Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa
File: 7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa (raw, json)
Hash identifier: w84i7fA8drdYHuNhkvrfoM8r/0sY++XViujyXMAqcKo=
Subject key identifier: F1:23:CC:87:19:45:23:7C:04:3C:7A:9F:4D:D7:E0:59:0F:22:09:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D3EC23CE9405E04FDB007F2124597F00E812AB0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa
Signing time: Tue 05 Aug 2025 19:41:16 +0000
ROA not before: Tue 05 Aug 2025 19:41:16 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:3e:c2:3c:e9:40:5e:04:fd:b0:07:f2:12:45:97:f0:0e:81:2a:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:41:16 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=2e2e13d22ef6715486f27025766884659852aca545455622403fbf36c3846fe5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f4:eb:43:26:b8:ed:a7:1c:43:ff:56:e8:92:
11:0b:f8:6a:72:f1:35:81:77:27:7f:5d:32:85:7b:
6a:7a:59:5a:45:b4:5d:85:3f:1e:3d:bc:99:e0:5f:
4f:62:79:67:05:bd:ac:3b:cb:a3:1a:a9:ab:49:41:
ea:ae:76:cb:75:6b:2a:89:ef:32:6a:50:83:9b:8e:
39:9f:68:8a:57:b0:da:ac:54:59:a7:11:7a:a7:cd:
1d:9f:3e:a5:1b:c1:9b:18:70:1a:cd:e5:61:11:ed:
4e:02:8e:df:0d:67:0b:4d:d1:56:02:9d:57:80:98:
ed:58:8e:40:eb:69:a2:21:71:19:e5:54:c3:eb:04:
28:24:30:c9:88:b8:bf:9d:69:79:bf:8a:90:03:de:
ec:24:6c:98:47:d0:8f:a0:d9:13:6d:e6:cc:d3:fa:
69:85:a0:26:9d:0a:ab:ea:03:e1:dd:a8:71:b8:5c:
7c:89:0f:aa:2b:75:ba:66:29:8d:32:35:8d:b1:78:
15:25:dd:b8:83:17:0c:83:29:ad:fc:90:a3:65:83:
f9:ca:a0:b7:69:93:c6:a8:c3:71:d8:3b:5e:4b:dd:
25:77:49:4a:1c:8a:ee:eb:77:55:61:c6:36:f2:a0:
f9:21:6c:a9:95:95:1a:40:f3:13:07:1a:db:1a:5c:
db:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:23:CC:87:19:45:23:7C:04:3C:7A:9F:4D:D7:E0:59:0F:22:09:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:9000::/40
Signature Algorithm: sha256WithRSAEncryption
b7:77:0b:b4:83:a6:54:82:e2:1b:1e:eb:5a:fa:7e:7d:34:49:
71:cf:97:1d:d7:c3:8b:98:72:9f:31:c6:c9:62:45:3b:fe:ca:
0a:9e:83:bb:bb:c6:1b:a7:b6:da:cf:61:e2:6e:76:97:81:f7:
6a:5a:19:cb:ef:9b:2f:41:b0:4c:fc:6e:b6:3c:30:1f:6e:27:
f9:76:a9:1d:23:0d:8c:f7:06:80:84:f3:be:eb:38:58:9a:08:
81:90:4d:02:5c:6b:bc:a0:b5:d1:60:fb:a7:84:cb:54:ce:c1:
b6:27:72:b5:a7:ec:37:52:55:89:ec:0d:83:33:a0:1b:66:b1:
ba:c3:ad:25:91:c1:27:db:5a:01:e4:38:2a:db:57:5b:18:72:
06:2c:44:11:7d:56:f7:57:1a:8c:50:58:fa:40:32:57:c8:93:
55:b5:a1:74:02:67:0b:21:71:f2:61:23:78:4a:53:ae:9a:f8:
17:a7:7e:9b:64:06:5a:44:e3:25:eb:ce:13:6d:ac:81:ce:19:
e9:fd:f6:8f:a1:62:11:08:5f:dc:54:d0:8d:41:4d:aa:25:1b:
42:90:67:91:39:e9:69:fd:57:9d:b3:90:24:13:32:52:60:12:
12:5d:0f:1f:4e:e8:8c:17:5f:86:91:91:3b:f3:eb:c6:af:a7:
20:c4:27:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHT7CPOlAXgT9sAfyEkWX8A6BKrAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQxMTZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlMmUxM2QyMmVmNjcxNTQ4NmYyNzAyNTc2Njg4NDY1OTg1MmFjYTU0NTQ1
NTYyMjQwM2ZiZjM2YzM4NDZmZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALb060MmuO2nHEP/VuiSEQv4anLxNYF3J39dMoV7anpZWkW0XYU/Hj28meBf
T2J5ZwW9rDvLoxqpq0lB6q52y3VrKonvMmpQg5uOOZ9oilew2qxUWacReqfNHZ8+
pRvBmxhwGs3lYRHtTgKO3w1nC03RVgKdV4CY7ViOQOtpoiFxGeVUw+sEKCQwyYi4
v51peb+KkAPe7CRsmEfQj6DZE23mzNP6aYWgJp0Kq+oD4d2ocbhcfIkPqit1umYp
jTI1jbF4FSXduIMXDIMprfyQo2WD+cqgt2mTxqjDcdg7XkvdJXdJShyK7ut3VWHG
NvKg+SFsqZWVGkDzEwca2xpc28cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTxI8yH
GUUjfAQ8ep9N1+BZDyIJjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2Q5NmQzYWQtMGVlNy00NjMwLTlhNDktYTBkY2MyYjcxZGE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC3dwu0g6ZUguIbHuta+n59NElxz5cd18OLmHKf
McbJYkU7/soKnoO7u8Ybp7baz2HibnaXgfdqWhnL75svQbBM/G62PDAfbif5dqkd
Iw2M9waAhPO+6zhYmgiBkE0CXGu8oLXRYPunhMtUzsG2J3K1p+w3UlWJ7A2DM6Ab
ZrG6w60lkcEn21oB5Dgq21dbGHIGLEQRfVb3VxqMUFj6QDJXyJNVtaF0AmcLIXHy
YSN4SlOumvgXp36bZAZaROMl684TbayBzhnp/faPoWIRCF/cVNCNQU2qJRtCkGeR
Oelp/Veds5AkEzJSYBISXQ8fTuiMF1+GkZE78+vGr6cgxCde
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:50:46 2025 by rpki-client