Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
File: 8a06e909-5227-47d9-a58c-be623a2a4cad.roa (raw, json)
Hash identifier: dP+zz1IgSCFohHsWsZ5r19WwBQfz5/m/DnhPg6pRbxI=
Subject key identifier: B0:FE:83:ED:EE:6E:98:CD:E0:1F:9A:09:F2:9D:74:C2:84:B9:CD:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 113908248F9DB5C27BDB7E32E4391D92C5FC9032
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
Signing time: Tue 05 Aug 2025 19:50:05 +0000
ROA not before: Tue 05 Aug 2025 19:50:05 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:39:08:24:8f:9d:b5:c2:7b:db:7e:32:e4:39:1d:92:c5:fc:90:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:50:05 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=35efbc6be06f88d70f0361065b1f676a040c52faaa00677be4ef3fd36de2d2f8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:52:a9:8a:5b:0b:f2:99:ef:38:ec:53:b2:c8:
d3:b2:b3:c2:b7:3b:98:97:34:01:ce:b3:c5:1e:62:
fa:b5:cf:bb:a4:b7:26:30:06:44:7f:85:a1:7c:6e:
c6:8d:37:25:f7:e5:28:5b:80:a1:fd:ac:1f:5d:62:
cf:39:a3:51:04:3c:05:8f:06:da:f9:b2:57:72:09:
63:de:20:71:c6:ed:99:56:0e:58:20:ae:10:06:cb:
db:00:46:23:a5:b3:3d:ab:e8:99:f7:62:1b:7a:13:
3c:fd:29:75:a2:00:a3:7b:00:2a:df:e7:af:ae:f3:
4d:23:42:ed:0f:db:1b:c5:80:5e:32:55:2c:3a:52:
ec:ad:fa:50:09:91:f6:a9:82:8a:25:c0:5b:70:ac:
d8:2a:f4:d1:bb:a3:f7:17:b8:a9:64:d2:08:ee:7f:
ab:a1:df:ac:71:73:e3:6e:b9:49:bd:f1:83:a0:f9:
d4:84:d2:bf:b4:44:1a:71:ae:14:ec:71:6f:95:ba:
15:d1:a9:9c:79:fb:6c:b0:eb:f7:f9:1b:ed:f0:a1:
1e:68:ef:5b:c4:00:89:d2:b4:6a:29:2c:6a:83:b5:
0b:7d:05:20:7b:87:f5:9d:aa:8b:09:e7:02:38:99:
19:34:26:0a:c2:9e:b3:05:70:f1:c8:17:99:b3:e1:
3f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:FE:83:ED:EE:6E:98:CD:E0:1F:9A:09:F2:9D:74:C2:84:B9:CD:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a06e909-5227-47d9-a58c-be623a2a4cad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:4000::/40
Signature Algorithm: sha256WithRSAEncryption
6b:f2:08:53:dd:87:94:28:3e:51:72:80:3d:7a:ec:6f:d8:8d:
38:da:cc:81:15:39:31:4e:ac:f1:ce:2b:d9:f2:63:b9:ae:0f:
f4:8f:d8:80:da:5b:ea:40:5e:48:a4:a3:9e:42:e8:7e:ea:48:
a1:28:3e:d0:0e:23:f6:2c:61:2c:59:c2:26:c4:4e:f5:5c:ce:
69:2e:a0:f8:59:fd:5d:2d:06:c7:b7:37:7f:7e:ce:17:e9:fe:
90:79:40:0d:9f:7b:5b:b1:7b:ae:ef:d2:40:91:8c:ad:e7:81:
21:5e:b7:2c:2b:ae:e9:02:9c:72:f9:7d:d3:c5:8e:0b:e7:02:
dd:11:cc:ab:1b:53:dd:35:83:77:f9:90:5a:69:a7:07:0c:bc:
f1:5b:67:db:6e:de:18:f9:97:e7:78:9f:ef:0c:85:f5:1e:c3:
03:fe:ed:18:46:b7:8a:7f:bc:fb:ab:1b:9e:3d:68:46:a3:b4:
24:a8:3b:4d:c8:3e:a1:d8:56:25:f7:9a:28:20:28:16:28:b6:
2a:63:2f:2d:84:8a:f6:44:eb:60:82:eb:16:15:91:3b:79:0a:
a0:97:85:c8:f6:68:59:e1:c6:60:e7:45:56:29:d4:aa:a4:a7:
d9:8e:9f:f5:a3:e4:93:36:f4:f3:61:7d:7e:cb:60:fa:9c:de:
f6:dd:4d:de
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUETkIJI+dtcJ7234y5DkdksX8kDIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUwMDVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1ZWZiYzZiZTA2Zjg4ZDcwZjAzNjEwNjViMWY2NzZhMDQwYzUyZmFhYTAw
Njc3YmU0ZWYzZmQzNmRlMmQyZjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOpSqYpbC/KZ7zjsU7LI07Kzwrc7mJc0Ac6zxR5i+rXPu6S3JjAGRH+FoXxu
xo03JfflKFuAof2sH11izzmjUQQ8BY8G2vmyV3IJY94gccbtmVYOWCCuEAbL2wBG
I6WzPavomfdiG3oTPP0pdaIAo3sAKt/nr67zTSNC7Q/bG8WAXjJVLDpS7K36UAmR
9qmCiiXAW3Cs2Cr00buj9xe4qWTSCO5/q6HfrHFz4265Sb3xg6D51ITSv7REGnGu
FOxxb5W6FdGpnHn7bLDr9/kb7fChHmjvW8QAidK0aiksaoO1C30FIHuH9Z2qiwnn
AjiZGTQmCsKeswVw8cgXmbPhPyMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSw/oPt
7m6YzeAfmgnynXTChLnNtTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGEwNmU5MDktNTIyNy00N2Q5LWE1OGMtYmU2MjNhMmE0Y2FkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FhA
MA0GCSqGSIb3DQEBCwUAA4IBAQBr8ghT3YeUKD5RcoA9euxv2I042syBFTkxTqzx
zivZ8mO5rg/0j9iA2lvqQF5IpKOeQuh+6kihKD7QDiP2LGEsWcImxE71XM5pLqD4
Wf1dLQbHtzd/fs4X6f6QeUANn3tbsXuu79JAkYyt54EhXrcsK67pApxy+X3TxY4L
5wLdEcyrG1PdNYN3+ZBaaacHDLzxW2fbbt4Y+ZfneJ/vDIX1HsMD/u0YRreKf7z7
qxuePWhGo7QkqDtNyD6h2FYl95ooICgWKLYqYy8thIr2ROtggusWFZE7eQqgl4XI
9mhZ4cZg50VWKdSqpKfZjp/1o+STNvTzYX1+y2D6nN723U3e
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:48:22 2025 by rpki-client