Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
File: 91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa (raw, json)
Hash identifier: RF9tl2lhcOEZa14XMIijIbQxlNIyImzB73tOFvQR0BM=
Subject key identifier: A2:D1:A5:D3:79:49:B0:DB:AF:ED:69:8C:63:99:6A:53:41:CB:E2:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B05D4AA204D98A6A6CA20A45F34FC5B659BB777
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
Signing time: Tue 05 Aug 2025 18:41:40 +0000
ROA not before: Tue 05 Aug 2025 18:41:40 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:05:d4:aa:20:4d:98:a6:a6:ca:20:a4:5f:34:fc:5b:65:9b:b7:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:41:40 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=5a8b382b26c203eabd80a65bf44ce95c585980eb1462f5708bb5530734f8bdd5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e2:5f:03:d5:61:d8:91:39:ad:cf:80:aa:72:
1b:9e:05:52:fa:40:f9:0c:3a:78:18:f0:9f:03:f4:
72:e5:5c:17:47:c7:ac:30:92:7e:66:7b:1a:03:7e:
c9:da:ad:58:d9:16:2a:74:18:d4:63:a9:12:d9:23:
e9:b0:8a:f6:ab:45:34:3d:55:8c:a2:a0:70:c6:10:
66:4f:5f:5c:50:08:8f:17:ba:84:7a:31:0d:ab:24:
7e:92:94:4c:f2:5a:46:c4:c2:de:06:70:f4:fb:88:
d4:b6:49:82:bb:ed:a2:2c:75:b9:c0:9a:b1:19:cb:
e4:4f:72:65:c6:7f:cd:06:03:7d:86:5c:40:4e:3f:
77:a5:e7:e0:02:89:ef:48:0b:6e:c9:39:70:36:63:
a6:1d:18:8f:e8:e2:8b:93:d9:36:a3:96:e6:0e:9f:
97:63:53:1a:61:2a:7e:f4:77:6b:c5:37:ac:a6:c4:
42:83:7d:74:12:60:99:5a:d9:c4:b2:73:e6:08:41:
ed:99:7d:d1:34:65:2d:4c:2a:e8:a7:ad:de:ad:f2:
c4:b2:af:72:d1:e4:46:9e:8f:e6:b6:6a:53:d9:bf:
31:a2:85:db:6a:e9:0e:9e:3e:45:5a:0b:8a:d8:39:
ba:1a:c2:b0:3b:0b:ae:06:92:0e:20:a7:7e:1d:eb:
73:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D1:A5:D3:79:49:B0:DB:AF:ED:69:8C:63:99:6A:53:41:CB:E2:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8080::/48
Signature Algorithm: sha256WithRSAEncryption
14:10:47:fe:0b:fa:a1:01:25:42:9e:51:cc:df:8a:69:d8:87:
7f:ae:62:b0:d8:06:49:85:83:65:0b:87:d8:95:2d:1b:cc:ff:
6c:94:ee:c9:20:b2:01:62:07:e6:50:9a:0a:74:fd:53:c5:8a:
11:b8:0e:e7:ed:c5:c0:fe:11:8d:11:31:94:0c:c7:49:e4:a4:
52:d7:9f:f9:e2:de:80:60:ab:9f:69:5d:15:ee:d4:3e:4c:cb:
ab:b2:7b:25:2a:40:ac:bf:4f:58:7f:94:ef:1b:8e:72:38:06:
a3:03:3f:d1:79:3b:2d:4c:a7:09:ae:87:00:66:a7:d5:46:b0:
1c:ad:1d:b3:87:f7:28:e0:9b:b1:bf:cf:5a:d2:56:ba:d8:9b:
cb:02:8c:89:6d:57:95:44:d0:26:7b:30:50:45:a4:75:a6:07:
2d:65:01:6f:28:0f:c4:69:de:93:ef:8d:b2:31:6b:21:95:5e:
47:02:11:77:e2:1f:5c:30:8c:4c:a4:ae:b4:51:6c:c4:c2:5f:
3e:6b:37:6e:bd:42:f5:a7:49:73:af:8b:09:72:06:b3:a2:e5:
75:aa:0a:a2:88:a6:25:9a:76:77:11:10:91:de:9d:c4:11:99:
a0:84:59:ad:4c:ef:37:5c:ca:a2:35:2a:fa:d4:ca:83:10:bf:
d3:73:d7:fc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGwXUqiBNmKamyiCkXzT8W2Wbt3cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQxNDBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhOGIzODJiMjZjMjAzZWFiZDgwYTY1YmY0NGNlOTVjNTg1OTgwZWIxNDYy
ZjU3MDhiYjU1MzA3MzRmOGJkZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOPiXwPVYdiROa3PgKpyG54FUvpA+Qw6eBjwnwP0cuVcF0fHrDCSfmZ7GgN+
ydqtWNkWKnQY1GOpEtkj6bCK9qtFND1VjKKgcMYQZk9fXFAIjxe6hHoxDaskfpKU
TPJaRsTC3gZw9PuI1LZJgrvtoix1ucCasRnL5E9yZcZ/zQYDfYZcQE4/d6Xn4AKJ
70gLbsk5cDZjph0Yj+jii5PZNqOW5g6fl2NTGmEqfvR3a8U3rKbEQoN9dBJgmVrZ
xLJz5ghB7Zl90TRlLUwq6Ket3q3yxLKvctHkRp6P5rZqU9m/MaKF22rpDp4+RVoL
itg5uhrCsDsLrgaSDiCnfh3rc6cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSi0aXT
eUmw26/taYxjmWpTQcvi2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTFlZTM2NTUtZGNiNC00MWM2LWI0YTQtMjcwY2E1Y2FjZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
gDANBgkqhkiG9w0BAQsFAAOCAQEAFBBH/gv6oQElQp5RzN+KadiHf65isNgGSYWD
ZQuH2JUtG8z/bJTuySCyAWIH5lCaCnT9U8WKEbgO5+3FwP4RjRExlAzHSeSkUtef
+eLegGCrn2ldFe7UPkzLq7J7JSpArL9PWH+U7xuOcjgGowM/0Xk7LUynCa6HAGan
1UawHK0ds4f3KOCbsb/PWtJWutibywKMiW1XlUTQJnswUEWkdaYHLWUBbygPxGne
k++NsjFrIZVeRwIRd+IfXDCMTKSutFFsxMJfPms3br1C9adJc6+LCXIGs6LldaoK
ooimJZp2dxEQkd6dxBGZoIRZrUzvN1zKojUq+tTKgxC/03PX/A==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:36 2025 by rpki-client