Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
File: 84822380-4084-4c46-8745-4e82faaddd84.roa (raw, json)
Hash identifier: CGgEz7Xcekex9Q3GtMhbNUwdetiFf8TJE+ZjqAqUaXI=
Subject key identifier: 66:DB:C6:14:84:2A:93:86:87:10:1C:AC:5A:F0:6B:93:6C:69:5A:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B1B490BB6D56F1BA363602694DCC52E72FAA4E4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
Signing time: Tue 05 Aug 2025 20:00:19 +0000
ROA not before: Tue 05 Aug 2025 20:00:19 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:1b:49:0b:b6:d5:6f:1b:a3:63:60:26:94:dc:c5:2e:72:fa:a4:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:00:19 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=f1c1534f0ee4ccd6dfe619ba1c83d3980c4929a6f44be84af1cbee2b31db9020, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:e8:94:0f:42:3b:8b:47:64:12:2e:1d:09:01:
2e:b6:64:47:d8:c8:a3:73:e8:0b:c2:94:ce:df:7a:
35:26:ed:8d:77:11:dc:69:69:65:94:47:9d:d0:73:
a8:e8:7c:67:d0:77:97:9c:1d:e2:fa:79:bb:4d:e7:
0b:21:38:1e:8b:7b:7c:50:2e:dd:46:13:70:0d:3b:
3d:b0:93:98:54:30:55:53:89:44:5f:4d:9d:18:87:
0b:fe:21:6f:3e:f8:bf:0d:2b:d0:84:4e:a9:3f:63:
7d:0d:c7:ed:9d:1d:3d:a2:4b:de:06:c7:77:05:cb:
d9:ff:55:8f:db:34:4c:48:21:10:59:2c:8f:d0:6d:
d3:79:29:9f:3c:ee:e5:e9:04:5c:78:47:25:ec:70:
99:7d:18:54:fc:6f:bc:11:cc:8a:e8:33:85:14:35:
e6:47:bf:39:00:28:84:bb:63:fa:69:84:d0:cb:b9:
54:92:c3:01:1b:96:32:6b:48:1d:5d:d0:84:c0:42:
24:36:48:03:d9:37:43:ba:86:af:08:03:54:c4:4b:
4c:ea:e2:8f:4a:d4:50:e7:ab:41:71:5d:96:46:f2:
47:26:24:8a:fe:94:24:06:93:02:50:8a:57:d8:57:
92:b0:63:f0:45:3b:7c:cc:57:c2:b7:7c:0a:bb:6d:
e4:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:DB:C6:14:84:2A:93:86:87:10:1C:AC:5A:F0:6B:93:6C:69:5A:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:800::/38
Signature Algorithm: sha256WithRSAEncryption
0a:4f:b4:f7:55:36:52:f2:ca:57:c5:b9:c7:ad:2c:59:99:c9:
39:f2:f8:e8:50:76:91:b4:91:29:36:bb:6f:2d:b9:37:60:07:
b3:c9:2e:5a:70:9a:95:23:d3:8e:0c:93:5f:3d:da:e7:46:57:
bd:94:c0:67:8e:8a:3a:36:3f:41:e7:1a:89:73:20:e4:10:9e:
de:e4:e4:b0:29:da:b7:97:30:e9:a1:04:00:ab:f5:30:31:d7:
e8:9c:19:79:da:4e:a8:55:0c:4a:5e:7f:01:15:62:9f:f0:fb:
63:76:b5:7a:40:9e:24:13:f2:0e:ed:a6:c8:e7:0a:ab:46:83:
44:e1:ff:d9:95:ca:87:00:6f:78:e9:74:59:1d:74:ec:6d:20:
fa:d2:d1:a4:cf:66:17:1e:05:c7:1b:56:56:01:bf:65:2c:02:
d1:7d:6d:e2:0c:aa:19:7b:ce:f6:a7:6e:7f:bf:73:fe:21:d8:
b9:e5:c4:43:d3:73:15:a6:2b:8a:d4:55:f1:42:41:58:bb:dc:
81:e7:17:8e:2a:31:ab:08:76:1d:12:0a:5a:d2:22:1c:a3:99:
c2:9c:ff:21:b5:65:c9:01:37:fd:c1:a2:92:d6:bf:bc:9a:f0:
d0:6d:e9:dd:7c:c4:d2:f0:ef:d1:63:fa:8a:a6:6b:8d:ec:46:
fc:96:d1:ee
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSxtJC7bVbxujY2AmlNzFLnL6pOQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAwMTlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxYzE1MzRmMGVlNGNjZDZkZmU2MTliYTFjODNkMzk4MGM0OTI5YTZmNDRi
ZTg0YWYxY2JlZTJiMzFkYjkwMjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPLolA9CO4tHZBIuHQkBLrZkR9jIo3PoC8KUzt96NSbtjXcR3GlpZZRHndBz
qOh8Z9B3l5wd4vp5u03nCyE4Hot7fFAu3UYTcA07PbCTmFQwVVOJRF9NnRiHC/4h
bz74vw0r0IROqT9jfQ3H7Z0dPaJL3gbHdwXL2f9Vj9s0TEghEFksj9Bt03kpnzzu
5ekEXHhHJexwmX0YVPxvvBHMiugzhRQ15ke/OQAohLtj+mmE0Mu5VJLDARuWMmtI
HV3QhMBCJDZIA9k3Q7qGrwgDVMRLTOrij0rUUOerQXFdlkbyRyYkiv6UJAaTAlCK
V9hXkrBj8EU7fMxXwrd8Crtt5AkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRm28YU
hCqThocQHKxa8GuTbGlafDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODQ4MjIzODAtNDA4NC00YzQ2LTg3NDUtNGU4MmZhYWRkZDg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQI
MA0GCSqGSIb3DQEBCwUAA4IBAQAKT7T3VTZS8spXxbnHrSxZmck58vjoUHaRtJEp
NrtvLbk3YAezyS5acJqVI9OODJNfPdrnRle9lMBnjoo6Nj9B5xqJcyDkEJ7e5OSw
Kdq3lzDpoQQAq/UwMdfonBl52k6oVQxKXn8BFWKf8PtjdrV6QJ4kE/IO7abI5wqr
RoNE4f/ZlcqHAG946XRZHXTsbSD60tGkz2YXHgXHG1ZWAb9lLALRfW3iDKoZe872
p25/v3P+Idi55cRD03MVpiuK1FXxQkFYu9yB5xeOKjGrCHYdEgpa0iIco5nCnP8h
tWXJATf9waKS1r+8mvDQbendfMTS8O/RY/qKpmuN7Eb8ltHu
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:45:40 2025 by rpki-client