Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
File: 8aeef071-ad76-436d-a059-ad727b09eb3b.roa (raw, json)
Hash identifier: pe46GVs0kzbWXMR5sxyZ8u6kkPvhBbNwmFYSge1pbUo=
Subject key identifier: 28:26:4E:F1:36:91:7B:3B:A1:67:16:DE:20:3D:8B:82:93:74:0B:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03DB39C46D2403A189A66D437704A0F5AFA1FC8F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
Signing time: Wed 06 Aug 2025 00:50:58 +0000
ROA not before: Wed 06 Aug 2025 00:50:58 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:db:39:c4:6d:24:03:a1:89:a6:6d:43:77:04:a0:f5:af:a1:fc:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:58 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=694e1b12c688b0c6fbb5fd0ce2e8fcbcb2fb806ab794413459c4f62dbd43b5e6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ed:02:a0:68:f1:1e:8d:28:82:2c:7a:34:37:
a1:9e:b3:2c:9b:a5:92:21:d6:8b:f6:94:81:74:a7:
6b:dd:f0:90:0f:d3:a5:7c:e2:5e:15:49:3b:47:3b:
1a:c2:02:e2:a4:a2:65:a9:c1:b3:a9:79:7e:fb:d8:
f4:90:f8:4f:c9:e3:14:f2:a6:49:69:00:d8:5b:57:
c8:35:59:92:27:c3:5e:12:f0:7b:e2:c9:06:70:dc:
77:b8:3e:b2:0a:dc:87:d1:52:6e:fc:44:e0:4b:ea:
b8:90:db:73:a8:53:59:95:0e:05:ba:1e:d7:1b:b6:
80:65:01:ba:08:5c:f5:ec:f6:5a:a3:dc:86:4a:bb:
5c:4d:6a:e3:34:ff:0e:17:e6:95:2c:b0:f8:03:46:
e3:0d:af:0f:d9:7f:4b:22:98:2b:1e:1c:27:73:20:
01:5c:47:87:1f:71:bd:9c:6e:da:20:95:5a:63:32:
2a:43:d8:dc:fa:5d:63:cd:f2:d8:e1:3f:e5:52:47:
d9:38:89:97:b7:47:5c:0b:c7:cb:7b:81:6e:23:5e:
14:ab:98:aa:41:c6:d8:8d:db:1c:eb:7b:0c:51:0d:
a1:7b:13:96:b0:ae:4c:c4:0e:ae:fd:59:80:40:0f:
75:e1:07:bb:e4:09:69:2a:c8:b4:2f:06:7a:ea:8f:
34:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:26:4E:F1:36:91:7B:3B:A1:67:16:DE:20:3D:8B:82:93:74:0B:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:2000::/40
Signature Algorithm: sha256WithRSAEncryption
42:f4:7a:bd:0d:cb:6d:66:cc:f1:6a:7b:ae:62:c6:fa:a1:9c:
a5:d0:4a:fa:99:b3:b8:c6:0e:7f:7f:5b:50:e7:16:f9:d7:1a:
1d:96:60:6d:a1:ba:ea:4f:fb:ab:fd:f5:73:f8:31:9f:7c:d6:
72:c7:37:fb:66:b4:4e:b2:1e:09:c2:91:cd:d2:e8:ee:a6:fa:
67:be:e5:fd:00:de:70:98:b5:bb:ba:a3:f9:99:00:63:89:a0:
21:60:80:dd:cc:84:68:f4:9b:d2:90:1c:0e:a8:67:7a:8c:3c:
ad:65:8b:1f:13:d2:9a:a8:4e:3c:72:53:a1:ec:39:ba:58:e2:
9f:0c:1d:c1:ae:2e:7e:2c:8d:56:b5:07:fc:58:e6:bf:f5:be:
6a:9d:79:c4:b4:6c:24:8b:cd:88:54:e4:7b:2a:83:05:0c:50:
fb:d3:21:a4:0c:c9:80:c3:61:33:0d:31:49:84:aa:fd:9a:b4:
13:df:b7:e8:b5:17:7e:b8:c5:a5:68:51:b6:02:a3:b9:a9:97:
77:41:42:05:fd:9c:07:af:11:22:c3:08:66:fe:89:76:7f:ae:
ef:99:27:ac:ec:8c:7c:bb:00:07:cf:ff:9b:10:cf:df:ff:99:
a4:33:f4:36:3a:a4:77:29:a6:6b:d4:d1:50:1a:f5:e7:17:54:
fc:2d:37:15
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUA9s5xG0kA6GJpm1DdwSg9a+h/I8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwNThaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5NGUxYjEyYzY4OGIwYzZmYmI1ZmQwY2UyZThmY2JjYjJmYjgwNmFiNzk0
NDEzNDU5YzRmNjJkYmQ0M2I1ZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALntAqBo8R6NKIIsejQ3oZ6zLJulkiHWi/aUgXSna93wkA/TpXziXhVJO0c7
GsIC4qSiZanBs6l5fvvY9JD4T8njFPKmSWkA2FtXyDVZkifDXhLwe+LJBnDcd7g+
sgrch9FSbvxE4EvquJDbc6hTWZUOBboe1xu2gGUBughc9ez2WqPchkq7XE1q4zT/
DhfmlSyw+ANG4w2vD9l/SyKYKx4cJ3MgAVxHhx9xvZxu2iCVWmMyKkPY3PpdY83y
2OE/5VJH2TiJl7dHXAvHy3uBbiNeFKuYqkHG2I3bHOt7DFENoXsTlrCuTMQOrv1Z
gEAPdeEHu+QJaSrItC8GeuqPNKECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQoJk7x
NpF7O6FnFt4gPYuCk3QL0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGFlZWYwNzEtYWQ3Ni00MzZkLWEwNTktYWQ3MjdiMDllYjNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dgg
MA0GCSqGSIb3DQEBCwUAA4IBAQBC9Hq9DcttZszxanuuYsb6oZyl0Er6mbO4xg5/
f1tQ5xb51xodlmBtobrqT/ur/fVz+DGffNZyxzf7ZrROsh4JwpHN0ujupvpnvuX9
AN5wmLW7uqP5mQBjiaAhYIDdzIRo9JvSkBwOqGd6jDytZYsfE9KaqE48clOh7Dm6
WOKfDB3Bri5+LI1WtQf8WOa/9b5qnXnEtGwki82IVOR7KoMFDFD70yGkDMmAw2Ez
DTFJhKr9mrQT37fotRd+uMWlaFG2AqO5qZd3QUIF/ZwHrxEiwwhm/ol2f67vmSes
7Ix8uwAHz/+bEM/f/5mkM/Q2OqR3KaZr1NFQGvXnF1T8LTcV
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:03 2025 by rpki-client