Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa
File: 8e4adf38-a007-4c0e-8621-1e65a160ad12.roa (raw, json)
Hash identifier: qWBQDZi1CU64CBXahbl6SYTzTLvrz27qs4URDer9cTM=
Subject key identifier: 26:3A:B6:22:00:AF:13:B0:59:50:06:0F:17:67:3A:FE:FA:CB:C1:EF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E81096B2C6313CBB0A81564B6383005AF3555E6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa
Signing time: Tue 05 Aug 2025 19:30:17 +0000
ROA not before: Tue 05 Aug 2025 19:30:17 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:81:09:6b:2c:63:13:cb:b0:a8:15:64:b6:38:30:05:af:35:55:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:30:17 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=daca6a0f8e4c358e17210df2da366fb47e672b676918ab059df714bc015e3928, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:12:42:80:9b:96:0e:20:fb:90:8d:c2:71:d7:
2c:25:82:68:f3:6a:73:a9:42:1c:da:d6:03:76:56:
64:66:15:88:23:4e:3c:f1:d3:19:8f:50:36:cc:31:
08:d4:0a:69:84:82:d5:7a:0f:b0:5a:45:ee:e7:aa:
81:dc:c9:75:e4:99:4f:af:2e:c6:7b:60:d1:5c:54:
2a:0f:c7:2c:6f:a2:8f:2a:5a:3c:f9:54:df:8e:a9:
32:83:cc:55:9d:c0:4a:ba:df:ac:dd:87:92:89:28:
ac:55:8d:a3:c3:a4:2a:12:c4:fc:ed:a9:dd:9c:e8:
52:aa:0f:ea:fc:3d:1c:36:0a:04:26:2f:09:a8:87:
77:ab:09:23:dd:fa:9a:7e:3a:d1:a7:6e:09:2c:f7:
1e:87:f3:fe:fc:34:cd:83:b1:d9:bb:ef:a1:19:56:
e9:fc:d0:74:ab:4d:21:e7:40:f6:25:ac:b2:d8:85:
0c:7e:06:3c:e2:cd:bf:53:1c:71:46:52:61:10:c3:
0a:91:43:0e:76:af:4a:5c:0c:f1:f3:21:c4:f9:d3:
11:6b:f9:9e:1c:c1:42:44:cb:5c:bc:12:db:5b:6a:
f5:e2:49:d1:fe:c8:09:29:ae:a9:0e:dd:d0:59:9d:
bd:64:37:4c:6d:be:00:00:9c:7e:17:43:4e:d6:a9:
89:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:3A:B6:22:00:AF:13:B0:59:50:06:0F:17:67:3A:FE:FA:CB:C1:EF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2000::/40
Signature Algorithm: sha256WithRSAEncryption
07:44:9d:83:c6:6e:2d:cc:74:70:9a:ec:19:35:27:cc:c5:14:
41:cf:17:b7:f5:36:61:00:dc:8a:34:48:09:77:bd:99:4e:b1:
76:3e:be:e9:ee:27:f9:42:95:6d:1d:56:4f:28:91:d0:17:76:
e5:7a:b9:ab:ed:0f:10:81:a8:26:84:42:a3:5c:f7:e5:b4:a5:
35:14:fa:d9:54:09:a4:b6:8a:43:ef:7b:9f:d5:0d:28:3e:e6:
36:16:9c:12:ee:bd:2c:a3:0f:a6:0d:89:33:b9:41:e0:ba:ee:
46:63:7f:b6:fe:aa:f7:1f:03:a9:1f:e2:74:f8:1a:1e:85:b8:
26:a7:88:a8:b7:7b:17:7e:27:28:93:08:59:46:47:72:ed:33:
37:f5:77:aa:6b:1f:b0:57:bb:3d:00:f6:49:f6:01:54:0a:0b:
f2:7f:de:6f:85:d3:4b:a8:90:df:ae:4f:62:3c:a3:07:77:a8:
4a:6a:10:0b:b7:37:ca:4b:8d:e2:80:0e:49:5a:07:0f:b2:45:
69:2d:19:25:a6:a9:dc:d4:e8:74:ce:37:fe:6a:94:d2:8e:2a:
df:57:8f:e0:19:b4:77:51:b0:72:81:a7:a3:51:ed:7f:6a:c4:
1f:55:77:67:2e:df:10:38:01:72:d9:71:8b:81:96:c5:8c:be:
01:23:03:42
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUboEJayxjE8uwqBVktjgwBa81VeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMwMTdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhY2E2YTBmOGU0YzM1OGUxNzIxMGRmMmRhMzY2ZmI0N2U2NzJiNjc2OTE4
YWIwNTlkZjcxNGJjMDE1ZTM5MjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI0SQoCblg4g+5CNwnHXLCWCaPNqc6lCHNrWA3ZWZGYViCNOPPHTGY9QNswx
CNQKaYSC1XoPsFpF7ueqgdzJdeSZT68uxntg0VxUKg/HLG+ijypaPPlU346pMoPM
VZ3ASrrfrN2HkokorFWNo8OkKhLE/O2p3ZzoUqoP6vw9HDYKBCYvCaiHd6sJI936
mn460aduCSz3Hofz/vw0zYOx2bvvoRlW6fzQdKtNIedA9iWsstiFDH4GPOLNv1Mc
cUZSYRDDCpFDDnavSlwM8fMhxPnTEWv5nhzBQkTLXLwS21tq9eJJ0f7ICSmuqQ7d
0FmdvWQ3TG2+AACcfhdDTtapiX8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQmOrYi
AK8TsFlQBg8XZzr++svB7zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGU0YWRmMzgtYTAwNy00YzBlLTg2MjEtMWU2NWExNjBhZDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8g
MA0GCSqGSIb3DQEBCwUAA4IBAQAHRJ2Dxm4tzHRwmuwZNSfMxRRBzxe39TZhANyK
NEgJd72ZTrF2Pr7p7if5QpVtHVZPKJHQF3blermr7Q8QgagmhEKjXPfltKU1FPrZ
VAmktopD73uf1Q0oPuY2FpwS7r0sow+mDYkzuUHguu5GY3+2/qr3HwOpH+J0+Boe
hbgmp4iot3sXficokwhZRkdy7TM39Xeqax+wV7s9APZJ9gFUCgvyf95vhdNLqJDf
rk9iPKMHd6hKahALtzfKS43igA5JWgcPskVpLRklpqnc1Oh0zjf+apTSjirfV4/g
GbR3UbBygaejUe1/asQfVXdnLt8QOAFy2XGLgZbFjL4BIwNC
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:43 2025 by rpki-client