Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa
File: 84b89066-b432-45c3-befb-ffa2b4be3b71.roa (raw, json)
Hash identifier: QBmhSqO17cfGcsx8ckpkFsqOeir0SXhsZnSgVgOGSnI=
Subject key identifier: 3B:41:45:AD:86:F1:16:38:33:9B:0F:89:5F:38:ED:F3:DD:D4:19:42
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77616939E570DD16D85E73D42DA678333982FCB6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa
Signing time: Tue 05 Aug 2025 19:50:14 +0000
ROA not before: Tue 05 Aug 2025 19:50:14 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:61:69:39:e5:70:dd:16:d8:5e:73:d4:2d:a6:78:33:39:82:fc:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:50:14 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=40a6536c8244fe75194cd5e838dae2655d807e0d3bcb526e803fd7cdc599113b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:f4:da:32:51:af:a3:74:4c:1f:eb:5e:c3:03:
00:d2:5a:f6:2e:81:2d:8b:ad:a9:23:21:0c:19:ef:
4d:b9:e3:16:db:c4:cb:91:27:52:8e:54:0c:94:bf:
9a:28:c1:7b:e5:7e:7e:a7:64:c4:c7:3c:d0:18:da:
6d:5a:b8:2d:02:dc:fa:62:b1:17:2e:a1:8e:1f:0f:
08:5f:01:6e:d8:7f:77:f4:41:cf:de:72:dc:66:13:
cd:53:0c:6b:48:27:ac:19:ce:3b:01:db:7b:bb:05:
4b:12:f0:d5:37:f4:9c:a0:ed:86:43:23:13:46:5c:
b5:0b:26:56:63:2c:94:70:e8:fe:39:03:81:5e:4e:
2c:a5:2f:bb:77:81:1f:c3:d5:c0:e0:fe:4e:1d:1a:
25:a3:65:59:d7:18:ca:94:1d:3d:2e:ce:52:84:a6:
88:90:ba:c3:dc:0d:77:dc:3a:23:a9:3e:8f:7c:ed:
ab:35:26:21:bb:19:f0:c5:60:5d:18:9a:1f:fc:d2:
e4:05:d7:5a:db:4e:74:b9:b7:6d:78:b3:cb:ef:33:
94:cc:de:9a:89:7f:69:14:63:c1:81:27:dd:46:62:
c8:03:b0:ed:b3:1b:a9:be:eb:85:2f:ac:ee:e0:93:
ad:7e:14:c9:1e:46:a4:85:e4:a9:1e:e0:3b:70:2f:
b6:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:41:45:AD:86:F1:16:38:33:9B:0F:89:5F:38:ED:F3:DD:D4:19:42
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84b89066-b432-45c3-befb-ffa2b4be3b71.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:4000::/40
Signature Algorithm: sha256WithRSAEncryption
53:97:3b:df:85:c7:4b:42:7a:d0:7b:08:e0:cc:9b:f5:a4:04:
67:f7:e4:40:ad:02:f6:c0:98:44:c2:56:9c:99:38:e4:bf:3c:
bc:9b:bc:d6:2e:2d:0a:41:91:e0:30:0d:95:5d:bb:c7:a4:31:
4b:a5:2c:6b:6a:ec:12:d9:87:84:9b:b4:6d:07:b8:41:9c:20:
6b:f1:b7:6c:ce:79:0f:cd:8d:32:7d:62:89:9b:4a:22:44:4a:
28:a0:92:25:a2:16:3a:75:8e:83:6e:f8:97:07:82:27:94:53:
4d:3e:bd:62:2a:c9:f0:b5:38:db:ae:bb:7b:99:f1:18:b8:08:
0f:16:5b:d3:31:c9:98:b0:d2:82:f9:b5:53:10:8a:74:4b:de:
87:ad:1c:e7:b0:eb:b2:a9:81:69:fd:87:79:f4:91:08:97:ee:
7e:9d:a4:c8:a3:6b:af:8e:80:34:e6:7d:bb:92:a5:f3:56:80:
b3:df:cd:9f:7e:49:09:55:0d:6a:db:34:2f:a3:e6:a0:d6:26:
af:57:66:d7:8b:44:9e:a4:fc:3c:ad:cd:72:54:8f:3c:28:63:
65:f2:d8:1f:fa:59:2b:8d:b2:8d:1d:ce:d4:d9:b5:51:18:0c:
46:74:2c:5f:e5:78:e8:d3:d1:be:b4:01:20:99:5e:6b:15:dd:
9f:7c:1a:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd2FpOeVw3RbYXnPULaZ4MzmC/LYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUwMTRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwYTY1MzZjODI0NGZlNzUxOTRjZDVlODM4ZGFlMjY1NWQ4MDdlMGQzYmNi
NTI2ZTgwM2ZkN2NkYzU5OTExM2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOP02jJRr6N0TB/rXsMDANJa9i6BLYutqSMhDBnvTbnjFtvEy5EnUo5UDJS/
mijBe+V+fqdkxMc80BjabVq4LQLc+mKxFy6hjh8PCF8Bbth/d/RBz95y3GYTzVMM
a0gnrBnOOwHbe7sFSxLw1Tf0nKDthkMjE0ZctQsmVmMslHDo/jkDgV5OLKUvu3eB
H8PVwOD+Th0aJaNlWdcYypQdPS7OUoSmiJC6w9wNd9w6I6k+j3ztqzUmIbsZ8MVg
XRiaH/zS5AXXWttOdLm3bXizy+8zlMzemol/aRRjwYEn3UZiyAOw7bMbqb7rhS+s
7uCTrX4UyR5GpIXkqR7gO3AvthMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ7QUWt
hvEWODObD4lfOO3z3dQZQjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODRiODkwNjYtYjQzMi00NWMzLWJlZmItZmZhMmI0YmUzYjcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HhA
MA0GCSqGSIb3DQEBCwUAA4IBAQBTlzvfhcdLQnrQewjgzJv1pARn9+RArQL2wJhE
wlacmTjkvzy8m7zWLi0KQZHgMA2VXbvHpDFLpSxrauwS2YeEm7RtB7hBnCBr8bds
znkPzY0yfWKJm0oiREoooJIlohY6dY6DbviXB4InlFNNPr1iKsnwtTjbrrt7mfEY
uAgPFlvTMcmYsNKC+bVTEIp0S96HrRznsOuyqYFp/Yd59JEIl+5+naTIo2uvjoA0
5n27kqXzVoCz382ffkkJVQ1q2zQvo+ag1iavV2bXi0SepPw8rc1yVI88KGNl8tgf
+lkrjbKNHc7U2bVRGAxGdCxf5Xjo09G+tAEgmV5rFd2ffBoH
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:32 2025 by rpki-client