Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
File: 94d1ece6-a642-4297-8fb7-d7003b36fe75.roa (raw, json)
Hash identifier: 6dDV3ZHvI07ve8/6iCkUiIpkjwAmVGQDxHULsEWcqA4=
Subject key identifier: CC:09:65:21:50:CD:96:AA:42:E6:C4:F8:21:7D:13:C0:2D:F3:FD:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B267990AD3288C7E6347225E8E96A42F30E5D92
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
Signing time: Tue 05 Aug 2025 20:11:26 +0000
ROA not before: Tue 05 Aug 2025 20:11:26 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:26:79:90:ad:32:88:c7:e6:34:72:25:e8:e9:6a:42:f3:0e:5d:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:11:26 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=f275b3512ca50ec0f6d8589047d6942d9c21e3dd884b04d9dffe352493b098d5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:53:4c:ef:3a:e9:15:67:9c:f9:3f:e8:49:2a:
0b:30:fe:01:3f:21:32:7d:40:85:da:ab:69:98:d0:
d0:9f:b3:b9:b1:34:cf:d7:5c:39:b4:82:22:02:75:
2e:6d:b0:16:a2:4e:4a:e2:0e:62:e4:88:91:82:4c:
69:d7:32:d4:56:aa:c6:24:46:35:72:cd:b6:40:41:
a5:bc:b3:a1:5e:58:4a:85:ef:11:b6:30:6c:02:f4:
a1:ef:b9:c6:61:da:4e:63:d3:2c:00:68:7a:1b:94:
28:77:b8:26:da:c8:7a:a4:06:8c:bf:e3:a7:53:2a:
96:ac:41:b0:64:46:90:7e:64:50:b8:b8:19:41:2a:
50:f1:b4:a8:41:69:20:84:d4:6a:55:f9:76:48:b8:
53:dc:a5:58:e8:5e:f2:c5:32:b9:99:d8:da:74:7c:
df:d8:93:9c:01:0b:5e:87:bf:e3:81:fe:e1:f9:23:
40:ed:7e:ef:ad:e9:eb:f9:3d:06:05:e1:83:d7:9f:
7f:e4:1a:b7:19:35:fd:56:16:d3:61:e5:95:eb:92:
2e:27:6b:09:24:aa:58:6b:e1:08:01:93:ce:91:4f:
3d:73:09:32:48:f3:01:f1:eb:10:97:1e:aa:db:64:
c5:bf:c5:35:e1:c8:b8:58:94:21:2a:39:c9:80:dc:
86:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:09:65:21:50:CD:96:AA:42:E6:C4:F8:21:7D:13:C0:2D:F3:FD:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:800::/38
Signature Algorithm: sha256WithRSAEncryption
52:5c:1b:85:c6:70:50:36:e1:27:da:9a:d3:b6:e5:4f:6d:97:
c1:9b:4c:87:73:07:c9:21:74:99:3c:f7:31:af:69:a5:1b:65:
9e:52:b0:03:d3:39:26:9d:32:24:eb:ce:c0:d0:64:ed:37:37:
d8:c2:06:99:b1:32:98:23:74:c9:51:6f:3a:f8:1b:b1:b9:7e:
9c:f7:16:8d:ad:66:dd:85:a4:6f:b6:29:ab:77:c1:bd:b6:2e:
95:45:0c:b2:57:64:91:83:18:93:54:ef:c1:07:ae:6e:ad:82:
0d:67:36:6f:91:a6:72:70:80:63:5b:40:2f:f1:37:4d:0b:b2:
f6:2f:63:bc:5e:24:aa:06:38:a9:8b:11:98:1b:e8:be:b6:7d:
1f:53:66:e7:1e:bd:ec:4d:a3:15:74:80:69:58:fe:04:03:6a:
fd:91:34:81:67:9a:20:6f:52:9b:a3:67:61:4a:56:fa:72:29:
77:2f:67:14:46:a7:2b:df:ab:cc:0a:68:a4:9a:96:cc:d5:38:
f2:17:d1:20:19:6d:e6:d8:30:44:29:23:a3:b6:6c:1b:d5:c5:
6d:53:10:99:4f:91:7d:26:c9:94:67:9d:38:4d:1e:dd:02:60:
f5:10:88:99:cb:05:12:92:a0:66:37:0d:72:5f:12:18:41:41:
0c:48:3c:4c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOyZ5kK0yiMfmNHIl6OlqQvMOXZIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDExMjZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyNzViMzUxMmNhNTBlYzBmNmQ4NTg5MDQ3ZDY5NDJkOWMyMWUzZGQ4ODRi
MDRkOWRmZmUzNTI0OTNiMDk4ZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpTTO866RVnnPk/6EkqCzD+AT8hMn1AhdqraZjQ0J+zubE0z9dcObSCIgJ1
Lm2wFqJOSuIOYuSIkYJMadcy1FaqxiRGNXLNtkBBpbyzoV5YSoXvEbYwbAL0oe+5
xmHaTmPTLABoehuUKHe4JtrIeqQGjL/jp1MqlqxBsGRGkH5kULi4GUEqUPG0qEFp
IITUalX5dki4U9ylWOhe8sUyuZnY2nR839iTnAELXoe/44H+4fkjQO1+763p6/k9
BgXhg9eff+Qatxk1/VYW02HlleuSLidrCSSqWGvhCAGTzpFPPXMJMkjzAfHrEJce
qttkxb/FNeHIuFiUISo5yYDchmECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTMCWUh
UM2WqkLmxPghfRPALfP9UDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRkMWVjZTYtYTY0Mi00Mjk3LThmYjctZDcwMDNiMzZmZTc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgI
MA0GCSqGSIb3DQEBCwUAA4IBAQBSXBuFxnBQNuEn2prTtuVPbZfBm0yHcwfJIXSZ
PPcxr2mlG2WeUrAD0zkmnTIk687A0GTtNzfYwgaZsTKYI3TJUW86+BuxuX6c9xaN
rWbdhaRvtimrd8G9ti6VRQyyV2SRgxiTVO/BB65urYINZzZvkaZycIBjW0Av8TdN
C7L2L2O8XiSqBjipixGYG+i+tn0fU2bnHr3sTaMVdIBpWP4EA2r9kTSBZ5ogb1Kb
o2dhSlb6cil3L2cURqcr36vMCmikmpbM1TjyF9EgGW3m2DBEKSOjtmwb1cVtUxCZ
T5F9JsmUZ504TR7dAmD1EIiZywUSkqBmNw1yXxIYQUEMSDxM
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:50:48 2025 by rpki-client