv8G5RQgQXBrd1z9fMUQb2yZ536fMWn0Yf1KHGWUEgg0wM0c
QGDISHirqgd/V471X/0sjZL51eVljXArKE8JgWnjSEt/aOGTzK22ySRYPeFGPC1Y
pygMX96Ut+yqEL2VIp1jCXZzzH7hY/nTHQ6+zSkuXbfxtq3aTZQXcXMfMLYZNU5Y
krju7omej9SgO+aUkcDy7u/bEuH2aOoBGdXntnfiqRTqAtSqrJi6uTHmXE6CzGqJ
/SlcAK0KO0hw52NYdWOPavpu57fia+TSvHZoFlnTP6cOJ73DIpTKdLz8nQIk8JVb
8DadBxyDQpgf71AwS8L0jKXfBdcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRuZrCK
6WLdBiJnVfTXee5+p+WTSDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjdhOTE5MTAtYTU3Yy00YTA0LThkN2ItNDA0YmNkNWZlY2YyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBg
MA0GCSqGSIb3DQEBCwUAA4IBAQCPkgRfDEMABe1eznbysYmlj87uu8kpMns6k3N/
SW5LnqhxZic1jViTQQZtvfaYGk0r2i+O8D/O+qw+PT+MhMX0iTovcoyQwyyGajxm
PHNC78hp+KSU2uaYlllnvPftCDdPcs1W35QIf7chgkispBfIScTFae1e1ymImtlo
nAlCwSHwuaLQAqY000l2WKIcg4fGCcqwEzpHeRrqQw7uICHSRTa66abJMgHhk5o9
jXFAr4h9D5tUJQrbd4elYAlSxoA85X1ZipVWGD2fNCO0psfCWQNmu98C4/dKLAK/
lUBwE0rLcPV1N7itveM/ao/vIOGhBr8mwlsaBz0E3JiPBOA1
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:44:44 2025 by rpki-client