Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa
File: 9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa (raw, json)
Hash identifier: DxFZHxwwpY13o8I/vt3fGFhBJoA3a7SNugBddeczjtM=
Subject key identifier: B8:B3:6A:75:FD:DF:26:15:35:CE:C4:94:60:27:92:36:C5:5E:F3:96
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11992278464FEE97A1AF4D5E965D4B7296B0956B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa
Signing time: Tue 05 Aug 2025 20:20:17 +0000
ROA not before: Tue 05 Aug 2025 20:20:17 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:99:22:78:46:4f:ee:97:a1:af:4d:5e:96:5d:4b:72:96:b0:95:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:20:17 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=ac121db311a17dd1ce8f57a3da84b0b6f1b0fd10f57d34e5b4c3f09779587924, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:60:6a:29:80:0e:7c:de:1e:e4:6e:39:dd:49:
0f:66:6d:76:6a:05:e0:6b:62:a0:91:51:88:4f:02:
c2:65:3d:9c:31:38:86:13:a5:f7:a5:82:ff:cc:3e:
1e:4f:85:e0:47:d1:ad:3f:83:01:be:56:b4:c7:9f:
f6:49:a1:e6:4b:7d:60:84:80:87:6d:fa:fd:e4:e4:
47:7a:f0:bf:e0:5b:34:cc:41:3f:a2:5f:c9:c2:19:
02:16:57:1c:c8:d7:0b:e8:15:b5:fb:f2:a3:b8:36:
c3:fd:14:fc:cb:af:59:d3:74:fe:1b:ef:65:9a:f6:
53:35:a0:5e:39:71:ab:09:67:0d:1b:4b:b3:ed:72:
56:80:0a:b0:bf:41:3f:21:57:67:62:86:5f:a1:1e:
81:b2:16:e2:42:6e:a7:92:8a:83:c5:69:e2:2d:1a:
88:b8:a8:bd:bf:8f:c6:94:5d:65:8a:3e:f4:56:bd:
5a:e8:dc:fa:64:53:c6:75:2d:a3:e4:44:01:41:cd:
fa:9a:43:d3:02:90:e5:66:81:15:38:49:41:ac:5c:
59:e1:65:64:11:d4:4b:93:64:f9:f2:60:e3:79:c7:
12:79:99:48:1f:b7:ce:e7:00:a6:31:8a:6a:ab:b5:
54:2e:56:4c:4a:a5:21:a7:66:38:cd:bf:18:a7:e3:
e5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B3:6A:75:FD:DF:26:15:35:CE:C4:94:60:27:92:36:C5:5E:F3:96
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070::/32
Signature Algorithm: sha256WithRSAEncryption
70:4d:98:31:ac:ad:f8:21:86:f7:56:26:61:ed:f8:d1:75:da:
43:f8:9a:3c:80:ae:49:30:bd:f3:db:f9:15:f8:33:68:4d:17:
15:4b:ff:3c:4c:57:e4:18:6c:ff:c2:46:0b:06:00:c2:6c:e5:
c8:54:f9:d3:35:98:88:2d:dd:42:7b:07:30:57:85:6f:db:e9:
4c:e3:05:cc:f0:c6:cf:30:d8:ea:51:45:7d:ae:1c:9e:93:b5:
a0:f7:8a:76:0a:c1:97:9c:8d:53:59:5e:f7:36:c8:a0:42:43:
95:4a:79:10:24:74:3a:55:ac:25:97:e4:c5:4e:57:dc:22:6b:
0c:15:95:3d:f5:b0:df:6a:1b:e6:85:d3:2e:fa:db:2d:61:84:
b9:6c:9e:10:00:89:a2:70:98:70:f0:76:32:02:63:25:2c:1b:
22:31:aa:49:ae:bf:ea:ca:6c:c5:be:9b:1c:5a:45:ad:5f:0b:
ca:7f:83:7d:35:07:99:f3:01:ef:27:b2:0c:1b:58:ec:aa:4d:
0b:d0:8f:e4:68:9e:f4:d9:4d:e4:20:26:b6:d0:01:0c:48:e4:
b3:bd:b4:26:9e:9f:a3:c8:aa:b1:80:ca:49:a1:c6:98:fb:b8:
48:e7:00:b0:f8:21:5a:25:ef:13:6b:8b:c4:cc:ab:47:4a:11:
df:67:ec:aa
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUEZkieEZP7pehr01ell1LcpawlWswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDIwMTdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjMTIxZGIzMTFhMTdkZDFjZThmNTdhM2RhODRiMGI2ZjFiMGZkMTBmNTdk
MzRlNWI0YzNmMDk3Nzk1ODc5MjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdgaimADnzeHuRuOd1JD2ZtdmoF4GtioJFRiE8CwmU9nDE4hhOl96WC/8w+
Hk+F4EfRrT+DAb5WtMef9kmh5kt9YISAh236/eTkR3rwv+BbNMxBP6JfycIZAhZX
HMjXC+gVtfvyo7g2w/0U/MuvWdN0/hvvZZr2UzWgXjlxqwlnDRtLs+1yVoAKsL9B
PyFXZ2KGX6EegbIW4kJup5KKg8Vp4i0aiLiovb+PxpRdZYo+9Fa9Wujc+mRTxnUt
o+REAUHN+ppD0wKQ5WaBFThJQaxcWeFlZBHUS5Nk+fJg43nHEnmZSB+3zucApjGK
aqu1VC5WTEqlIadmOM2/GKfj5akCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBS4s2p1
/d8mFTXOxJRgJ5I2xV7zljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTExOWEwMWUtMmJiNC00ZDY5LTkzMjUtNWY0YWE4ZmI4YmU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HAw
DQYJKoZIhvcNAQELBQADggEBAHBNmDGsrfghhvdWJmHt+NF12kP4mjyArkkwvfPb
+RX4M2hNFxVL/zxMV+QYbP/CRgsGAMJs5chU+dM1mIgt3UJ7BzBXhW/b6UzjBczw
xs8w2OpRRX2uHJ6TtaD3inYKwZecjVNZXvc2yKBCQ5VKeRAkdDpVrCWX5MVOV9wi
awwVlT31sN9qG+aF0y762y1hhLlsnhAAiaJwmHDwdjICYyUsGyIxqkmuv+rKbMW+
mxxaRa1fC8p/g301B5nzAe8nsgwbWOyqTQvQj+RonvTZTeQgJrbQAQxI5LO9tCae
n6PIqrGAykmhxpj7uEjnALD4IVol7xNri8TMq0dKEd9n7Ko=
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:50:47 2025 by rpki-client