Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83b951c2-f827-4554-9466-de8fd6e7ecec.roa
File: 83b951c2-f827-4554-9466-de8fd6e7ecec.roa (raw, json)
Hash identifier: s6R1+5BCGNjJ7AnKP+RADjsEsUAvfEWqFN6kV019qYA=
Subject key identifier: A9:A0:C9:CD:80:1D:3A:F7:F6:F6:A1:33:F9:8A:53:4C:BC:E1:8F:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77A8982975AE655A1246A167ECB43D67812249CA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83b951c2-f827-4554-9466-de8fd6e7ecec.roa
Signing time: Tue 19 Aug 2025 16:50:19 +0000
ROA not before: Tue 19 Aug 2025 16:50:19 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:a8:98:29:75:ae:65:5a:12:46:a1:67:ec:b4:3d:67:81:22:49:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:19 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=910c985fba6f6c20818f1d1f2a9faf4bceaad7d4f7655bd635f2eff57812ea4c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a2:c8:4a:e7:4b:39:8e:10:cf:12:93:7e:ae:
24:e2:12:f3:9f:64:c2:91:d3:33:98:bf:1d:9b:93:
ad:df:3e:35:98:68:f1:24:62:b0:76:93:d5:0d:19:
d7:7d:b0:5d:85:33:6b:c1:0c:b2:93:49:34:99:ef:
6f:7e:b1:82:37:c2:d2:d7:0a:0e:b6:11:fa:f1:3e:
fb:28:2a:7b:aa:44:63:4f:20:19:1d:81:63:c1:bd:
7c:7d:20:ab:df:f2:71:72:3c:52:40:15:0e:1a:57:
ec:d1:fe:9a:03:61:75:65:44:e4:d4:3c:0c:bd:44:
23:28:cc:0d:3c:54:51:ec:a1:05:08:03:d5:c3:0a:
62:59:45:4a:da:47:07:1c:91:7f:23:0e:b5:e7:e0:
6a:39:29:63:34:97:e2:b2:c3:f3:bf:d0:aa:5e:e6:
47:13:4d:e6:f2:c9:87:07:df:4b:07:20:62:ff:b0:
ce:e2:f0:73:ed:02:fa:42:e5:cd:18:9d:f6:1f:4d:
0b:f2:94:b9:0c:be:a7:08:08:1f:d2:b0:0e:ee:30:
0a:00:b3:bf:01:06:20:f4:d4:7c:82:0a:f7:fe:e1:
06:f6:1a:bc:85:f7:51:92:49:76:58:36:12:3d:59:
96:b1:11:6b:02:a3:80:73:ee:b1:18:bb:f5:d4:d2:
fd:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A0:C9:CD:80:1D:3A:F7:F6:F6:A1:33:F9:8A:53:4C:BC:E1:8F:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83b951c2-f827-4554-9466-de8fd6e7ecec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:9000::/40
Signature Algorithm: sha256WithRSAEncryption
53:22:eb:d1:3e:fc:23:06:60:e0:c9:c5:33:f4:63:84:f9:97:
4d:de:f0:8c:dd:23:b4:20:9c:21:21:41:13:60:aa:a8:79:27:
20:d9:04:16:79:2f:12:f7:96:84:78:b8:a8:c2:f0:75:ef:da:
a4:4c:c9:21:99:3a:4e:cb:92:c3:1b:01:4a:c0:0c:69:2d:f5:
97:cf:2d:28:2b:0f:87:01:a5:66:11:6a:5d:e7:4e:d0:ee:6f:
0a:dd:f4:50:69:6a:ab:83:d0:de:e5:44:ca:93:7b:5b:b9:ab:
93:9a:70:71:d4:66:8a:16:f5:16:8c:a3:01:ac:f9:ea:84:55:
38:38:99:c6:ce:21:ef:77:95:34:c7:51:27:7d:0e:98:be:75:
61:0e:18:67:52:3f:42:af:7d:f5:e2:04:8f:20:11:44:d2:21:
78:e6:f0:94:ec:48:18:87:8b:f2:24:14:e1:63:4c:76:d0:57:
0a:f2:31:14:f0:9b:3e:2c:f0:a2:dc:71:62:11:c5:79:71:7a:
49:8d:51:98:8f:69:bc:8f:6e:67:c0:3e:39:3e:bb:e3:1f:5b:
3a:f7:1c:da:27:4a:60:fe:99:f7:47:2f:22:56:de:c4:5c:6e:
26:83:ac:7d:01:f7:f1:c9:17:fe:bd:7e:df:5f:18:f7:dc:f0:
91:08:0a:83
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd6iYKXWuZVoSRqFn7LQ9Z4EiScowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwMTlaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxMGM5ODVmYmE2ZjZjMjA4MThmMWQxZjJhOWZhZjRiY2VhYWQ3ZDRmNzY1
NWJkNjM1ZjJlZmY1NzgxMmVhNGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJeiyErnSzmOEM8Sk36uJOIS859kwpHTM5i/HZuTrd8+NZho8SRisHaT1Q0Z
132wXYUza8EMspNJNJnvb36xgjfC0tcKDrYR+vE++ygqe6pEY08gGR2BY8G9fH0g
q9/ycXI8UkAVDhpX7NH+mgNhdWVE5NQ8DL1EIyjMDTxUUeyhBQgD1cMKYllFStpH
BxyRfyMOtefgajkpYzSX4rLD87/Qql7mRxNN5vLJhwffSwcgYv+wzuLwc+0C+kLl
zRid9h9NC/KUuQy+pwgIH9KwDu4wCgCzvwEGIPTUfIIK9/7hBvYavIX3UZJJdlg2
Ej1ZlrERawKjgHPusRi79dTS/eECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSpoMnN
gB069/b2oTP5ilNMvOGPjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODNiOTUxYzItZjgyNy00NTU0LTk0NjYtZGU4ZmQ2ZTdlY2VjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBTIuvRPvwjBmDgycUz9GOE+ZdN3vCM3SO0IJwh
IUETYKqoeScg2QQWeS8S95aEeLiowvB179qkTMkhmTpOy5LDGwFKwAxpLfWXzy0o
Kw+HAaVmEWpd507Q7m8K3fRQaWqrg9De5UTKk3tbuauTmnBx1GaKFvUWjKMBrPnq
hFU4OJnGziHvd5U0x1EnfQ6YvnVhDhhnUj9Cr3314gSPIBFE0iF45vCU7EgYh4vy
JBThY0x20FcK8jEU8Js+LPCi3HFiEcV5cXpJjVGYj2m8j25nwD45PrvjH1s69xza
J0pg/pn3Ry8iVt7EXG4mg6x9AffxyRf+vX7fXxj33PCRCAqD
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:54:06 2025 by rpki-client