Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa
File: 9963ca7c-f411-4aae-ac61-2c650f8269e0.roa (raw, json)
Hash identifier: cdD4GQWIhcdpxqJ+bexshH3P7Du5qhomqTw6goSkXug=
Subject key identifier: EA:07:0C:E7:23:54:7F:33:A4:73:AF:50:22:2B:2F:D9:31:A7:6C:10
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0701AB3C1ECA6395F34CD587D8C88DB5A80FA9B1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa
Signing time: Tue 05 Aug 2025 20:01:07 +0000
ROA not before: Tue 05 Aug 2025 20:01:07 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:01:ab:3c:1e:ca:63:95:f3:4c:d5:87:d8:c8:8d:b5:a8:0f:a9:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:01:07 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=4762030d652ef97b4353dca43202bc206ea650894912e37c5338b7e1bc0a8244, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:54:28:f8:fd:14:13:ab:fa:fe:7b:e2:cb:b9:
68:75:76:b0:f0:f0:56:dd:73:48:8e:ce:36:c3:47:
04:dd:fc:ed:33:b9:b1:43:ab:ed:ab:19:69:8e:1d:
5f:4d:98:35:8d:bc:7f:74:9e:71:bb:ca:c9:a7:0d:
ab:ac:92:ac:5f:3b:dc:74:2f:11:1c:70:9c:f6:69:
d4:a4:e4:be:c5:de:af:83:14:4f:db:b6:77:89:d4:
b6:69:0d:62:83:e1:63:51:c1:85:29:8e:42:ba:e2:
e0:b9:29:fc:1e:43:c2:6b:04:e3:8d:26:8c:b0:fc:
11:be:4c:1b:ba:ae:56:20:f8:6c:a4:8e:be:b2:42:
61:05:2b:23:62:55:20:ca:7a:97:36:80:60:0b:10:
34:ea:60:86:32:05:4e:ed:03:46:36:6f:28:f7:9d:
c3:59:82:13:21:4a:1f:56:13:7a:09:10:c6:5b:d0:
25:d9:36:f1:6b:8a:62:c6:b1:b3:ad:7c:54:1f:e0:
eb:2e:4a:0d:d0:1a:dc:58:a0:0b:ce:b5:b8:b4:68:
70:df:98:3b:5b:05:39:69:fc:25:33:0a:cc:be:c3:
02:be:7c:93:84:b0:f6:84:34:5c:28:49:69:fe:42:
7d:93:ae:78:82:21:ce:5c:ca:ce:52:a3:99:2c:a9:
a1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:07:0C:E7:23:54:7F:33:A4:73:AF:50:22:2B:2F:D9:31:A7:6C:10
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9963ca7c-f411-4aae-ac61-2c650f8269e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:400::/38
Signature Algorithm: sha256WithRSAEncryption
72:9f:7a:28:92:fd:16:75:fd:7b:13:c4:c3:e5:17:ca:75:6a:
d6:bd:16:ef:8a:0c:6f:87:d5:a0:c8:f5:f7:25:a0:2e:66:44:
52:f1:ed:b8:00:0d:31:38:bd:39:75:8f:5d:d1:e5:32:80:0d:
b5:12:1d:e1:5d:8b:42:c2:3c:3a:92:34:52:0b:e0:d2:4c:39:
69:fd:ea:dc:be:00:d5:f3:0f:46:6e:68:3a:00:ac:ed:74:c0:
15:12:da:1a:56:35:58:32:e9:00:4d:f1:3e:61:74:bf:69:35:
71:89:57:9e:fc:f6:54:a6:a4:ce:e1:5f:c6:b6:2b:f6:58:d9:
ee:39:45:7c:d2:b3:18:eb:20:90:49:0e:fb:25:f7:36:d1:dc:
7f:16:4a:86:0d:bd:4a:27:18:ff:2f:d2:d5:63:9b:43:e7:19:
96:7a:a1:92:b0:99:dc:5d:a2:d7:c7:62:5e:a6:e5:d3:42:8a:
77:36:40:2c:34:a8:06:ae:f6:1e:65:2d:95:de:e4:7d:c1:41:
52:6a:9f:42:bf:4a:41:6e:f2:6c:d4:a0:75:c0:73:92:31:71:
97:a5:b3:eb:ed:12:ea:1e:d1:ee:51:8c:d2:6d:1e:cb:8a:24:
c5:16:f8:25:a4:3a:75:42:58:3d:e0:62:87:a0:12:85:f3:50:
b3:0f:2a:ef
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBwGrPB7KY5XzTNWH2MiNtagPqbEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAxMDdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3NjIwMzBkNjUyZWY5N2I0MzUzZGNhNDMyMDJiYzIwNmVhNjUwODk0OTEy
ZTM3YzUzMzhiN2UxYmMwYTgyNDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBUKPj9FBOr+v574su5aHV2sPDwVt1zSI7ONsNHBN387TO5sUOr7asZaY4d
X02YNY28f3SecbvKyacNq6ySrF873HQvERxwnPZp1KTkvsXer4MUT9u2d4nUtmkN
YoPhY1HBhSmOQrri4Lkp/B5DwmsE440mjLD8Eb5MG7quViD4bKSOvrJCYQUrI2JV
IMp6lzaAYAsQNOpghjIFTu0DRjZvKPedw1mCEyFKH1YTegkQxlvQJdk28WuKYsax
s618VB/g6y5KDdAa3FigC861uLRocN+YO1sFOWn8JTMKzL7DAr58k4Sw9oQ0XChJ
af5CfZOueIIhzlzKzlKjmSypoW8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTqBwzn
I1R/M6Rzr1AiKy/ZMadsEDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk2M2NhN2MtZjQxMS00YWFlLWFjNjEtMmM2NTBmODI2OWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEE
MA0GCSqGSIb3DQEBCwUAA4IBAQByn3ookv0Wdf17E8TD5RfKdWrWvRbvigxvh9Wg
yPX3JaAuZkRS8e24AA0xOL05dY9d0eUygA21Eh3hXYtCwjw6kjRSC+DSTDlp/erc
vgDV8w9Gbmg6AKztdMAVEtoaVjVYMukATfE+YXS/aTVxiVee/PZUpqTO4V/Gtiv2
WNnuOUV80rMY6yCQSQ77Jfc20dx/FkqGDb1KJxj/L9LVY5tD5xmWeqGSsJncXaLX
x2JepuXTQop3NkAsNKgGrvYeZS2V3uR9wUFSap9Cv0pBbvJs1KB1wHOSMXGXpbPr
7RLqHtHuUYzSbR7LiiTFFvglpDp1Qlg94GKHoBKF81CzDyrv
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:03:58 2025 by rpki-client