Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
File: 96632b04-b91d-4e29-8e82-14fddf17bed9.roa (raw, json)
Hash identifier: 72PrE31wUDOzIycy4F/a55FMx94AQKQnl/0peX18Coo=
Subject key identifier: 44:85:D8:82:24:4F:D5:76:97:47:10:2A:E6:4E:81:6E:8B:DB:ED:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2274F65FAA350989B3959182CB1DD214B457B774
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
Signing time: Tue 05 Aug 2025 19:21:11 +0000
ROA not before: Tue 05 Aug 2025 19:21:11 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:74:f6:5f:aa:35:09:89:b3:95:91:82:cb:1d:d2:14:b4:57:b7:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:21:11 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=1a78065b19369f32c2bd0dde91246aa5f02f710484154334e4ca5c0307afe36c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:24:cd:34:d7:29:5a:63:6f:5a:38:4b:e3:20:
84:af:35:24:da:57:27:d9:7b:3b:d1:87:6e:0b:6c:
3e:f9:9a:4a:b2:43:48:a3:da:8b:22:c1:52:5d:41:
b5:88:81:b7:38:1b:94:1c:3a:53:c3:53:2e:e6:d9:
1a:d1:fe:54:54:df:2d:db:f4:7d:2c:2a:c5:c2:48:
07:6e:67:9e:d4:fc:7e:a9:ca:cf:11:92:73:50:eb:
b3:bc:f2:e4:ef:30:d6:25:db:81:de:b9:34:ff:7f:
bd:f7:52:34:aa:67:64:e9:c9:e8:9e:90:68:8f:ad:
d8:75:d7:3a:d5:26:c8:a2:cc:81:08:b3:db:63:dc:
73:2e:8c:0c:bd:7f:6d:31:3c:ee:d8:46:a5:5f:a7:
85:7b:17:24:75:cd:c7:19:03:0f:4d:fd:d8:16:96:
d9:4d:51:a6:83:a3:84:5b:a9:00:7b:0d:32:2c:a2:
d4:a6:12:c7:86:62:67:16:60:8d:9e:00:9d:91:18:
66:78:ee:b6:5c:ab:e7:a7:20:a0:2b:87:0a:ca:c6:
3d:b2:f5:66:32:7d:fc:b3:03:ff:da:2a:e9:07:03:
19:b1:28:6e:1d:e4:9c:77:c6:c8:c6:a2:ff:60:ad:
3d:f3:17:2f:12:05:47:41:02:aa:79:af:97:19:62:
da:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:85:D8:82:24:4F:D5:76:97:47:10:2A:E6:4E:81:6E:8B:DB:ED:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8060::/48
Signature Algorithm: sha256WithRSAEncryption
00:98:bb:c4:bc:92:97:b6:33:fb:59:a9:e4:d8:b8:c5:5a:5a:
f4:4a:74:ec:b6:0c:0f:be:2c:19:d9:27:71:40:97:e6:87:37:
28:ea:1f:18:03:ae:6b:49:a9:aa:04:15:b6:d9:e0:16:5e:9b:
90:1a:97:9a:74:f3:7b:9a:5a:30:8f:62:e4:21:5d:a3:e5:0b:
12:a8:9b:eb:35:9c:47:fd:51:ad:39:26:f5:81:cc:6e:7a:8b:
92:5a:28:ab:b5:31:37:f9:6f:c6:e2:3b:59:74:cd:97:31:75:
55:93:4f:83:f8:c4:1b:b4:05:ff:38:24:97:54:53:32:15:c0:
7e:c0:8e:01:dd:c8:0b:56:b1:c0:d3:2a:f2:73:4e:6d:9a:a1:
e8:60:38:01:98:44:31:3f:03:1f:8b:06:39:94:e0:28:c5:b6:
6a:0a:62:53:32:48:93:cb:36:65:f8:0a:24:c1:aa:16:03:7b:
37:12:16:92:f4:bc:d1:5d:39:f4:0b:7a:16:be:05:a4:46:67:
9b:ab:08:d6:7f:0a:d4:12:0a:3f:1b:c2:b6:92:1c:71:fc:47:
d7:d3:f3:fb:22:5b:81:f7:5b:7a:d9:5f:79:5f:94:4a:70:07:
a1:58:b5:16:d4:d3:35:a7:09:8e:0b:ba:b3:9a:dd:62:b1:28:
a1:89:37:bd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUInT2X6o1CYmzlZGCyx3SFLRXt3QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIxMTFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhNzgwNjViMTkzNjlmMzJjMmJkMGRkZTkxMjQ2YWE1ZjAyZjcxMDQ4NDE1
NDMzNGU0Y2E1YzAzMDdhZmUzNmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN4kzTTXKVpjb1o4S+MghK81JNpXJ9l7O9GHbgtsPvmaSrJDSKPaiyLBUl1B
tYiBtzgblBw6U8NTLubZGtH+VFTfLdv0fSwqxcJIB25nntT8fqnKzxGSc1Drs7zy
5O8w1iXbgd65NP9/vfdSNKpnZOnJ6J6QaI+t2HXXOtUmyKLMgQiz22Pccy6MDL1/
bTE87thGpV+nhXsXJHXNxxkDD0392BaW2U1RpoOjhFupAHsNMiyi1KYSx4ZiZxZg
jZ4AnZEYZnjutlyr56cgoCuHCsrGPbL1ZjJ9/LMD/9oq6QcDGbEobh3knHfGyMai
/2CtPfMXLxIFR0ECqnmvlxli2ssCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBREhdiC
JE/VdpdHECrmToFui9vtKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTY2MzJiMDQtYjkxZC00ZTI5LThlODItMTRmZGRmMTdiZWQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
YDANBgkqhkiG9w0BAQsFAAOCAQEAAJi7xLySl7Yz+1mp5Ni4xVpa9Ep07LYMD74s
GdkncUCX5oc3KOofGAOua0mpqgQVttngFl6bkBqXmnTze5paMI9i5CFdo+ULEqib
6zWcR/1RrTkm9YHMbnqLklooq7UxN/lvxuI7WXTNlzF1VZNPg/jEG7QF/zgkl1RT
MhXAfsCOAd3IC1axwNMq8nNObZqh6GA4AZhEMT8DH4sGOZTgKMW2agpiUzJIk8s2
ZfgKJMGqFgN7NxIWkvS80V059At6Fr4FpEZnm6sI1n8K1BIKPxvCtpIccfxH19Pz
+yJbgfdbetlfeV+USnAHoVi1FtTTNacJjgu6s5rdYrEooYk3vQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:55:21 2025 by rpki-client