Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa
File: 7cde858d-62b0-4607-8c80-6907e7e92d59.roa (raw, json)
Hash identifier: PqUfKZSkV+uy8U1YlTQ5PVCIfCvBb6gaqIR4sE6Xkfs=
Subject key identifier: 31:D3:2A:7B:BB:53:36:57:8E:16:87:66:13:85:51:23:6A:04:C4:61
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 691EC5EC6F51D90F544C1002E3D3B8391A840722
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa
Signing time: Tue 19 Aug 2025 16:50:37 +0000
ROA not before: Tue 19 Aug 2025 16:50:37 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:1e:c5:ec:6f:51:d9:0f:54:4c:10:02:e3:d3:b8:39:1a:84:07:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:37 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=0dfae016b645d38e6ceebca36204451ffb34d167909d6a222519c2fe27a7a20d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:73:56:d7:0b:c0:f5:a8:a3:a3:9d:d8:60:85:
1e:fe:5b:38:57:9b:51:a2:23:b0:e9:2c:98:43:59:
a9:df:59:2f:f7:db:f4:bb:66:15:6c:26:7d:01:40:
4e:d1:3b:12:75:85:18:bf:d6:26:c2:0b:a0:a2:07:
5d:2e:6f:fe:8f:e4:4a:f7:ab:83:16:75:32:67:a2:
dc:94:90:b2:f3:0b:4d:65:f7:05:7a:17:02:86:df:
a7:89:9a:70:73:e6:dd:2b:9d:41:c2:f6:d4:4c:59:
a5:68:5f:9c:fd:71:0c:e7:a4:53:de:82:30:b7:04:
d6:c5:6f:38:ad:39:26:10:9e:8b:33:85:40:a8:42:
8a:56:de:34:56:6c:38:bb:dc:3f:c0:a2:c3:21:40:
ee:9c:9f:f1:04:f7:e2:f5:c6:0e:db:af:ff:e9:da:
1c:07:4f:d5:b0:bb:03:fb:a9:fc:38:19:c5:76:24:
b0:8e:e9:b2:8f:f8:a3:65:5a:e0:a2:7f:e9:8c:68:
ca:9b:de:c1:08:aa:65:5e:1b:0e:42:17:4e:f4:e5:
06:c4:43:b0:3e:39:9a:79:27:bf:75:c1:58:07:65:
84:af:97:50:58:18:1c:a5:f9:a8:26:c7:ff:ba:f1:
f9:8d:d3:64:d6:ef:4d:0e:71:80:c6:e9:3a:08:68:
db:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:D3:2A:7B:BB:53:36:57:8E:16:87:66:13:85:51:23:6A:04:C4:61
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:800::/40
Signature Algorithm: sha256WithRSAEncryption
38:7b:28:78:26:c0:f1:57:9e:36:23:da:69:3f:12:cb:6a:89:
21:7d:03:4b:2b:f1:72:9c:74:ff:ec:01:bc:35:26:99:d5:7a:
00:68:bf:51:3c:5d:09:8e:71:4b:6b:06:c1:e4:e3:3e:2a:f3:
86:5a:f7:41:ae:a0:b2:dc:5e:57:51:d4:39:16:b3:9e:6d:ea:
e6:d8:7c:fb:8e:ee:99:31:45:bf:1c:cc:9e:62:5f:e8:d1:ca:
84:aa:45:86:c0:8f:67:2e:d1:45:e8:95:26:79:30:82:23:14:
60:06:d3:a2:c2:e2:f1:5e:11:36:08:cf:5a:dc:dd:59:be:54:
7b:83:33:35:38:51:18:b0:af:6e:17:f9:fb:1c:a6:f0:3c:c8:
4b:f5:10:d3:ed:37:2e:32:78:f3:cf:3e:1e:30:18:d3:d0:56:
30:d2:4b:e1:2d:3f:66:76:34:46:27:d4:d9:df:4b:61:84:e6:
d2:25:07:67:13:cf:6f:1d:cd:46:61:af:4f:46:0d:cc:4f:a2:
ad:0a:0a:43:6f:85:87:55:a3:73:75:87:f7:98:4c:88:bd:0a:
f9:f3:89:a3:7b:63:2c:1b:a3:41:0a:1d:8c:f4:90:44:d8:83:
14:a5:5f:ce:d8:92:cf:92:9e:33:bc:1a:b9:0f:cc:99:59:c9:
7d:6d:41:44
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaR7F7G9R2Q9UTBAC49O4ORqEByIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwMzdaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkZmFlMDE2YjY0NWQzOGU2Y2VlYmNhMzYyMDQ0NTFmZmIzNGQxNjc5MDlk
NmEyMjI1MTljMmZlMjdhN2EyMGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANtzVtcLwPWoo6Od2GCFHv5bOFebUaIjsOksmENZqd9ZL/fb9LtmFWwmfQFA
TtE7EnWFGL/WJsILoKIHXS5v/o/kSvergxZ1Mmei3JSQsvMLTWX3BXoXAobfp4ma
cHPm3SudQcL21ExZpWhfnP1xDOekU96CMLcE1sVvOK05JhCeizOFQKhCilbeNFZs
OLvcP8CiwyFA7pyf8QT34vXGDtuv/+naHAdP1bC7A/up/DgZxXYksI7pso/4o2Va
4KJ/6YxoypvewQiqZV4bDkIXTvTlBsRDsD45mnknv3XBWAdlhK+XUFgYHKX5qCbH
/7rx+Y3TZNbvTQ5xgMbpOgho2wMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQx0yp7
u1M2V44Wh2YThVEjagTEYTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2NkZTg1OGQtNjJiMC00NjA3LThjODAtNjkwN2U3ZTkyZDU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkI
MA0GCSqGSIb3DQEBCwUAA4IBAQA4eyh4JsDxV542I9ppPxLLaokhfQNLK/FynHT/
7AG8NSaZ1XoAaL9RPF0JjnFLawbB5OM+KvOGWvdBrqCy3F5XUdQ5FrOeberm2Hz7
ju6ZMUW/HMyeYl/o0cqEqkWGwI9nLtFF6JUmeTCCIxRgBtOiwuLxXhE2CM9a3N1Z
vlR7gzM1OFEYsK9uF/n7HKbwPMhL9RDT7TcuMnjzzz4eMBjT0FYw0kvhLT9mdjRG
J9TZ30thhObSJQdnE89vHc1GYa9PRg3MT6KtCgpDb4WHVaNzdYf3mEyIvQr584mj
e2MsG6NBCh2M9JBE2IMUpV/O2JLPkp4zvBq5D8yZWcl9bUFE
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:11 2025 by rpki-client