Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
File: 979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa (raw, json)
Hash identifier: qxIDPmSsM98c8L5fJNwkAvq+hwKF5wbBGaIgS/KAZgA=
Subject key identifier: 39:44:DE:5D:EE:E1:7C:0A:58:E2:C6:BA:CA:5A:94:1A:8D:25:D9:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0CF563732D8EAA65F8C070347E80170469822F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
Signing time: Tue 05 Aug 2025 18:51:14 +0000
ROA not before: Tue 05 Aug 2025 18:51:14 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:f5:63:73:2d:8e:aa:65:f8:c0:70:34:7e:80:17:04:69:82:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:51:14 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=d5a13e0a30651fdd0ab18518728273e40b938b60d615b362b0db35cd5b3fc154, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5c:ca:01:53:15:e1:c7:72:54:52:e7:c1:f6:
cc:42:a1:6d:fd:92:02:1b:9e:d3:9e:44:74:41:f8:
ba:06:91:d0:a5:6f:9d:df:86:d0:34:14:dc:40:1b:
d8:ec:83:71:89:cd:15:46:9e:f0:60:ed:06:6f:12:
4e:ce:41:5e:47:b8:e5:83:ef:f9:75:eb:87:e0:4f:
a8:55:e9:58:08:c1:44:14:be:fc:7b:86:ac:0d:64:
71:b9:9b:b2:d6:ba:cd:dc:b5:ca:f1:0a:e1:b3:2e:
c0:5e:98:82:0f:02:d9:06:2e:93:ce:a3:b7:ec:f4:
d6:ed:f1:69:81:c6:dc:19:7d:af:0e:b1:37:d5:6f:
33:cc:20:fc:e0:80:32:fd:2f:7a:ea:69:44:56:f7:
b4:e2:15:42:11:a6:1a:85:b9:4b:64:2f:bf:ad:fe:
37:ad:02:0f:de:1e:44:6d:54:2c:9d:a6:43:0a:46:
1d:c4:e3:82:60:b4:28:b0:81:b9:5e:43:9b:89:bb:
10:83:34:47:28:c2:e1:1e:01:65:f2:84:0d:17:1e:
de:d9:3a:30:5f:5d:8a:e5:54:16:83:24:a4:8e:45:
72:2c:48:91:bb:83:1d:74:c5:c9:42:a3:25:fd:fa:
a0:43:82:46:8d:c5:b2:65:22:06:80:9c:8f:84:5b:
5e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:44:DE:5D:EE:E1:7C:0A:58:E2:C6:BA:CA:5A:94:1A:8D:25:D9:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8040::/48
Signature Algorithm: sha256WithRSAEncryption
88:2a:74:31:dd:89:e2:09:12:45:d4:e2:57:11:66:b0:ed:5d:
dd:f3:ab:37:8f:3a:bf:93:a3:0d:64:ca:48:ea:1e:81:24:37:
c0:cf:64:ad:f6:a3:af:d1:e0:0c:91:89:10:2e:60:1a:f0:22:
83:1d:b1:7c:02:d4:0b:4e:40:5b:a7:02:4a:6b:46:09:b2:90:
fd:a6:e1:20:1c:52:80:b4:b0:71:90:da:20:fa:a2:51:7d:48:
d0:75:f4:4b:a4:4f:0a:01:56:68:2b:58:25:97:00:1d:3c:ae:
8e:c8:77:57:15:7d:b4:96:5e:05:64:04:88:69:b7:47:f6:59:
c8:85:43:67:63:17:e3:94:63:95:ef:f3:a2:27:fc:60:2d:ac:
ea:07:8a:6d:97:35:48:99:f7:ee:51:73:45:ae:f7:8f:a2:35:
26:68:42:e2:45:0b:c2:ce:fb:51:c6:1e:9f:6c:c3:32:a9:50:
77:42:94:bc:93:fb:79:6d:bc:98:00:8b:3c:3f:1d:57:83:8a:
42:a1:c8:a9:f2:e8:84:14:ec:aa:d4:60:78:c0:60:11:4d:d5:
9f:4f:f9:bf:63:0a:39:6d:98:e3:67:4d:1a:5e:07:6d:49:85:
e5:1d:fb:ef:82:ea:d5:34:68:2b:61:ed:18:8d:05:fc:91:56:
bb:49:f2:14
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgITDPVjcy2OqmX4wHA0foAXBGmCLzANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDgwNTE4NTExNFoXDTI1MDkwOTIzNTk1OVowejFJMEcGA1UE
BRNAZDVhMTNlMGEzMDY1MWZkZDBhYjE4NTE4NzI4MjczZTQwYjkzOGI2MGQ2MTVi
MzYyYjBkYjM1Y2Q1YjNmYzE1NDEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsVzKAVMV4cdyVFLnwfbMQqFt/ZICG57TnkR0Qfi6BpHQpW+d34bQNBTcQBvY
7INxic0VRp7wYO0GbxJOzkFeR7jlg+/5deuH4E+oVelYCMFEFL78e4asDWRxuZuy
1rrN3LXK8Qrhsy7AXpiCDwLZBi6TzqO37PTW7fFpgcbcGX2vDrE31W8zzCD84IAy
/S966mlEVve04hVCEaYahblLZC+/rf43rQIP3h5EbVQsnaZDCkYdxOOCYLQosIG5
XkObibsQgzRHKMLhHgFl8oQNFx7e2TowX12K5VQWgySkjkVyLEiRu4MddMXJQqMl
/fqgQ4JGjcWyZSIGgJyPhFtedwIDAQABo4ICJDCCAiAwHQYDVR0OBBYEFDlE3l3u
4XwKWOLGuspalBqNJdn1MB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC85
NzliYzczZi03ZDg3LTRjZmEtOTNiZC0wMzc4Y2YxZDZhZWYucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgXQMYBA
MA0GCSqGSIb3DQEBCwUAA4IBAQCIKnQx3YniCRJF1OJXEWaw7V3d86s3jzq/k6MN
ZMpI6h6BJDfAz2St9qOv0eAMkYkQLmAa8CKDHbF8AtQLTkBbpwJKa0YJspD9puEg
HFKAtLBxkNog+qJRfUjQdfRLpE8KAVZoK1gllwAdPK6OyHdXFX20ll4FZASIabdH
9lnIhUNnYxfjlGOV7/OiJ/xgLazqB4ptlzVImffuUXNFrvePojUmaELiRQvCzvtR
xh6fbMMyqVB3QpS8k/t5bbyYAIs8Px1Xg4pCocip8uiEFOyq1GB4wGARTdWfT/m/
Ywo5bZjjZ00aXgdtSYXlHfvvgurVNGgrYe0YjQX8kVa7SfIU
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:01 2025 by rpki-client