Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde339d-568f-4b5b-98d4-9eca268d8a43.roa
File: 7cde339d-568f-4b5b-98d4-9eca268d8a43.roa (raw, json)
Hash identifier: uS0Dpzbbnzmmf1ZZT4A89r1yUX6JGLSWMUPX/gaZb8c=
Subject key identifier: 1F:BA:B9:A1:00:D7:B7:F8:88:FE:D0:68:FB:CA:3C:16:DA:5B:DC:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36D762B7933E9170DDC799C8FF62D7A8F4B1F951
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde339d-568f-4b5b-98d4-9eca268d8a43.roa
Signing time: Tue 19 Aug 2025 16:50:14 +0000
ROA not before: Tue 19 Aug 2025 16:50:14 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:d7:62:b7:93:3e:91:70:dd:c7:99:c8:ff:62:d7:a8:f4:b1:f9:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:14 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=5e3e7a38751e455792a0d85b94477e33dabc4cb179c305ae133779cadf42866d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1c:4d:bc:f6:90:4c:9f:59:a7:72:53:79:12:
5e:43:0e:ed:f5:47:41:5d:64:0e:e6:64:17:56:e1:
60:1b:21:d1:3e:cd:4a:d8:22:6e:eb:bb:e1:21:a8:
e6:99:e7:a8:5f:c7:a6:9d:2d:b5:87:15:e4:cd:98:
1c:a8:7d:bb:63:6d:3d:63:7c:3c:d8:4f:b2:ee:ce:
48:cd:66:14:f6:ba:8d:84:a9:01:08:f3:1b:1f:3a:
f9:c2:34:9a:5b:65:e7:6a:c5:12:0e:d7:1e:2e:fb:
1a:ec:37:85:cc:86:f2:db:1e:0e:05:77:2a:55:08:
25:f3:79:1a:2b:2b:6f:48:d8:e1:44:b0:fd:1d:5b:
8b:fb:4d:57:f5:c7:ec:d2:f1:c7:8b:60:69:cb:8c:
5c:ef:a0:1d:aa:4b:f7:1a:23:44:68:cc:64:2c:b1:
17:e9:80:e6:fb:b1:80:c1:8e:e4:76:78:71:48:77:
45:b8:83:27:fe:54:ee:44:03:8b:5d:6b:17:85:26:
c4:07:92:b0:ef:e5:4d:81:5a:50:df:1c:a6:a3:2b:
f6:43:84:62:d1:d6:c1:19:97:02:d8:ef:e6:4a:92:
ba:86:5d:4f:90:7a:93:ca:2b:38:aa:c7:55:29:26:
21:ad:64:0b:d5:1c:89:17:04:e7:fe:10:d4:5a:e5:
d2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:BA:B9:A1:00:D7:B7:F8:88:FE:D0:68:FB:CA:3C:16:DA:5B:DC:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde339d-568f-4b5b-98d4-9eca268d8a43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:5000::/40
Signature Algorithm: sha256WithRSAEncryption
36:1b:f7:28:64:61:25:81:85:30:a9:a7:df:aa:65:36:2c:44:
84:c1:96:7a:43:3f:da:3c:9a:e3:76:56:19:e6:d9:21:d1:72:
8c:25:59:ab:8b:ce:b8:a4:b4:c6:68:42:4b:0c:66:51:62:aa:
3e:92:21:fd:54:8c:70:2a:b6:37:2c:ca:e9:77:cb:a8:6f:c9:
81:dc:31:c2:e8:b1:59:df:f2:74:11:c5:b2:67:b7:ae:66:e1:
34:ef:b2:8a:4f:96:a0:fc:a3:56:3f:b4:fb:2a:39:d9:b3:8f:
72:ad:77:3d:ac:02:db:66:e8:7a:b3:b2:e5:23:2e:04:61:7b:
ec:5f:45:1d:01:44:cb:d8:c1:ec:5a:55:90:3c:5a:29:dd:ba:
a5:c0:6a:4c:49:f4:6f:9e:a3:50:28:44:67:89:1f:dc:b9:7a:
3b:3f:83:ec:e8:c7:2b:1e:cf:0c:b2:01:e5:a8:ba:e8:ed:5f:
e0:fc:db:4c:62:5d:3c:bb:ab:73:8e:4c:f7:7c:5b:8b:51:05:
0e:db:96:84:1e:d3:57:ad:02:6e:2e:69:87:0e:0d:d9:00:48:
3a:e9:75:a2:ba:7e:69:da:88:ee:77:3f:50:bc:00:c6:f8:21:
ef:1e:a8:70:c7:35:87:58:fa:c7:ca:55:39:b6:be:d3:00:5e:
83:8d:e5:29
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNtdit5M+kXDdx5nI/2LXqPSx+VEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwMTRaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlM2U3YTM4NzUxZTQ1NTc5MmEwZDg1Yjk0NDc3ZTMzZGFiYzRjYjE3OWMz
MDVhZTEzMzc3OWNhZGY0Mjg2NmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKocTbz2kEyfWadyU3kSXkMO7fVHQV1kDuZkF1bhYBsh0T7NStgibuu74SGo
5pnnqF/Hpp0ttYcV5M2YHKh9u2NtPWN8PNhPsu7OSM1mFPa6jYSpAQjzGx86+cI0
mltl52rFEg7XHi77Guw3hcyG8tseDgV3KlUIJfN5Gisrb0jY4USw/R1bi/tNV/XH
7NLxx4tgacuMXO+gHapL9xojRGjMZCyxF+mA5vuxgMGO5HZ4cUh3RbiDJ/5U7kQD
i11rF4UmxAeSsO/lTYFaUN8cpqMr9kOEYtHWwRmXAtjv5kqSuoZdT5B6k8orOKrH
VSkmIa1kC9UciRcE5/4Q1Frl0q8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQfurmh
ANe3+Ij+0Gj7yjwW2lvcrDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2NkZTMzOWQtNTY4Zi00YjViLTk4ZDQtOWVjYTI2OGQ4YTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA2G/coZGElgYUwqaffqmU2LESEwZZ6Qz/aPJrj
dlYZ5tkh0XKMJVmri864pLTGaEJLDGZRYqo+kiH9VIxwKrY3LMrpd8uob8mB3DHC
6LFZ3/J0EcWyZ7euZuE077KKT5ag/KNWP7T7KjnZs49yrXc9rALbZuh6s7LlIy4E
YXvsX0UdAUTL2MHsWlWQPFop3bqlwGpMSfRvnqNQKERniR/cuXo7P4Ps6McrHs8M
sgHlqLro7V/g/NtMYl08u6tzjkz3fFuLUQUO25aEHtNXrQJuLmmHDg3ZAEg66XWi
un5p2ojudz9QvADG+CHvHqhwxzWHWPrHylU5tr7TAF6DjeUp
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:03:56 2025 by rpki-client