Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
File: 88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa (raw, json)
Hash identifier: zAa+D0geympzCHgx8soA8OD7XRjGMjOn8t0+GPgsmfM=
Subject key identifier: 8B:56:82:05:47:89:81:93:4E:50:88:D9:7D:1F:E1:3F:6B:16:A6:F9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69E84B7DB22B39A1D847E457A132B2436D8B9B5B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
Signing time: Tue 05 Aug 2025 20:00:16 +0000
ROA not before: Tue 05 Aug 2025 20:00:16 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:e8:4b:7d:b2:2b:39:a1:d8:47:e4:57:a1:32:b2:43:6d:8b:9b:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:00:16 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=dcf1d379786150c8287e47d01adfdf3d653e227f328ad1e0b7cfc3a73497fae5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:0a:b4:9b:e9:52:a7:f7:3d:c3:8b:a6:2a:20:
0c:5c:ef:84:6c:07:aa:1e:0d:98:91:62:12:dc:7a:
a1:83:42:c6:f6:72:24:36:d8:79:8d:41:c7:a9:45:
4c:d1:01:4f:9f:c8:12:52:e5:44:56:fe:6d:e7:09:
10:28:29:25:5b:cf:0c:52:e9:7c:8e:be:e0:a0:04:
f3:e6:db:0c:8a:f9:50:f1:34:30:a8:4a:f8:9a:6c:
15:3e:59:95:b7:64:2e:c9:83:18:db:2c:1e:5e:70:
8a:90:a4:b1:2c:f8:75:b3:07:69:33:f8:a7:5c:09:
76:cc:78:c8:58:0c:e5:cf:8d:b2:a6:3e:d8:3e:67:
22:54:03:d3:13:5b:90:9b:05:a8:0f:31:d2:17:f4:
f1:c2:6c:ee:2a:e4:26:72:2b:f2:f2:c4:ec:4f:93:
e4:7d:73:12:5e:dc:17:77:a4:53:51:37:28:bf:53:
bd:54:78:d2:3a:0f:1a:ea:ef:13:77:ea:40:67:89:
ab:e1:2f:4f:57:15:aa:9e:0f:e6:6b:22:98:e8:9b:
35:5f:10:6c:5b:aa:bd:12:2b:e7:6b:da:a3:4a:ae:
1c:72:c3:f3:8e:77:aa:07:7c:76:1b:03:00:e4:04:
97:f3:09:42:13:c8:e5:c6:59:66:69:57:28:dd:c2:
02:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:56:82:05:47:89:81:93:4E:50:88:D9:7D:1F:E1:3F:6B:16:A6:F9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:c00::/38
Signature Algorithm: sha256WithRSAEncryption
0e:5d:ab:e2:62:5f:6b:e6:b6:1e:2d:51:f1:d0:57:67:cb:31:
40:17:33:b5:31:0b:bd:30:e8:9c:f0:9a:82:aa:25:f8:11:19:
5b:9c:2d:ac:54:3b:e0:35:8c:1b:c4:2a:22:47:a0:32:3e:e8:
77:5a:f5:b0:46:82:f4:29:67:03:f1:7e:9a:c9:70:9d:08:93:
f5:00:ee:14:5b:de:6e:62:67:b6:db:a8:cc:7c:da:cf:74:d8:
eb:f1:98:91:d4:de:ef:f7:a0:ae:3d:06:10:3d:63:e0:c4:81:
4e:d3:36:1a:ff:9c:26:3d:b0:bb:15:ae:fb:fe:bd:a5:aa:8d:
1e:3c:f6:de:f6:b9:8e:fd:b8:57:09:a2:ac:e7:e2:0f:cb:6f:
09:eb:43:13:c2:32:25:39:15:c9:38:d5:33:44:36:84:36:e3:
39:15:7e:f6:a2:e5:af:b8:21:7a:35:28:ec:b8:67:c6:e7:a5:
bb:d2:77:20:43:82:15:ac:89:f7:6e:31:f7:90:d4:80:91:26:
0f:72:18:41:a3:96:7b:26:e4:5c:8a:f0:9e:0d:38:95:f6:7e:
2b:c4:0f:4e:df:b4:4e:83:90:e6:f6:61:a6:ff:8a:58:6f:52:
13:d2:ee:09:41:19:89:4d:cc:fe:61:5a:0d:bf:b1:a9:5d:e3:
06:3a:3c:48
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaehLfbIrOaHYR+RXoTKyQ22Lm1swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAwMTZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjZjFkMzc5Nzg2MTUwYzgyODdlNDdkMDFhZGZkZjNkNjUzZTIyN2YzMjhh
ZDFlMGI3Y2ZjM2E3MzQ5N2ZhZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOMKtJvpUqf3PcOLpiogDFzvhGwHqh4NmJFiEtx6oYNCxvZyJDbYeY1Bx6lF
TNEBT5/IElLlRFb+becJECgpJVvPDFLpfI6+4KAE8+bbDIr5UPE0MKhK+JpsFT5Z
lbdkLsmDGNssHl5wipCksSz4dbMHaTP4p1wJdsx4yFgM5c+NsqY+2D5nIlQD0xNb
kJsFqA8x0hf08cJs7irkJnIr8vLE7E+T5H1zEl7cF3ekU1E3KL9TvVR40joPGurv
E3fqQGeJq+EvT1cVqp4P5msimOibNV8QbFuqvRIr52vao0quHHLD8453qgd8dhsD
AOQEl/MJQhPI5cZZZmlXKN3CArUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSLVoIF
R4mBk05QiNl9H+E/axam+TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg4MDBmOWYtNDhmZC00NDQyLWE2ZjYtN2E1MDRlMWNiM2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIM
MA0GCSqGSIb3DQEBCwUAA4IBAQAOXaviYl9r5rYeLVHx0FdnyzFAFzO1MQu9MOic
8JqCqiX4ERlbnC2sVDvgNYwbxCoiR6AyPuh3WvWwRoL0KWcD8X6ayXCdCJP1AO4U
W95uYme226jMfNrPdNjr8ZiR1N7v96CuPQYQPWPgxIFO0zYa/5wmPbC7Fa77/r2l
qo0ePPbe9rmO/bhXCaKs5+IPy28J60MTwjIlORXJONUzRDaENuM5FX72ouWvuCF6
NSjsuGfG56W70ncgQ4IVrIn3bjH3kNSAkSYPchhBo5Z7JuRcivCeDTiV9n4rxA9O
37ROg5Dm9mGm/4pYb1IT0u4JQRmJTcz+YVoNv7GpXeMGOjxI
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:24 2025 by rpki-client