Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa
File: 8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa (raw, json)
Hash identifier: IrPx+uSFDGEMZOEtUJgvo9SDT+dg4Z/tI7NBvEVw84E=
Subject key identifier: F6:DA:F2:FE:9F:99:D6:66:7E:FB:E6:75:3F:DE:67:C1:8E:B6:5D:30
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A22CF5FD875B9DD10ADC60E807DB2FB9C1CDDE3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa
Signing time: Tue 05 Aug 2025 19:50:56 +0000
ROA not before: Tue 05 Aug 2025 19:50:56 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:22:cf:5f:d8:75:b9:dd:10:ad:c6:0e:80:7d:b2:fb:9c:1c:dd:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:50:56 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=99d87142c0b978e27dfb580d39d17e8f43ca578750ecc5c1334a8a9adc59f2a1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0f:72:46:4f:33:64:57:8d:79:b9:6c:05:f1:
2e:a4:82:39:e5:e7:ff:ee:98:7c:c3:a1:74:8e:d6:
bc:f0:13:e4:be:dc:f5:93:7e:7c:5d:06:3f:f5:a6:
66:71:7b:4e:d6:80:77:66:6b:28:75:d2:29:66:f3:
84:bf:73:3e:a3:e7:f4:d8:34:f1:d8:53:e8:e4:5d:
d2:73:b9:9a:46:30:9b:26:3b:5e:b1:95:a2:39:4a:
74:72:ea:8b:df:7c:60:26:dc:d1:f3:42:39:7e:96:
5d:40:59:59:0e:9f:34:74:cd:f3:bd:46:9a:9a:a5:
79:0b:c8:38:1c:f6:ac:f3:d1:ae:8d:57:f2:d2:4b:
11:7e:d5:39:69:e1:78:e5:01:b5:75:58:40:df:53:
85:20:6d:d2:47:51:97:bc:e5:4c:8f:12:a1:e8:6f:
13:ca:cf:a6:87:3a:19:58:20:f6:9f:9a:20:af:83:
da:fe:b2:c5:be:de:4d:ae:f2:f2:5a:d9:4f:2a:c8:
29:ba:a3:3c:30:5f:14:fa:ec:17:6c:8d:62:8d:d5:
cd:6c:13:ed:ba:2c:d4:d4:4d:68:02:bb:81:e9:03:
11:99:8d:a5:36:30:40:8b:a2:c4:ef:f5:0e:e0:38:
fc:e6:1c:26:29:3a:41:55:bb:e0:27:7f:84:07:5b:
b0:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:DA:F2:FE:9F:99:D6:66:7E:FB:E6:75:3F:DE:67:C1:8E:B6:5D:30
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:e000::/40
Signature Algorithm: sha256WithRSAEncryption
b3:58:82:66:25:82:79:09:82:9a:47:40:06:6b:1e:59:7c:8f:
fd:33:d5:5f:1b:dc:0b:63:e3:0e:11:14:eb:9d:8b:a7:fd:c6:
0b:29:2f:e8:27:b2:37:24:43:e6:0a:f2:68:34:67:6f:ee:36:
b4:ba:0e:67:32:43:19:e6:e3:e8:e5:fa:39:4f:3d:0f:5e:ab:
52:59:d6:ed:2e:9c:80:48:a8:a4:1e:cb:7c:70:43:05:ed:2c:
37:24:c9:39:83:09:15:f2:a2:d8:17:8c:9c:2e:0c:cd:10:f3:
5a:d4:a6:16:69:7d:83:f5:44:9e:ea:1c:72:ef:28:da:ed:be:
fe:99:9d:d1:79:9f:b9:6c:f0:ea:52:75:28:7a:72:6d:21:4e:
ac:e0:99:80:a3:32:c8:b9:a0:89:7b:7b:56:af:62:7f:69:06:
1b:5e:cd:3f:f6:59:c6:b2:28:b4:59:58:5c:c7:8a:de:df:6a:
54:e9:24:d0:53:22:ea:00:44:da:e9:a2:9e:05:20:ad:dc:71:
ee:fa:7b:8d:d6:4f:23:f5:d7:14:11:15:cc:7a:73:ad:db:78:
9a:a6:0e:4f:b6:2f:6c:fa:5b:fe:cc:00:46:09:ba:29:aa:1f:
31:89:fe:89:88:bd:fd:05:23:3c:51:f6:4b:b0:b5:ac:c1:13:
83:0a:b6:1b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOiLPX9h1ud0QrcYOgH2y+5wc3eMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUwNTZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5ZDg3MTQyYzBiOTc4ZTI3ZGZiNTgwZDM5ZDE3ZThmNDNjYTU3ODc1MGVj
YzVjMTMzNGE4YTlhZGM1OWYyYTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkPckZPM2RXjXm5bAXxLqSCOeXn/+6YfMOhdI7WvPAT5L7c9ZN+fF0GP/Wm
ZnF7TtaAd2ZrKHXSKWbzhL9zPqPn9Ng08dhT6ORd0nO5mkYwmyY7XrGVojlKdHLq
i998YCbc0fNCOX6WXUBZWQ6fNHTN871GmpqleQvIOBz2rPPRro1X8tJLEX7VOWnh
eOUBtXVYQN9ThSBt0kdRl7zlTI8SoehvE8rPpoc6GVgg9p+aIK+D2v6yxb7eTa7y
8lrZTyrIKbqjPDBfFPrsF2yNYo3VzWwT7bos1NRNaAK7gekDEZmNpTYwQIuixO/1
DuA4/OYcJik6QVW74Cd/hAdbsLUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT22vL+
n5nWZn775nU/3mfBjrZdMDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGRjN2Q1YmEtYjFlOS00YzFjLWExOTAtMjE0NzMxYjcxYjQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dbg
MA0GCSqGSIb3DQEBCwUAA4IBAQCzWIJmJYJ5CYKaR0AGax5ZfI/9M9VfG9wLY+MO
ERTrnYun/cYLKS/oJ7I3JEPmCvJoNGdv7ja0ug5nMkMZ5uPo5fo5Tz0PXqtSWdbt
LpyASKikHst8cEMF7Sw3JMk5gwkV8qLYF4ycLgzNEPNa1KYWaX2D9USe6hxy7yja
7b7+mZ3ReZ+5bPDqUnUoenJtIU6s4JmAozLIuaCJe3tWr2J/aQYbXs0/9lnGsii0
WVhcx4re32pU6STQUyLqAETa6aKeBSCt3HHu+nuN1k8j9dcUERXMenOt23iapg5P
ti9s+lv+zABGCbopqh8xif6JiL39BSM8UfZLsLWswRODCrYb
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:45 2025 by rpki-client