
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
File: 8e492412-994d-4c48-a29e-9082ebce3349.roa (raw, json)
Hash identifier: 2PFyisl0+z3QA/1HzPB1hGjqSgX1Ji3LF413ei05VLo=
Subject key identifier: D8:B4:73:ED:84:33:BD:DB:D9:50:3C:45:5C:76:94:67:07:D3:F9:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77017B6349FF88D39517A0481B961FFC892A88E2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
Signing time: Tue 05 Aug 2025 19:31:46 +0000
ROA not before: Tue 05 Aug 2025 19:31:46 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:01:7b:63:49:ff:88:d3:95:17:a0:48:1b:96:1f:fc:89:2a:88:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:31:46 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=0ea0e2b49c73af38592f7be2c14a293f5fe3aaddda98947c3f6a72278d1545d3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5b:fa:a1:aa:6b:b3:d4:4b:44:6c:e4:8f:95:
a2:84:c2:c2:82:f4:2f:1c:92:64:d4:07:55:4e:0c:
dd:52:24:25:0d:0e:12:98:aa:58:32:2e:3f:3d:6d:
f8:80:4a:a1:d0:0f:36:62:68:06:0a:99:92:11:d7:
bd:28:f7:23:0f:6d:92:63:af:ee:ec:f8:fb:be:b4:
0a:d5:6d:b3:70:3f:85:cb:8e:f2:0f:e4:6c:40:22:
64:f5:6e:00:dc:6e:ff:be:b5:d7:76:75:8d:e4:f4:
b7:c0:d4:80:1c:ff:fe:40:b0:42:b6:a3:73:1c:86:
6e:a6:60:bb:0d:fc:74:6d:0a:8e:bb:61:cf:4f:d4:
38:ee:73:d1:78:97:c3:7a:84:e6:1f:7f:4c:50:da:
10:1b:ba:b0:e8:49:63:b5:34:f6:44:0f:96:a0:56:
dc:d8:f3:8d:df:85:6f:06:b6:8a:2d:ba:f6:00:da:
14:7f:22:e8:17:c9:a8:90:65:fa:2f:40:3d:3b:c9:
51:6d:6e:65:73:b6:db:4b:aa:1a:4f:55:02:bb:b0:
f7:30:72:fa:7a:38:db:9e:71:97:1c:92:4e:07:68:
e3:e8:59:3b:76:3a:31:00:93:ee:c6:3a:4b:55:f0:
77:a1:a7:75:eb:fd:11:e1:dc:74:05:85:7c:07:9d:
e6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B4:73:ED:84:33:BD:DB:D9:50:3C:45:5C:76:94:67:07:D3:F9:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
8b:e6:ea:65:e3:5c:c2:b1:86:f3:25:e1:4a:db:19:1c:2d:81:
d6:39:64:d2:b9:6d:23:8e:7d:50:bf:b3:cc:00:75:6b:06:da:
5e:88:28:7f:e9:d9:03:82:1b:2b:89:3f:8e:d4:ff:7f:61:ae:
ef:e6:61:ec:cc:98:67:cf:4e:20:f8:65:e6:ca:69:d5:31:47:
70:15:b2:fa:38:93:57:24:72:64:0a:44:e6:b4:98:48:f7:0c:
79:25:e4:e6:85:51:4c:95:65:e9:a7:d3:a8:24:84:eb:27:d2:
aa:f7:16:ba:72:d2:40:76:ba:60:f8:b0:0a:c7:4c:db:e8:9c:
5f:2d:ef:25:ca:fd:89:8d:d8:84:1a:f6:44:a1:31:90:c8:2c:
77:e7:d2:ed:b3:dd:d9:e1:f1:20:3c:f0:dd:43:a4:47:19:2a:
94:7b:4f:6c:66:34:ce:16:db:18:d3:ef:f7:c6:91:bd:55:d0:
b5:7c:c5:e5:a5:32:44:c4:f0:cb:3e:fc:c3:9e:89:c2:3b:75:
91:de:22:a5:58:86:4b:2d:0a:2f:a9:6d:88:97:77:92:69:7d:
b3:84:6d:d6:a7:d6:bb:ed:c1:85:61:ff:de:42:9b:bc:fa:79:
80:46:0a:d6:03:11:37:8f:e3:ce:cd:82:5b:5a:af:55:93:c8:
cf:b6:b5:0d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdwF7Y0n/iNOVF6BIG5Yf/IkqiOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMxNDZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlYTBlMmI0OWM3M2FmMzg1OTJmN2JlMmMxNGEyOTNmNWZlM2FhZGRkYTk4
OTQ3YzNmNmE3MjI3OGQxNTQ1ZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZb+qGqa7PUS0Rs5I+VooTCwoL0LxySZNQHVU4M3VIkJQ0OEpiqWDIuPz1t
+IBKodAPNmJoBgqZkhHXvSj3Iw9tkmOv7uz4+760CtVts3A/hcuO8g/kbEAiZPVu
ANxu/76113Z1jeT0t8DUgBz//kCwQrajcxyGbqZguw38dG0Kjrthz0/UOO5z0XiX
w3qE5h9/TFDaEBu6sOhJY7U09kQPlqBW3Njzjd+Fbwa2ii269gDaFH8i6BfJqJBl
+i9APTvJUW1uZXO220uqGk9VAruw9zBy+no4255xlxySTgdo4+hZO3Y6MQCT7sY6
S1Xwd6Gndev9EeHcdAWFfAed5lECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTYtHPt
hDO929lQPEVcdpRnB9P53DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGU0OTI0MTItOTk0ZC00YzQ4LWEyOWUtOTA4MmViY2UzMzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HqA
MA0GCSqGSIb3DQEBCwUAA4IBAQCL5upl41zCsYbzJeFK2xkcLYHWOWTSuW0jjn1Q
v7PMAHVrBtpeiCh/6dkDghsriT+O1P9/Ya7v5mHszJhnz04g+GXmymnVMUdwFbL6
OJNXJHJkCkTmtJhI9wx5JeTmhVFMlWXpp9OoJITrJ9Kq9xa6ctJAdrpg+LAKx0zb
6JxfLe8lyv2JjdiEGvZEoTGQyCx359Lts93Z4fEgPPDdQ6RHGSqUe09sZjTOFtsY
0+/3xpG9VdC1fMXlpTJExPDLPvzDnonCO3WR3iKlWIZLLQovqW2Il3eSaX2zhG3W
p9a77cGFYf/eQpu8+nmARgrWAxE3j+POzYJbWq9Vk8jPtrUN
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:05:32 2025 by rpki-client