Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
File: 99ffa238-9133-4fa5-ad84-49e67d34854a.roa (raw, json)
Hash identifier: 2xftZLdXJ6bD9gY7Q/M6m1H1cICMCOJ1OmSKw4MzLVQ=
Subject key identifier: D3:BD:E2:7F:71:75:36:6F:EF:13:06:CE:C7:FA:1C:89:B1:00:43:D4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 19C3317E3F9BF079B8A6A5C6050F09B7A927DACF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
Signing time: Tue 05 Aug 2025 20:10:59 +0000
ROA not before: Tue 05 Aug 2025 20:10:59 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02a::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:c3:31:7e:3f:9b:f0:79:b8:a6:a5:c6:05:0f:09:b7:a9:27:da:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:10:59 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=3940369395d1a927a96b382706d93d7c80aa932741c8942caa926aa22176aa3c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:94:1e:ce:30:70:2b:77:14:ec:07:df:dc:49:
95:6f:54:33:8d:f6:21:01:07:79:c2:e4:23:f4:3c:
bd:0f:b9:0c:81:7e:06:cd:46:7f:0b:29:57:93:01:
1f:1b:8e:f5:1b:8d:9a:63:24:a6:a7:81:81:cb:68:
cd:b4:ae:66:15:1b:88:a2:77:57:d7:d1:ba:1a:d7:
3b:fc:16:0e:b5:99:c8:f3:b2:9a:3b:9f:ba:e5:b2:
c9:52:6e:b4:a8:5b:47:dd:8f:cf:f6:d4:88:26:04:
6b:ad:4c:ac:98:99:63:0c:f0:83:10:ae:68:0f:d2:
44:15:d3:c1:eb:da:20:c1:e2:ae:a2:0b:07:59:6c:
14:0c:b1:96:e0:11:19:54:eb:b7:c6:cd:aa:e8:1a:
66:d1:1e:1e:eb:30:51:eb:ee:47:eb:1f:72:b8:57:
3f:64:71:2e:e8:bf:f9:31:dc:eb:11:0e:b7:ec:9d:
7b:7d:30:5c:37:79:31:67:c2:4e:d3:f0:a5:6a:04:
0f:a3:54:7c:51:4e:03:9e:2a:1d:0e:f9:ea:7b:c1:
56:01:89:ff:70:8b:70:b7:6a:fc:42:e0:df:4c:d4:
2e:44:84:00:e2:26:ba:33:4b:db:e5:f1:b9:e0:47:
d6:e7:42:86:22:cb:5a:cc:8d:d8:e3:ec:df:ec:78:
ef:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:BD:E2:7F:71:75:36:6F:EF:13:06:CE:C7:FA:1C:89:B1:00:43:D4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02a::/36
Signature Algorithm: sha256WithRSAEncryption
08:6b:75:c6:64:20:ab:bc:35:f0:5f:f3:8d:73:47:9d:0b:1f:
01:d3:e5:59:dd:29:e9:38:37:4e:ca:c3:97:51:98:b0:02:64:
0d:31:b2:4d:99:d0:93:02:ef:22:e1:5c:25:13:2a:64:17:47:
ae:fb:b8:2d:a1:2b:4c:ae:df:ac:2c:be:c1:0c:2d:30:72:76:
78:04:8d:aa:cb:85:ca:00:87:c3:84:ca:cf:f8:b8:9d:c4:44:
3a:c5:c2:a0:48:3c:e5:8f:04:63:9a:3e:11:08:2f:75:9a:9c:
a3:b1:3b:b1:c6:0d:fb:0e:8c:9f:ee:19:1a:8d:9f:ff:c9:c8:
3b:02:64:63:6a:d5:09:fe:0c:ef:c5:80:39:53:10:4b:1c:dc:
91:59:8c:8d:ce:e8:6a:ce:b9:6a:9a:2b:4d:dd:78:b0:49:b1:
a6:d2:2f:6d:5a:00:f7:38:60:6c:b0:de:93:ac:56:4e:d2:c6:
58:51:44:d1:86:4b:77:2b:a4:c1:8e:d2:b7:6c:29:fb:c6:95:
c1:7f:de:a5:22:0f:04:1d:92:e5:16:43:e4:79:9d:49:eb:39:
f8:22:bb:ea:09:6c:85:f1:ba:b7:da:ee:38:34:38:9d:d4:6c:
46:a1:9c:de:fa:67:e2:ab:67:20:92:86:3d:19:6f:f7:96:28:
60:8d:4f:7d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGcMxfj+b8Hm4pqXGBQ8Jt6kn2s8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDEwNTlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5NDAzNjkzOTVkMWE5MjdhOTZiMzgyNzA2ZDkzZDdjODBhYTkzMjc0MWM4
OTQyY2FhOTI2YWEyMjE3NmFhM2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMaUHs4wcCt3FOwH39xJlW9UM432IQEHecLkI/Q8vQ+5DIF+Bs1GfwspV5MB
HxuO9RuNmmMkpqeBgctozbSuZhUbiKJ3V9fRuhrXO/wWDrWZyPOymjufuuWyyVJu
tKhbR92Pz/bUiCYEa61MrJiZYwzwgxCuaA/SRBXTwevaIMHirqILB1lsFAyxluAR
GVTrt8bNqugaZtEeHuswUevuR+sfcrhXP2RxLui/+THc6xEOt+yde30wXDd5MWfC
TtPwpWoED6NUfFFOA54qHQ756nvBVgGJ/3CLcLdq/ELg30zULkSEAOImujNL2+Xx
ueBH1udChiLLWsyN2OPs3+x479MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTTveJ/
cXU2b+8TBs7H+hyJsQBD1DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTlmZmEyMzgtOTEzMy00ZmE1LWFkODQtNDllNjdkMzQ4NTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CoA
MA0GCSqGSIb3DQEBCwUAA4IBAQAIa3XGZCCrvDXwX/ONc0edCx8B0+VZ3SnpODdO
ysOXUZiwAmQNMbJNmdCTAu8i4VwlEypkF0eu+7gtoStMrt+sLL7BDC0wcnZ4BI2q
y4XKAIfDhMrP+LidxEQ6xcKgSDzljwRjmj4RCC91mpyjsTuxxg37Doyf7hkajZ//
ycg7AmRjatUJ/gzvxYA5UxBLHNyRWYyNzuhqzrlqmitN3XiwSbGm0i9tWgD3OGBs
sN6TrFZO0sZYUUTRhkt3K6TBjtK3bCn7xpXBf96lIg8EHZLlFkPkeZ1J6zn4Irvq
CWyF8bq32u44NDid1GxGoZze+mfiq2cgkoY9GW/3lihgjU99
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:23 2025 by rpki-client