Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa
File: 868cbba8-4804-4fbd-b9b8-7e9402c44956.roa (raw, json)
Hash identifier: 0JeN4isFtA2C06DReAPOJpFFGtRCRUOuyyXEaF/8Ces=
Subject key identifier: 81:9B:E9:C7:19:3D:5D:E6:85:26:47:48:D8:2C:CB:B8:B1:5C:36:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 135861E3D5A8E8D2DB9304ACA06C696D44298822
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa
Signing time: Wed 06 Aug 2025 00:50:47 +0000
ROA not before: Wed 06 Aug 2025 00:50:47 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:58:61:e3:d5:a8:e8:d2:db:93:04:ac:a0:6c:69:6d:44:29:88:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:47 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=a87e68bd619dac1de759f3ae7c46cb258dfda494ea1627fb778c9df98480bdf8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:11:cb:66:d7:6f:df:3f:f3:c6:a3:ae:1a:b2:
f5:a2:b6:00:66:fc:25:87:e1:eb:b2:1b:cb:75:0a:
57:54:71:f4:e4:cb:46:d0:8a:e7:8f:68:bc:0b:15:
2e:c9:40:fa:c7:5b:9f:1a:64:04:26:de:4b:b3:ec:
d7:66:6b:1e:0e:d9:88:6f:98:d3:e6:82:d9:79:ab:
95:f3:81:ae:58:1f:d6:fd:0b:55:75:5d:a3:39:82:
d4:03:41:a4:0d:82:48:f6:ec:24:81:be:d5:e1:a3:
1d:0c:4a:35:a0:c5:23:bf:05:68:df:42:5c:8e:1c:
6e:54:04:8a:5d:fe:2f:65:e0:0f:cc:bd:9f:7e:d5:
2d:a2:41:9e:7b:3e:e3:28:1f:c0:59:0f:bc:4d:bb:
c4:35:fd:3b:78:58:4f:22:37:3f:b1:fb:ae:4d:6a:
bb:bc:f4:38:e8:28:cf:42:db:74:59:b3:66:da:dd:
11:7c:c9:f6:dd:ba:c2:c0:fb:35:25:89:cb:4d:82:
55:34:56:d1:0c:07:e2:6e:28:cf:e4:8a:65:6c:b4:
b5:f8:26:65:c2:c5:90:d8:54:63:49:4c:0a:91:39:
dc:32:83:af:6d:dd:bc:a9:ce:20:2c:77:2f:e4:dd:
e5:4d:35:f2:4c:ce:47:ad:a8:79:d7:84:f9:dd:92:
68:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:9B:E9:C7:19:3D:5D:E6:85:26:47:48:D8:2C:CB:B8:B1:5C:36:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:9000::/40
Signature Algorithm: sha256WithRSAEncryption
26:43:72:56:9e:7b:a1:a2:c5:f5:ee:c4:f4:b9:eb:c7:00:f8:
59:ae:df:76:90:91:d8:dd:8e:27:58:19:f5:ab:01:86:8d:38:
24:d6:a3:ef:98:b4:a4:48:83:09:3f:5e:f4:c3:a0:eb:b2:b0:
6d:14:ba:0e:2e:31:a8:3b:af:23:c9:e3:5a:55:f4:a4:f0:d4:
35:d7:65:f0:fa:7b:24:73:68:be:a5:a6:ee:c5:d6:19:2a:cc:
40:26:b9:7a:af:c6:5e:05:19:c3:de:7f:1a:0f:29:19:cd:51:
d6:bd:9f:6b:93:e8:cc:19:15:3f:0b:3a:66:af:41:f0:36:b0:
c3:46:4c:d8:05:75:de:b6:82:14:e3:00:3a:5a:06:89:b9:4d:
66:d1:21:f3:73:19:d1:3a:65:4f:68:9e:72:aa:13:f1:5e:da:
b0:4f:7d:90:cf:e5:9c:75:b7:31:18:55:20:f8:db:4e:d3:0f:
b5:7c:a8:e4:10:fb:78:27:b7:a4:55:26:b7:0c:ba:c1:d9:12:
4f:4d:8f:3d:b3:9f:54:2c:26:fe:b8:37:37:de:4d:4d:60:cd:
2e:e9:32:90:ff:3e:38:80:c8:b0:0a:05:68:53:b6:0f:62:12:
09:42:84:0e:ec:11:9c:22:11:f1:c6:34:be:ad:85:52:1e:db:
6e:ef:0e:dc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE1hh49Wo6NLbkwSsoGxpbUQpiCIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwNDdaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4N2U2OGJkNjE5ZGFjMWRlNzU5ZjNhZTdjNDZjYjI1OGRmZGE0OTRlYTE2
MjdmYjc3OGM5ZGY5ODQ4MGJkZjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0Ry2bXb98/88ajrhqy9aK2AGb8JYfh67Iby3UKV1Rx9OTLRtCK549ovAsV
LslA+sdbnxpkBCbeS7Ps12ZrHg7ZiG+Y0+aC2XmrlfOBrlgf1v0LVXVdozmC1ANB
pA2CSPbsJIG+1eGjHQxKNaDFI78FaN9CXI4cblQEil3+L2XgD8y9n37VLaJBnns+
4ygfwFkPvE27xDX9O3hYTyI3P7H7rk1qu7z0OOgoz0LbdFmzZtrdEXzJ9t26wsD7
NSWJy02CVTRW0QwH4m4oz+SKZWy0tfgmZcLFkNhUY0lMCpE53DKDr23dvKnOICx3
L+Td5U018kzOR62oedeE+d2SaJsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSBm+nH
GT1d5oUmR0jYLMu4sVw2yjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODY4Y2JiYTgtNDgwNC00ZmJkLWI5YjgtN2U5NDAyYzQ0OTU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAmQ3JWnnuhosX17sT0uevHAPhZrt92kJHY3Y4n
WBn1qwGGjTgk1qPvmLSkSIMJP170w6DrsrBtFLoOLjGoO68jyeNaVfSk8NQ112Xw
+nskc2i+pabuxdYZKsxAJrl6r8ZeBRnD3n8aDykZzVHWvZ9rk+jMGRU/Czpmr0Hw
NrDDRkzYBXXetoIU4wA6WgaJuU1m0SHzcxnROmVPaJ5yqhPxXtqwT32Qz+Wcdbcx
GFUg+NtO0w+1fKjkEPt4J7ekVSa3DLrB2RJPTY89s59ULCb+uDc33k1NYM0u6TKQ
/z44gMiwCgVoU7YPYhIJQoQO7BGcIhHxxjS+rYVSHttu7w7c
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:01 2025 by rpki-client