Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
File: 8615f258-46a8-450c-972c-84b27581bb43.roa (raw, json)
Hash identifier: MggfrREMD9vSeVlZtoxYloQ+6KBYoFnQaL40n2nNkrE=
Subject key identifier: AE:BA:DF:39:A8:C4:30:3D:DD:54:FE:FC:5F:FD:9F:A0:53:FA:68:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72750E08B1468088A82C3C3A0162BD70DFE983A4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
Signing time: Tue 05 Aug 2025 20:11:19 +0000
ROA not before: Tue 05 Aug 2025 20:11:19 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:75:0e:08:b1:46:80:88:a8:2c:3c:3a:01:62:bd:70:df:e9:83:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:11:19 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=adb4e927ca924628b25961caebf4e9dd64818e85c40433c80d8d2a2804210cbf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:15:74:51:3a:4e:26:d1:04:33:c0:ab:f6:3b:
c6:95:f8:1a:1e:bf:81:78:95:43:7c:7b:7e:88:38:
97:62:09:58:24:d5:12:67:8d:97:91:e2:ec:4b:ce:
c6:ae:ab:ff:03:63:9a:c3:29:77:a3:de:1c:b8:42:
3c:b4:4c:56:cb:16:ab:9f:bb:00:66:3d:00:e1:5f:
3d:ce:35:b0:9c:44:57:3b:8b:bf:01:74:c3:d2:8d:
0f:39:2e:0c:58:fd:c0:38:ee:01:e8:40:46:95:e8:
be:ff:06:4e:4a:65:34:17:77:80:68:eb:f9:02:74:
74:83:96:24:08:7e:ca:0f:c4:14:db:17:8f:3e:54:
2f:a3:fd:6b:41:e4:5d:44:af:1f:a7:3a:10:72:e6:
7d:8b:ba:72:3a:d9:eb:87:2d:42:bc:15:45:62:8e:
23:a1:b7:92:e5:34:bb:b8:94:ed:6b:65:b7:c8:4e:
0f:c0:37:96:35:24:23:44:6c:86:3e:21:a4:8e:74:
02:71:df:8f:53:db:90:46:5f:0d:c2:8c:dd:bf:ae:
9e:c1:b3:f7:d1:bf:b1:24:d1:1b:df:60:dc:2a:3b:
d0:b3:c9:a2:99:e2:cf:4d:55:3f:3c:07:18:c7:ff:
2d:bd:60:b1:93:12:5f:54:a4:88:07:b9:64:d1:ee:
e7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:BA:DF:39:A8:C4:30:3D:DD:54:FE:FC:5F:FD:9F:A0:53:FA:68:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8615f258-46a8-450c-972c-84b27581bb43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018::/36
Signature Algorithm: sha256WithRSAEncryption
7e:83:95:55:b0:80:f8:14:23:e4:43:e0:e1:08:40:1b:3d:b1:
bb:50:12:b4:90:1e:91:48:fe:68:9a:e8:84:5a:4f:8f:9d:0c:
87:0a:a9:58:92:c7:f7:b6:89:2f:0d:1f:ca:29:24:c3:26:b7:
a3:9f:e5:72:aa:b3:d6:2d:22:1c:a0:20:bc:fb:77:2d:5c:fe:
e5:9d:46:c9:a6:c6:2b:31:06:b3:c7:f8:ab:18:be:34:3f:35:
6f:bb:79:89:60:8c:98:46:a2:8f:59:88:0c:7b:8c:06:44:f6:
80:3c:c9:a0:cd:e1:6e:42:70:9f:48:b5:95:f7:44:cb:b2:2f:
0b:0c:77:c0:5c:42:13:a5:3c:4e:f1:1f:77:45:d6:50:ee:4b:
9a:59:c2:86:8f:4d:9c:bb:20:43:e3:0d:7c:18:66:32:73:4b:
8a:f8:b2:ff:8d:d4:83:d4:7b:11:03:db:15:67:9e:d8:d6:d8:
cb:56:e0:ed:d3:7a:4e:40:d1:31:6f:21:ab:4e:d7:f2:ff:66:
f0:ea:4a:cc:cb:d1:1a:00:59:e3:3b:f6:d9:66:7c:a1:bd:86:
e9:46:2a:2c:f2:82:66:c2:32:d3:05:8a:81:ac:7a:82:b6:8f:
51:6e:da:b2:73:e4:96:17:bf:0b:5c:27:ee:14:88:9d:dc:02:
44:33:e6:18
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcnUOCLFGgIioLDw6AWK9cN/pg6QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDExMTlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkYjRlOTI3Y2E5MjQ2MjhiMjU5NjFjYWViZjRlOWRkNjQ4MThlODVjNDA0
MzNjODBkOGQyYTI4MDQyMTBjYmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN0VdFE6TibRBDPAq/Y7xpX4Gh6/gXiVQ3x7fog4l2IJWCTVEmeNl5Hi7EvO
xq6r/wNjmsMpd6PeHLhCPLRMVssWq5+7AGY9AOFfPc41sJxEVzuLvwF0w9KNDzku
DFj9wDjuAehARpXovv8GTkplNBd3gGjr+QJ0dIOWJAh+yg/EFNsXjz5UL6P9a0Hk
XUSvH6c6EHLmfYu6cjrZ64ctQrwVRWKOI6G3kuU0u7iU7Wtlt8hOD8A3ljUkI0Rs
hj4hpI50AnHfj1PbkEZfDcKM3b+unsGz99G/sSTRG99g3Co70LPJopniz01VPzwH
GMf/Lb1gsZMSX1SkiAe5ZNHu57MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSuut85
qMQwPd1U/vxf/Z+gU/poszAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODYxNWYyNTgtNDZhOC00NTBjLTk3MmMtODRiMjc1ODFiYjQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BgA
MA0GCSqGSIb3DQEBCwUAA4IBAQB+g5VVsID4FCPkQ+DhCEAbPbG7UBK0kB6RSP5o
muiEWk+PnQyHCqlYksf3tokvDR/KKSTDJrejn+VyqrPWLSIcoCC8+3ctXP7lnUbJ
psYrMQazx/irGL40PzVvu3mJYIyYRqKPWYgMe4wGRPaAPMmgzeFuQnCfSLWV90TL
si8LDHfAXEITpTxO8R93RdZQ7kuaWcKGj02cuyBD4w18GGYyc0uK+LL/jdSD1HsR
A9sVZ57Y1tjLVuDt03pOQNExbyGrTtfy/2bw6krMy9EaAFnjO/bZZnyhvYbpRios
8oJmwjLTBYqBrHqCto9Rbtqyc+SWF78LXCfuFIid3AJEM+YY
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:35:27 2025 by rpki-client