Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa
File: 70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa (raw, json)
Hash identifier: ksuPccJF9/p+KPYPJIy9blb3uyfZ/LHKcMf03ebgsJs=
Subject key identifier: 27:C9:DD:42:C0:1C:08:4E:7C:6F:1C:D5:D8:39:76:D2:A5:71:5E:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03A895605A9B99D5505C50DC5D9D4B2843010D99
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa
Signing time: Tue 05 Aug 2025 19:41:13 +0000
ROA not before: Tue 05 Aug 2025 19:41:13 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:a8:95:60:5a:9b:99:d5:50:5c:50:dc:5d:9d:4b:28:43:01:0d:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:41:13 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=ae62cbac281305ca88cf9bec2694392d0f2f3c58e2b3e74b77aa9e7f9322853f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c4:01:40:1d:92:69:0f:19:3f:90:3d:a7:3f:
1b:ae:6a:48:8d:21:23:c4:fe:d3:5a:5d:d9:4d:99:
43:d5:f9:75:88:dc:d4:5e:c1:de:86:de:ea:c8:f4:
1f:0b:82:78:47:91:97:ae:9a:d9:e6:23:b7:61:9a:
97:f3:a2:0e:23:6e:ec:c8:02:2d:4a:8d:4d:ea:69:
08:c1:4f:79:f7:68:ec:a6:6b:21:43:eb:1e:36:28:
e5:56:b3:94:c1:42:e8:7d:13:1e:98:0f:8b:11:38:
3b:86:a2:96:4a:45:e9:03:78:6f:36:74:69:93:aa:
84:e5:9c:37:ed:e9:77:24:14:fe:20:1e:51:ad:b9:
03:d4:11:f4:a9:4f:1d:6d:6b:8c:c0:27:4e:75:89:
9f:a0:39:06:d3:82:6a:c8:c1:01:44:31:32:c0:32:
9a:4c:dc:d0:01:f3:e4:54:d1:fd:a7:fa:93:f5:ba:
e4:15:57:89:b7:25:71:83:65:00:4a:bf:0d:b1:12:
66:bb:ed:3a:c0:96:fd:0a:fa:08:72:41:a8:56:8b:
f0:26:30:66:47:a2:db:5d:a2:c0:1e:ae:da:09:f2:
60:2e:69:9f:12:b4:12:bd:f0:d5:da:64:80:f6:d6:
02:4b:cf:c2:11:af:3e:88:3d:7e:2e:87:b1:5c:6b:
88:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:C9:DD:42:C0:1C:08:4E:7C:6F:1C:D5:D8:39:76:D2:A5:71:5E:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:5000::/40
Signature Algorithm: sha256WithRSAEncryption
0a:fb:79:5f:db:bd:02:71:1f:e0:01:e7:a6:a1:4c:d2:f8:b1:
7a:6b:84:fe:fa:29:54:0c:f4:81:da:9c:99:42:e8:09:3c:20:
93:52:2a:c4:33:e0:12:45:70:9a:bf:1c:fe:13:95:ac:d2:c9:
6b:21:d4:bc:35:c7:ee:b6:dd:6d:81:51:2e:e5:c6:4e:b2:45:
13:1e:1b:60:45:fa:a4:d0:23:ce:0d:70:fb:46:78:cb:dd:14:
b1:74:fc:2f:bf:5d:f3:88:65:80:3b:97:0f:40:d9:ab:2d:55:
85:95:1c:bb:1e:b6:7e:a1:04:29:d4:69:bd:7c:b5:5e:68:53:
30:2a:6c:47:7c:df:6a:84:1d:9d:59:1e:56:b2:8f:d7:cd:74:
4f:52:04:14:2a:a9:3a:7a:b4:c4:6f:eb:01:d8:34:f8:72:fc:
7f:7a:14:90:30:a7:6c:a2:bf:c7:2c:86:0d:4c:75:a5:7d:18:
d1:ff:fe:7b:f0:83:02:f0:99:02:5d:00:09:3a:ab:be:76:40:
21:b4:0e:88:77:71:8e:3f:d5:58:23:77:95:4d:1b:6f:ec:bb:
a3:09:5a:0f:73:99:12:f1:ab:24:aa:1f:7c:d3:9e:fe:11:da:
f5:a1:f1:01:06:af:4a:52:3d:d4:6f:2f:bf:b1:8a:88:4b:7d:
46:16:52:ee
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUA6iVYFqbmdVQXFDcXZ1LKEMBDZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQxMTNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlNjJjYmFjMjgxMzA1Y2E4OGNmOWJlYzI2OTQzOTJkMGYyZjNjNThlMmIz
ZTc0Yjc3YWE5ZTdmOTMyMjg1M2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3EAUAdkmkPGT+QPac/G65qSI0hI8T+01pd2U2ZQ9X5dYjc1F7B3obe6sj0
HwuCeEeRl66a2eYjt2Gal/OiDiNu7MgCLUqNTeppCMFPefdo7KZrIUPrHjYo5Vaz
lMFC6H0THpgPixE4O4ailkpF6QN4bzZ0aZOqhOWcN+3pdyQU/iAeUa25A9QR9KlP
HW1rjMAnTnWJn6A5BtOCasjBAUQxMsAymkzc0AHz5FTR/af6k/W65BVXibclcYNl
AEq/DbESZrvtOsCW/Qr6CHJBqFaL8CYwZkei212iwB6u2gnyYC5pnxK0Er3w1dpk
gPbWAkvPwhGvPog9fi6HsVxriOECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQnyd1C
wBwITnxvHNXYOXbSpXFeAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzBkOWIzMmQtNmRiMy00OTcxLWJkYjQtZTVkZDI1MWY2NzA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAK+3lf270CcR/gAeemoUzS+LF6a4T++ilUDPSB
2pyZQugJPCCTUirEM+ASRXCavxz+E5Ws0slrIdS8Ncfutt1tgVEu5cZOskUTHhtg
Rfqk0CPODXD7RnjL3RSxdPwvv13ziGWAO5cPQNmrLVWFlRy7HrZ+oQQp1Gm9fLVe
aFMwKmxHfN9qhB2dWR5Wso/XzXRPUgQUKqk6erTEb+sB2DT4cvx/ehSQMKdsor/H
LIYNTHWlfRjR//578IMC8JkCXQAJOqu+dkAhtA6Id3GOP9VYI3eVTRtv7LujCVoP
c5kS8askqh98057+Edr1ofEBBq9KUj3Uby+/sYqIS31GFlLu
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:07:07 2025 by rpki-client