Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
File: 9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa (raw, json)
Hash identifier: +84ZYz9X+bBBLueSTQh4V2lF0px3bk/ISeFOGIvCGAs=
Subject key identifier: BC:C5:A3:BF:11:B3:FC:A4:4B:DA:80:AD:46:B3:0B:B1:9E:BB:49:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6AE64A24E0880B3C41C19BD05B55C773DC0B1ACC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
Signing time: Tue 05 Aug 2025 19:30:12 +0000
ROA not before: Tue 05 Aug 2025 19:30:12 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:e6:4a:24:e0:88:0b:3c:41:c1:9b:d0:5b:55:c7:73:dc:0b:1a:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:30:12 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=472abcc738296f7274ef0c9e9b54e3b85bbc874e4a4b0c6c2850e46b3965d9e2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a2:e2:6a:1d:1a:eb:25:84:7c:45:87:37:61:
aa:94:f2:f1:04:be:b3:75:9f:51:9b:87:c7:5e:ff:
c0:3a:a9:4b:83:d6:73:27:6a:66:a7:db:b0:81:86:
25:0b:f3:57:d0:97:56:44:0a:f8:7a:76:e2:68:58:
80:53:18:35:40:47:3e:54:98:8d:83:21:f4:02:61:
d9:59:c6:35:a2:4d:7a:f5:24:c1:27:b5:fa:21:34:
75:65:97:5e:f7:1d:8f:58:11:df:b5:4f:01:cb:0f:
bf:10:f1:ee:18:93:23:10:f5:1c:8f:4e:4e:fc:70:
fd:dd:b8:79:c9:8a:8b:00:7c:6a:e6:93:86:2e:bd:
41:89:a1:f6:ba:9e:e0:58:69:bd:cb:a4:2f:31:da:
0e:0c:62:e6:2e:b4:83:f2:ad:fe:01:fb:85:b0:34:
22:89:52:90:97:9e:01:dd:bc:c9:b1:69:bd:08:9d:
a9:fa:09:c4:ce:4a:51:9e:08:54:c1:9c:14:1a:bd:
9a:67:dc:3f:c1:70:e7:b1:4a:9a:cf:58:46:5c:d1:
fd:9c:e3:1b:a4:ee:fb:d5:ec:78:42:4f:40:9b:93:
16:f4:2a:b5:72:2e:01:38:65:6e:20:4c:98:76:93:
3f:f1:7f:2c:5b:60:3f:a2:5d:a5:35:55:48:53:50:
00:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:C5:A3:BF:11:B3:FC:A4:4B:DA:80:AD:46:B3:0B:B1:9E:BB:49:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9207595e-3bbc-45f7-8f0a-813e1b01f9a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:9040::/48
Signature Algorithm: sha256WithRSAEncryption
7e:9e:b7:9f:d2:3b:58:61:f5:5c:b1:9c:b1:73:97:61:97:5e:
bb:6e:67:aa:15:88:33:cf:37:41:e1:dd:d4:49:f4:08:d2:e5:
6e:35:7c:e9:6f:79:d6:f6:f5:51:c8:19:f3:a5:84:13:e3:74:
79:e1:bb:6c:42:02:59:e5:d3:8d:7d:0e:0f:7b:48:38:2b:bf:
05:d3:b2:d1:c3:16:7e:1a:38:9f:69:e0:1e:6c:7f:47:c1:64:
b2:b3:7d:b6:74:88:ce:bd:a2:01:51:51:63:da:a1:68:84:4e:
30:97:7f:7a:0a:c4:36:cd:e5:4a:78:22:d2:02:c5:40:78:88:
f2:dd:bd:46:3a:a8:c4:1d:dc:9d:bc:de:ff:12:59:76:df:64:
b2:83:52:80:dd:7d:a6:c5:72:0f:49:40:99:1e:6c:16:83:cc:
6e:aa:97:4e:2e:7b:b6:b2:99:ad:72:cd:63:df:e0:a4:7a:c7:
44:92:6a:5d:41:fe:3e:cb:bd:2b:39:cf:03:6c:c6:e8:6c:d4:
ab:c8:1d:c8:57:b3:91:b3:fe:de:aa:fc:1a:97:11:1f:8e:e8:
05:4a:12:27:7d:7e:ed:9a:5d:b0:ff:20:b9:5a:65:ce:ae:e8:
6a:74:96:c5:c9:ef:ee:12:82:6d:33:97:53:ac:f3:64:25:da:
b9:2f:70:bb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUauZKJOCICzxBwZvQW1XHc9wLGswwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMwMTJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3MmFiY2M3MzgyOTZmNzI3NGVmMGM5ZTliNTRlM2I4NWJiYzg3NGU0YTRi
MGM2YzI4NTBlNDZiMzk2NWQ5ZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+i4modGuslhHxFhzdhqpTy8QS+s3WfUZuHx17/wDqpS4PWcydqZqfbsIGG
JQvzV9CXVkQK+Hp24mhYgFMYNUBHPlSYjYMh9AJh2VnGNaJNevUkwSe1+iE0dWWX
Xvcdj1gR37VPAcsPvxDx7hiTIxD1HI9OTvxw/d24ecmKiwB8auaThi69QYmh9rqe
4FhpvcukLzHaDgxi5i60g/Kt/gH7hbA0IolSkJeeAd28ybFpvQidqfoJxM5KUZ4I
VMGcFBq9mmfcP8Fw57FKms9YRlzR/ZzjG6Tu+9XseEJPQJuTFvQqtXIuAThlbiBM
mHaTP/F/LFtgP6JdpTVVSFNQAIUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS8xaO/
EbP8pEvagK1GswuxnrtJ7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTIwNzU5NWUtM2JiYy00NWY3LThmMGEtODEzZTFiMDFmOWExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAfp63n9I7WGH1XLGcsXOXYZdeu25nqhWIM883
QeHd1En0CNLlbjV86W951vb1UcgZ86WEE+N0eeG7bEICWeXTjX0OD3tIOCu/BdOy
0cMWfho4n2ngHmx/R8FksrN9tnSIzr2iAVFRY9qhaIROMJd/egrENs3lSngi0gLF
QHiI8t29RjqoxB3cnbze/xJZdt9ksoNSgN19psVyD0lAmR5sFoPMbqqXTi57trKZ
rXLNY9/gpHrHRJJqXUH+Psu9KznPA2zG6GzUq8gdyFezkbP+3qr8GpcRH47oBUoS
J31+7ZpdsP8guVplzq7oanSWxcnv7hKCbTOXU6zzZCXauS9wuw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:36 2025 by rpki-client