Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
File: 76a60505-d74d-4741-a42e-97a09bb6b2a1.roa (raw, json)
Hash identifier: 2/sOHk815s909Z8bhlVpkEunfmX7AcLSTKllplnWYZ0=
Subject key identifier: 8F:CE:2C:59:21:5F:5A:9E:4C:47:40:D7:9F:A9:06:F7:59:1C:D3:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3506F5E8750611C24A93C608CCF14E21D61FF04E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
Signing time: Tue 05 Aug 2025 19:10:08 +0000
ROA not before: Tue 05 Aug 2025 19:10:08 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:06:f5:e8:75:06:11:c2:4a:93:c6:08:cc:f1:4e:21:d6:1f:f0:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:10:08 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=9ec501567c6d08a63297980e9ea23f73f89a6cd55425bc63825dd931c9c450f3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:46:fc:41:31:2f:17:ff:e7:e4:8b:65:2b:b4:
b5:58:ef:46:0d:5f:f0:dc:c9:ae:4b:ba:db:f9:8a:
03:17:5c:cc:2a:f5:8c:c1:9c:50:8a:31:2f:03:25:
b9:a7:c3:20:a0:37:83:1d:24:35:80:f7:3d:3f:96:
a2:98:75:68:e9:d1:28:0c:75:af:14:54:05:bf:71:
ba:70:02:f0:45:33:e0:c2:b9:f6:79:1e:d5:5e:1c:
c6:de:f2:f7:00:67:86:a3:9e:0d:c4:3b:bf:cf:70:
c9:9e:f6:26:73:07:85:c2:11:95:57:d4:7b:0f:56:
c8:20:3d:49:0a:d5:25:6d:ee:b6:01:40:a3:77:a8:
4e:de:e0:59:30:3d:6a:55:ab:3f:e9:06:46:79:7e:
6f:d3:8e:27:50:17:ed:3e:43:48:83:19:ee:bf:68:
f5:ee:09:89:0f:47:58:93:cd:aa:1f:ac:6e:50:f9:
11:fe:49:28:1b:f2:10:75:62:67:58:b2:fc:94:c9:
70:6c:94:c2:bc:71:7c:4d:07:16:90:31:46:54:65:
07:14:7e:9a:4f:2d:ae:9e:db:bc:9d:c0:10:72:d1:
94:9e:81:8e:39:56:9a:70:c1:1b:30:ab:71:47:67:
a0:f9:89:c0:a7:92:23:8a:6a:a3:bc:c9:f3:06:88:
ff:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:CE:2C:59:21:5F:5A:9E:4C:47:40:D7:9F:A9:06:F7:59:1C:D3:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8080::/48
Signature Algorithm: sha256WithRSAEncryption
35:a5:96:df:8d:98:be:cf:ed:78:71:a0:3a:c8:11:48:13:1a:
d1:92:ff:11:cb:30:17:91:c9:d7:fd:98:0b:f9:e7:7f:29:c8:
da:55:eb:cc:ef:92:b9:3d:e8:fb:88:79:89:20:df:a6:d1:6e:
94:d3:20:57:8f:82:81:cb:5f:45:63:91:b2:f0:6c:8f:1a:e1:
65:a4:11:f3:46:c8:f9:1d:a1:30:6d:1c:ce:16:f2:94:21:15:
84:7e:89:e4:2b:82:a0:57:a6:89:be:11:49:61:3f:fa:2e:12:
0e:8d:14:23:1b:f9:77:04:8b:89:d7:8e:2e:76:bb:00:7a:14:
dc:59:ee:97:d2:64:81:2f:e2:97:3f:9e:3e:b8:b7:ea:fb:d7:
5e:e4:29:84:1f:a4:d7:76:81:29:6d:3b:d7:ef:5e:e5:ee:61:
14:b6:df:f0:f5:7c:38:bd:1f:c7:0a:35:45:94:7e:73:ad:92:
4f:c4:c7:b5:c7:ba:99:21:97:ca:17:52:d9:36:bd:c0:f1:31:
14:46:85:9f:6c:2b:aa:9a:49:78:95:2d:eb:67:a7:4b:13:6c:
b5:cd:92:5a:61:81:5a:4e:75:1a:de:31:e1:f8:35:2f:04:38:
05:50:46:f7:7b:60:0a:71:8e:44:56:f4:73:b3:6e:62:f6:bc:
0e:f2:92:c0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNQb16HUGEcJKk8YIzPFOIdYf8E4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTEwMDhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDllYzUwMTU2N2M2ZDA4YTYzMjk3OTgwZTllYTIzZjczZjg5YTZjZDU1NDI1
YmM2MzgyNWRkOTMxYzljNDUwZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANtG/EExLxf/5+SLZSu0tVjvRg1f8NzJrku62/mKAxdczCr1jMGcUIoxLwMl
uafDIKA3gx0kNYD3PT+Woph1aOnRKAx1rxRUBb9xunAC8EUz4MK59nke1V4cxt7y
9wBnhqOeDcQ7v89wyZ72JnMHhcIRlVfUew9WyCA9SQrVJW3utgFAo3eoTt7gWTA9
alWrP+kGRnl+b9OOJ1AX7T5DSIMZ7r9o9e4JiQ9HWJPNqh+sblD5Ef5JKBvyEHVi
Z1iy/JTJcGyUwrxxfE0HFpAxRlRlBxR+mk8trp7bvJ3AEHLRlJ6BjjlWmnDBGzCr
cUdnoPmJwKeSI4pqo7zJ8waI/38CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSPzixZ
IV9ankxHQNefqQb3WRzT/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzZhNjA1MDUtZDc0ZC00NzQxLWE0MmUtOTdhMDliYjZiMmExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
gDANBgkqhkiG9w0BAQsFAAOCAQEANaWW342Yvs/teHGgOsgRSBMa0ZL/EcswF5HJ
1/2YC/nnfynI2lXrzO+SuT3o+4h5iSDfptFulNMgV4+CgctfRWORsvBsjxrhZaQR
80bI+R2hMG0czhbylCEVhH6J5CuCoFemib4RSWE/+i4SDo0UIxv5dwSLideOLna7
AHoU3Fnul9JkgS/ilz+ePri36vvXXuQphB+k13aBKW071+9e5e5hFLbf8PV8OL0f
xwo1RZR+c62ST8THtce6mSGXyhdS2Ta9wPExFEaFn2wrqppJeJUt62enSxNstc2S
WmGBWk51Gt4x4fg1LwQ4BVBG93tgCnGORFb0c7NuYva8DvKSwA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:46 2025 by rpki-client