Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa
File: 915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa (raw, json)
Hash identifier: aFkKdNjRl/fKc3KdZhwpTQUzfhqb9poDRGNgmAC++do=
Subject key identifier: 32:08:38:DD:F9:F3:D7:EB:BD:A3:C6:9F:DA:EA:50:7E:95:27:37:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 572B1E96F3EE928F99FEB59AE7FCB3F2B725B1D6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa
Signing time: Wed 06 Aug 2025 00:50:08 +0000
ROA not before: Wed 06 Aug 2025 00:50:08 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:2b:1e:96:f3:ee:92:8f:99:fe:b5:9a:e7:fc:b3:f2:b7:25:b1:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:08 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=040c8167f67ad1d2d0a9766db34e19cd23f6179362469547c86a5d0d4dfd9c7f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:06:1b:8e:dc:df:ac:ee:bb:79:f4:3d:e7:c0:
03:86:de:c0:d0:32:d5:11:b8:55:d9:f3:de:ba:58:
a8:b3:f0:b7:8b:2b:ac:6d:4b:17:4a:e4:50:b9:e3:
40:4c:03:e0:8a:51:2e:78:e1:68:1c:44:85:a6:08:
b6:4c:48:51:c9:23:13:a1:6d:2a:4f:3b:2a:b8:02:
75:cc:51:e6:3b:74:59:3a:f8:75:50:09:08:11:a4:
0c:05:6d:0d:92:2f:d9:e5:76:d1:76:22:d9:03:d0:
44:13:73:6c:9e:a2:c4:f1:28:9d:01:c3:21:fe:95:
0b:95:12:09:0a:52:ec:cc:74:f3:d0:a3:5b:35:07:
be:db:f4:b6:8e:57:4a:90:ad:24:f8:2c:37:c0:22:
d0:e6:c4:b2:f1:b6:51:4d:7b:2a:fa:31:08:ca:fd:
da:b9:46:a5:f5:54:ce:f9:bc:44:ec:32:60:61:9b:
de:26:ab:b1:3d:d1:99:43:30:41:70:48:c6:e0:7a:
df:6c:66:8b:7d:e2:26:bc:81:47:a4:20:8f:66:c3:
68:76:bc:15:18:5b:27:b6:10:cb:0f:d9:b4:69:b1:
bc:fd:59:c8:29:2b:7d:3d:9f:f7:5f:da:f6:43:66:
b5:1b:86:9f:cb:7e:70:2f:33:b0:13:c7:4b:f8:3b:
f3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:08:38:DD:F9:F3:D7:EB:BD:A3:C6:9F:DA:EA:50:7E:95:27:37:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8000::/36
Signature Algorithm: sha256WithRSAEncryption
39:a2:5e:0c:e2:37:17:e8:d6:6f:85:99:4d:7d:58:c1:5d:7b:
fa:92:e0:17:b3:74:49:c0:62:9c:a8:0d:6c:c4:bd:52:ae:53:
f5:d2:96:89:f0:06:d0:ff:ec:f4:54:32:ab:b3:1d:73:98:57:
48:35:0b:b8:68:ed:14:ac:ba:89:a8:e4:75:3a:4e:66:98:32:
7a:e0:47:5b:3d:f2:f1:c4:dd:6e:be:a6:e4:89:7d:27:da:62:
b4:c3:8d:15:35:f9:5f:bd:19:eb:63:1d:ab:6d:b2:a5:e4:8c:
e1:b0:96:cd:e9:f5:3e:c8:f9:81:86:c0:3e:b0:fb:fb:f8:c2:
54:9f:82:fd:f8:4f:71:a2:7b:b1:15:50:45:71:b3:89:bb:71:
d0:6a:d1:9d:9d:35:4e:49:32:43:38:dc:b7:66:5f:46:9a:ae:
71:e9:7f:1b:f4:e9:e5:25:99:94:bc:9a:74:4d:40:c7:93:ed:
21:27:7f:c2:f4:d5:43:06:d3:ce:a3:d5:2c:95:f7:4b:87:ce:
5f:a9:1e:b8:eb:87:57:b8:0e:73:3c:37:79:65:12:c9:6d:69:
46:37:08:b2:90:ea:a7:26:dd:bf:0a:40:f5:e5:7b:09:31:7b:
cd:4a:0b:f9:af:85:b3:71:c7:7f:87:1c:ba:48:9f:f7:ea:51:
0d:ec:31:46
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVyselvPuko+Z/rWa5/yz8rclsdYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwMDhaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0MGM4MTY3ZjY3YWQxZDJkMGE5NzY2ZGIzNGUxOWNkMjNmNjE3OTM2MjQ2
OTU0N2M4NmE1ZDBkNGRmZDljN2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4GG47c36zuu3n0PefAA4bewNAy1RG4Vdnz3rpYqLPwt4srrG1LF0rkULnj
QEwD4IpRLnjhaBxEhaYItkxIUckjE6FtKk87KrgCdcxR5jt0WTr4dVAJCBGkDAVt
DZIv2eV20XYi2QPQRBNzbJ6ixPEonQHDIf6VC5USCQpS7Mx089CjWzUHvtv0to5X
SpCtJPgsN8Ai0ObEsvG2UU17KvoxCMr92rlGpfVUzvm8ROwyYGGb3iarsT3RmUMw
QXBIxuB632xmi33iJryBR6Qgj2bDaHa8FRhbJ7YQyw/ZtGmxvP1ZyCkrfT2f91/a
9kNmtRuGn8t+cC8zsBPHS/g78+8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQyCDjd
+fPX672jxp/a6lB+lSc3kzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTE1Y2NlZjYtYjA2Zi00ZTExLWJlOWEtOGI5YTIyOWZmNTJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BCA
MA0GCSqGSIb3DQEBCwUAA4IBAQA5ol4M4jcX6NZvhZlNfVjBXXv6kuAXs3RJwGKc
qA1sxL1SrlP10paJ8AbQ/+z0VDKrsx1zmFdINQu4aO0UrLqJqOR1Ok5mmDJ64Edb
PfLxxN1uvqbkiX0n2mK0w40VNflfvRnrYx2rbbKl5IzhsJbN6fU+yPmBhsA+sPv7
+MJUn4L9+E9xonuxFVBFcbOJu3HQatGdnTVOSTJDONy3Zl9Gmq5x6X8b9OnlJZmU
vJp0TUDHk+0hJ3/C9NVDBtPOo9UslfdLh85fqR6464dXuA5zPDd5ZRLJbWlGNwiy
kOqnJt2/CkD15XsJMXvNSgv5r4Wzccd/hxy6SJ/36lEN7DFG
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:15 2025 by rpki-client