Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
File: 68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa (raw, json)
Hash identifier: kCg01sx+eVI4PMwEblmUsd+qyW50az41+iqF1l1LAgk=
Subject key identifier: C0:1B:4A:13:51:E0:30:37:77:D1:F2:2A:43:09:27:BA:5A:56:DD:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C6439F1DEAD0EB81BC9C866C892BC98EB2A704F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
Signing time: Fri 15 Aug 2025 15:40:46 +0000
ROA not before: Fri 15 Aug 2025 15:40:46 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:64:39:f1:de:ad:0e:b8:1b:c9:c8:66:c8:92:bc:98:eb:2a:70:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:40:46 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=a16d4df0c8272f3f350f6626345562508ec6a0b79a37227326c95e12fd736a66, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e7:50:15:44:6a:1a:f3:08:8d:2c:62:a0:a5:
25:8a:b6:64:4b:b6:20:d3:5d:31:c6:c6:88:af:f4:
6f:57:81:d4:42:83:6c:3e:46:e1:23:6e:62:2b:73:
8e:94:7e:53:32:7f:9f:6c:5c:bd:40:19:50:10:eb:
0a:b7:c3:db:f4:0e:cc:66:1e:c6:5e:49:43:ce:65:
22:74:05:c6:9e:fb:5c:d0:33:09:0a:db:a4:db:79:
1a:3c:c7:7f:08:04:17:a6:4a:f1:9f:d2:48:64:f7:
8b:f1:7b:3a:c7:20:cc:0f:8d:4b:19:8d:f5:36:fe:
67:6a:85:60:77:5b:67:e1:7d:e7:b2:11:2c:a7:9b:
12:a4:7f:b6:08:da:3e:95:4f:a5:1b:1f:f9:2b:e8:
71:04:1a:c4:fb:e7:bd:4e:fc:be:ec:a8:c8:d7:1e:
57:1a:eb:05:0e:da:90:d7:d5:6b:17:6c:75:34:4c:
34:91:54:22:76:08:c3:f8:db:98:63:2d:48:d1:3b:
7b:b1:5b:fb:f8:6e:e7:1f:b0:2b:47:07:8c:d8:de:
c3:12:49:8f:d1:8c:a3:0a:af:40:90:ca:03:22:84:
d2:71:0b:a1:a0:87:3f:1f:3d:f3:94:4c:66:55:19:
ec:86:fc:eb:5e:e9:e6:ab:30:7c:03:ce:c2:71:ab:
88:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:1B:4A:13:51:E0:30:37:77:D1:F2:2A:43:09:27:BA:5A:56:DD:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c000::/40
Signature Algorithm: sha256WithRSAEncryption
89:74:fa:71:0f:b7:79:48:28:39:2a:62:9a:c2:17:5d:24:a6:
5a:8b:b0:35:c8:6f:f0:62:40:34:05:1c:1b:77:26:3e:ff:a4:
80:76:88:3e:bd:74:0c:3e:6d:e6:a1:3d:5c:a7:00:5c:93:59:
20:87:22:f7:95:68:97:82:60:58:cd:b9:7c:08:82:63:5e:60:
22:72:f8:3b:64:76:e1:58:9c:66:39:bb:f4:d8:cc:b1:6d:92:
28:6f:e7:51:32:eb:91:84:1e:84:5a:d9:e9:f3:6a:3e:3e:3d:
6a:a9:0a:b9:55:f9:91:90:96:85:17:38:f3:89:45:8e:92:52:
81:72:28:f0:03:b1:06:23:89:53:e5:55:cc:2f:56:ce:02:84:
b4:41:b6:f4:ba:e6:39:41:7b:e2:53:f5:f8:2b:b3:8b:8c:8e:
74:7c:26:e3:99:a3:60:55:ef:19:5c:41:05:83:07:31:28:2b:
97:a9:2d:40:3f:3b:0c:50:53:32:7d:c1:bd:2b:3d:f7:00:60:
08:a8:4e:2e:a7:9f:41:eb:28:b3:f5:85:d1:89:25:8b:3a:ed:
ee:9e:cd:3d:8f:0f:85:55:2f:11:2b:26:ba:36:bd:ba:18:7d:
74:0b:bb:d8:ca:66:aa:12:ee:86:2c:9b:11:0c:6d:9c:2b:2e:
94:f9:c1:67
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfGQ58d6tDrgbychmyJK8mOsqcE8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTQwNDZaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGExNmQ0ZGYwYzgyNzJmM2YzNTBmNjYyNjM0NTU2MjUwOGVjNmEwYjc5YTM3
MjI3MzI2Yzk1ZTEyZmQ3MzZhNjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnnUBVEahrzCI0sYqClJYq2ZEu2INNdMcbGiK/0b1eB1EKDbD5G4SNuYitz
jpR+UzJ/n2xcvUAZUBDrCrfD2/QOzGYexl5JQ85lInQFxp77XNAzCQrbpNt5GjzH
fwgEF6ZK8Z/SSGT3i/F7OscgzA+NSxmN9Tb+Z2qFYHdbZ+F957IRLKebEqR/tgja
PpVPpRsf+SvocQQaxPvnvU78vuyoyNceVxrrBQ7akNfVaxdsdTRMNJFUInYIw/jb
mGMtSNE7e7Fb+/hu5x+wK0cHjNjewxJJj9GMowqvQJDKAyKE0nELoaCHPx8985RM
ZlUZ7Ib8617p5qswfAPOwnGriBECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTAG0oT
UeAwN3fR8ipDCSe6WlbdkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhiNmZkM2UtZTA2Yy00NDU2LWJkODgtNmU4ZDljZTkyYjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HLA
MA0GCSqGSIb3DQEBCwUAA4IBAQCJdPpxD7d5SCg5KmKawhddJKZai7A1yG/wYkA0
BRwbdyY+/6SAdog+vXQMPm3moT1cpwBck1kghyL3lWiXgmBYzbl8CIJjXmAicvg7
ZHbhWJxmObv02MyxbZIob+dRMuuRhB6EWtnp82o+Pj1qqQq5VfmRkJaFFzjziUWO
klKBcijwA7EGI4lT5VXML1bOAoS0Qbb0uuY5QXviU/X4K7OLjI50fCbjmaNgVe8Z
XEEFgwcxKCuXqS1APzsMUFMyfcG9Kz33AGAIqE4up59B6yiz9YXRiSWLOu3uns09
jw+FVS8RKya6Nr26GH10C7vYymaqEu6GLJsRDG2cKy6U+cFn
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:55:22 2025 by rpki-client