Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
File: 79440387-66a3-4852-a94b-8a3250f20726.roa (raw, json)
Hash identifier: ICVtyXRJt+hlmms4CUqs2NOXdNOkJnipKEd3d+DpwHQ=
Subject key identifier: CD:38:E1:AB:89:42:11:4E:8D:C3:47:B9:8D:EE:FD:E6:BC:72:FE:42
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A998FC134DCB026B87D83C4E50FD180D7DA97
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
Signing time: Tue 05 Aug 2025 18:40:20 +0000
ROA not before: Tue 05 Aug 2025 18:40:20 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:99:8f:c1:34:dc:b0:26:b8:7d:83:c4:e5:0f:d1:80:d7:da:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:40:20 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=815adf9706c1e57178981ea9a38e8d6041e5b2516e7c4c44cf543b4710fd86a5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ed:ab:ab:72:01:ac:9b:28:a3:41:9d:e3:5f:
75:36:8e:be:32:18:ea:5f:62:9f:28:27:7e:8b:cd:
b4:f8:9e:51:2e:10:7c:87:e7:c8:dc:e2:77:97:f3:
a4:69:35:67:75:61:93:99:fe:12:77:ea:aa:31:4c:
b6:1d:51:8c:d3:32:9e:7f:97:7c:b6:c4:8a:c8:ac:
8c:8e:c7:0b:d4:a3:19:80:90:6e:fe:87:67:e3:fe:
59:88:e1:f0:d8:28:9c:2b:c2:3e:d2:a7:83:09:89:
91:52:d3:d2:c1:ba:59:c6:39:36:bd:0a:1b:3a:65:
0c:a9:af:52:e2:88:a2:0e:f3:fd:44:5c:f9:bd:0b:
63:d4:6d:c5:46:9b:76:94:5a:a5:71:1e:e5:da:c2:
a9:05:ff:ca:d4:24:a4:32:f0:50:28:f6:e8:6d:7b:
ac:76:76:a1:df:46:52:79:0e:e4:e4:9a:c6:ba:d0:
31:54:8b:5a:42:1b:e4:38:80:8c:fa:52:02:ae:02:
45:01:a4:e7:80:9e:e2:36:73:64:93:73:bb:7d:62:
02:75:07:0d:79:77:05:0a:19:bd:89:57:ba:50:84:
00:d3:cf:8f:e8:78:09:38:81:b2:9d:03:76:7b:da:
cf:9e:5e:33:b5:e1:42:3d:ea:de:94:9d:54:b6:84:
c6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:38:E1:AB:89:42:11:4E:8D:C3:47:B9:8D:EE:FD:E6:BC:72:FE:42
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a040::/48
Signature Algorithm: sha256WithRSAEncryption
45:00:da:cc:86:61:7b:f1:05:9d:76:f2:fb:6e:fa:20:9d:a1:
a0:2f:69:b7:5d:b3:4a:11:59:71:cd:4a:c4:96:49:a4:5c:90:
04:9b:f0:87:b4:fc:f5:69:83:d7:24:de:6c:79:67:5d:69:5b:
2e:18:75:24:c5:e0:57:55:43:d9:48:e5:ae:dd:12:b1:5f:58:
58:ed:41:15:cc:91:57:a8:93:11:d9:1d:68:38:1a:cb:4d:e2:
55:3b:46:81:b2:40:9a:fe:63:47:3b:72:36:70:13:b4:09:ab:
29:ba:cd:96:ee:8e:92:62:f8:a2:9a:27:cc:ef:e1:ab:6c:c7:
63:40:bc:64:71:05:4a:ac:f9:24:27:41:21:4b:e6:84:b1:22:
f3:03:99:66:b2:ab:94:95:f0:9d:3b:f7:15:1f:01:61:e8:bd:
32:43:9f:64:66:40:b4:bf:f2:7e:92:1c:c8:00:0e:71:56:72:
71:30:7c:aa:fc:66:83:94:0c:30:ee:a4:bd:43:4d:83:30:29:
fe:14:53:fc:4e:c1:73:1c:3b:d4:88:ed:cd:41:2b:5d:3c:43:
90:f0:c1:cd:fc:5c:1f:91:f4:1a:e7:33:44:94:f9:c6:91:dc:
f5:da:f6:5b:34:a8:f3:76:47:15:99:dc:9a:23:69:31:24:a9:
1d:ff:fc:c3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgITGpmPwTTcsCa4fYPE5Q/RgNfalzANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDgwNTE4NDAyMFoXDTI1MDkwOTIzNTk1OVowejFJMEcGA1UE
BRNAODE1YWRmOTcwNmMxZTU3MTc4OTgxZWE5YTM4ZThkNjA0MWU1YjI1MTZlN2M0
YzQ0Y2Y1NDNiNDcxMGZkODZhNTEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3u2rq3IBrJsoo0Gd4191No6+MhjqX2KfKCd+i820+J5RLhB8h+fI3OJ3l/Ok
aTVndWGTmf4Sd+qqMUy2HVGM0zKef5d8tsSKyKyMjscL1KMZgJBu/odn4/5ZiOHw
2CicK8I+0qeDCYmRUtPSwbpZxjk2vQobOmUMqa9S4oiiDvP9RFz5vQtj1G3FRpt2
lFqlcR7l2sKpBf/K1CSkMvBQKPbobXusdnah30ZSeQ7k5JrGutAxVItaQhvkOICM
+lICrgJFAaTngJ7iNnNkk3O7fWICdQcNeXcFChm9iVe6UIQA08+P6HgJOIGynQN2
e9rPnl4zteFCPerelJ1UtoTGKQIDAQABo4ICJDCCAiAwHQYDVR0OBBYEFM044auJ
QhFOjcNHuY3u/ea8cv5CMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC83
OTQ0MDM4Ny02NmEzLTQ4NTItYTk0Yi04YTMyNTBmMjA3MjYucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgXQf6BA
MA0GCSqGSIb3DQEBCwUAA4IBAQBFANrMhmF78QWddvL7bvognaGgL2m3XbNKEVlx
zUrElkmkXJAEm/CHtPz1aYPXJN5seWddaVsuGHUkxeBXVUPZSOWu3RKxX1hY7UEV
zJFXqJMR2R1oOBrLTeJVO0aBskCa/mNHO3I2cBO0Caspus2W7o6SYviimifM7+Gr
bMdjQLxkcQVKrPkkJ0EhS+aEsSLzA5lmsquUlfCdO/cVHwFh6L0yQ59kZkC0v/J+
khzIAA5xVnJxMHyq/GaDlAww7qS9Q02DMCn+FFP8TsFzHDvUiO3NQStdPEOQ8MHN
/FwfkfQa5zNElPnGkdz12vZbNKjzdkcVmdyaI2kxJKkd//zD
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:05:06 2025 by rpki-client