Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
File: 7116ef93-bff5-462e-a725-ae90147ffd39.roa (raw, json)
Hash identifier: +NbnuUHvQ9DWkuvAlJdtDVaO+PP4Ve43AUkBLvfAwFI=
Subject key identifier: 87:48:C4:A1:CD:BE:86:CE:48:EC:D2:A4:57:88:37:02:D6:E8:A4:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 233E3370DFDDAA423400214252F2387AD1892C3B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
Signing time: Tue 05 Aug 2025 19:11:24 +0000
ROA not before: Tue 05 Aug 2025 19:11:24 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:3e:33:70:df:dd:aa:42:34:00:21:42:52:f2:38:7a:d1:89:2c:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:11:24 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=5211b5010f77f309feb26dfea0867ffcf71d6e6ec9da2d793b775e1a415a461a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e9:8f:29:a2:f1:44:dd:b5:c7:e8:ed:f2:33:
76:5a:c0:ff:3a:10:6b:d6:3d:c6:94:c3:d8:bf:52:
fb:15:19:0c:dd:71:60:8a:75:30:84:83:15:84:a9:
15:31:fd:f5:20:89:f9:11:75:02:af:3a:9a:3c:7c:
51:77:47:03:c0:e9:a9:dd:3b:94:8a:4c:53:7e:8d:
af:e6:83:85:6d:0a:cf:35:43:e4:7d:e9:8a:e5:25:
73:04:f3:d5:7c:5f:56:a0:de:fe:60:a6:d4:88:1e:
ec:3c:ff:69:ed:91:af:de:90:b9:e3:92:e6:d0:31:
70:e8:b1:b3:0e:4a:21:d2:09:3b:08:9b:8b:af:27:
6d:51:e6:97:30:8f:ce:82:23:ca:18:7d:53:4f:7b:
9a:86:79:40:d1:1a:92:8f:fb:b9:ea:af:23:2b:a9:
b0:af:f3:5a:64:fa:a4:6e:7c:8f:ad:10:f9:e7:7d:
99:00:37:6c:6f:79:8d:eb:89:2e:c2:2e:39:c6:a7:
91:57:10:2c:70:d7:bf:46:f9:2d:16:13:20:18:02:
03:c1:2f:54:9a:67:2a:c6:e4:bc:3a:8e:0a:4d:22:
e9:94:d6:59:9d:b3:f1:4d:8f:86:d9:c9:b6:b3:73:
dc:f5:ef:dd:25:3f:3e:29:81:00:a7:8a:a7:dc:e1:
50:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:48:C4:A1:CD:BE:86:CE:48:EC:D2:A4:57:88:37:02:D6:E8:A4:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
82:46:31:1b:54:9c:68:7b:a2:57:bb:89:c2:37:12:d0:50:6b:
dc:9c:a4:1f:5d:68:9b:e8:6d:c3:af:87:f2:00:1a:96:e6:99:
cc:23:19:0b:08:1e:ac:18:16:70:7d:a1:d9:52:f0:0e:c7:a0:
eb:d9:35:f9:f8:ca:31:cf:15:9b:10:ef:69:4f:1f:b9:25:06:
25:f6:aa:50:9e:45:97:72:30:01:4e:9a:17:cf:72:d9:08:34:
19:54:00:bb:aa:d3:68:b2:63:b4:df:d7:d9:65:60:a7:1a:52:
53:21:27:06:26:9a:09:1a:82:bc:08:e5:46:ed:d5:14:a1:db:
de:be:7f:ea:8f:8e:7e:ff:b2:06:93:0e:ba:3a:1c:1f:4f:0f:
d3:7e:04:f1:0d:54:05:2c:59:63:d8:95:96:96:b4:d1:96:c9:
6f:85:00:12:97:b7:97:9b:5c:aa:d9:11:f2:ed:fb:b8:56:4a:
5b:86:ed:41:3a:b2:9b:55:e4:04:b3:5c:10:8e:39:f8:29:d9:
0d:2b:c2:06:0b:6b:df:c5:4f:a0:7b:98:0b:97:40:77:e8:37:
c3:d0:a6:2f:44:11:60:91:2f:2c:87:d5:32:09:08:9c:18:bf:
94:1c:5c:2e:fb:68:ac:a6:90:c9:73:c3:f5:eb:01:32:4b:d1:
4c:04:bd:a4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIz4zcN/dqkI0ACFCUvI4etGJLDswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTExMjRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyMTFiNTAxMGY3N2YzMDlmZWIyNmRmZWEwODY3ZmZjZjcxZDZlNmVjOWRh
MmQ3OTNiNzc1ZTFhNDE1YTQ2MWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3pjymi8UTdtcfo7fIzdlrA/zoQa9Y9xpTD2L9S+xUZDN1xYIp1MISDFYSp
FTH99SCJ+RF1Aq86mjx8UXdHA8Dpqd07lIpMU36Nr+aDhW0KzzVD5H3piuUlcwTz
1XxfVqDe/mCm1Ige7Dz/ae2Rr96QueOS5tAxcOixsw5KIdIJOwibi68nbVHmlzCP
zoIjyhh9U097moZ5QNEako/7ueqvIyupsK/zWmT6pG58j60Q+ed9mQA3bG95jeuJ
LsIuOcankVcQLHDXv0b5LRYTIBgCA8EvVJpnKsbkvDqOCk0i6ZTWWZ2z8U2PhtnJ
trNz3PXv3SU/PimBAKeKp9zhULcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSHSMSh
zb6Gzkjs0qRXiDcC1uikrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzExNmVmOTMtYmZmNS00NjJlLWE3MjUtYWU5MDE0N2ZmZDM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
wDANBgkqhkiG9w0BAQsFAAOCAQEAgkYxG1ScaHuiV7uJwjcS0FBr3JykH11om+ht
w6+H8gAaluaZzCMZCwgerBgWcH2h2VLwDseg69k1+fjKMc8VmxDvaU8fuSUGJfaq
UJ5Fl3IwAU6aF89y2Qg0GVQAu6rTaLJjtN/X2WVgpxpSUyEnBiaaCRqCvAjlRu3V
FKHb3r5/6o+Ofv+yBpMOujocH08P034E8Q1UBSxZY9iVlpa00ZbJb4UAEpe3l5tc
qtkR8u37uFZKW4btQTqym1XkBLNcEI45+CnZDSvCBgtr38VPoHuYC5dAd+g3w9Cm
L0QRYJEvLIfVMgkInBi/lBxcLvtorKaQyXPD9esBMkvRTAS9pA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:07:05 2025 by rpki-client