Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
File: 9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa (raw, json)
Hash identifier: wrd5HXCmZf5GMQE2T3H7QS2JODzarCECvxGwX+99HzI=
Subject key identifier: 19:96:06:C3:BD:55:1D:57:3E:84:05:1A:64:27:4E:02:AC:BC:ED:F2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 398D1DA2D6E737D528ACDF27376813BE7287D9CF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
Signing time: Tue 05 Aug 2025 19:41:18 +0000
ROA not before: Tue 05 Aug 2025 19:41:18 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:8d:1d:a2:d6:e7:37:d5:28:ac:df:27:37:68:13:be:72:87:d9:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:41:18 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=192166440285398a83bd86631eea3531ae6aeffd2830a28f4024f7cf18495435, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:16:7c:66:75:3c:d0:74:52:67:3d:e7:ef:29:
1c:6c:f5:5e:be:3d:e1:b9:85:7f:13:c4:37:f0:4d:
f2:a7:43:fe:5b:1c:9f:33:12:47:a7:d5:b0:84:5b:
df:56:65:89:ce:98:63:4c:ef:af:19:c7:6d:57:ed:
d3:83:18:42:f7:f7:25:de:c6:e0:19:76:c4:01:9c:
11:3f:e6:cf:04:27:4c:01:f1:a0:d8:79:06:66:b3:
d1:2b:4d:71:b3:03:69:c7:2e:2d:33:d8:0d:9f:36:
3e:57:ee:3e:ed:ba:49:04:66:00:3d:bc:55:45:39:
8f:97:db:61:d4:75:d9:30:8a:2e:28:63:2c:97:1b:
46:0b:02:33:96:db:95:cb:95:d4:64:b0:95:63:9d:
86:bf:91:72:74:5d:cd:ac:43:f9:8f:04:fd:11:df:
ac:82:e1:7e:11:bf:48:c0:22:d5:f8:e3:2b:49:39:
7f:78:c5:e2:4e:41:ee:8f:12:d8:cd:10:b4:87:26:
e1:9b:80:1a:dd:18:ae:56:7e:19:20:29:fa:07:8a:
11:28:df:db:98:d4:80:aa:68:a9:65:5e:03:be:78:
06:46:ec:b4:f5:16:9c:02:a1:3d:34:72:c6:68:9a:
ca:3a:ea:f5:00:26:fd:cd:44:82:0a:a9:65:e5:08:
b1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:96:06:C3:BD:55:1D:57:3E:84:05:1A:64:27:4E:02:AC:BC:ED:F2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:a000::/40
Signature Algorithm: sha256WithRSAEncryption
39:47:14:92:07:63:97:b4:88:20:18:d8:8b:4b:60:5f:12:ec:
94:b2:83:51:17:95:27:37:cc:45:c2:32:12:c9:45:9c:77:5e:
88:34:e0:a9:e4:4f:20:1e:8b:ac:57:6c:70:11:56:a2:7d:ad:
2e:78:3f:b8:69:15:0d:86:51:52:4d:b6:6c:a8:2e:73:3f:eb:
fe:4a:91:22:47:1f:78:f1:a2:3d:b1:b9:7e:4b:12:97:ac:0d:
4f:13:f5:2f:7b:8d:78:f8:d3:d6:16:a2:47:c2:39:3d:bc:f7:
85:36:af:d1:34:2a:16:77:a3:4c:14:9a:0f:9c:d5:42:11:bb:
ae:d3:e0:da:e9:73:39:13:8c:57:bb:3f:6a:53:c1:13:04:93:
76:d3:b2:92:a9:a8:f3:c1:19:02:44:90:71:ec:45:b6:cb:41:
64:8b:ef:c8:be:68:89:79:84:ef:a6:ca:b3:b1:26:b5:06:4b:
bd:df:16:df:67:24:ef:69:5d:ce:68:77:85:b0:16:e2:63:a0:
05:45:cb:5e:d3:e4:09:c1:1e:ba:68:69:07:2c:ca:a9:b2:a9:
2f:00:dd:95:be:92:fc:9c:cc:d1:54:45:93:c0:d5:5c:ae:7d:
48:65:28:f7:b0:d2:a7:a4:2c:d0:2a:25:67:ca:05:9f:4c:a1:
df:2f:00:e7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOY0dotbnN9UorN8nN2gTvnKH2c8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQxMThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5MjE2NjQ0MDI4NTM5OGE4M2JkODY2MzFlZWEzNTMxYWU2YWVmZmQyODMw
YTI4ZjQwMjRmN2NmMTg0OTU0MzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoWfGZ1PNB0Umc95+8pHGz1Xr494bmFfxPEN/BN8qdD/lscnzMSR6fVsIRb
31Zlic6YY0zvrxnHbVft04MYQvf3Jd7G4Bl2xAGcET/mzwQnTAHxoNh5Bmaz0StN
cbMDaccuLTPYDZ82PlfuPu26SQRmAD28VUU5j5fbYdR12TCKLihjLJcbRgsCM5bb
lcuV1GSwlWOdhr+RcnRdzaxD+Y8E/RHfrILhfhG/SMAi1fjjK0k5f3jF4k5B7o8S
2M0QtIcm4ZuAGt0YrlZ+GSAp+geKESjf25jUgKpoqWVeA754BkbstPUWnAKhPTRy
xmiayjrq9QAm/c1EggqpZeUIsTMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQZlgbD
vVUdVz6EBRpkJ04CrLzt8jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQyZWEyYWEtZDQwYS00OWE3LWFiMDAtNDRmZjVkYmY3MjliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGg
MA0GCSqGSIb3DQEBCwUAA4IBAQA5RxSSB2OXtIggGNiLS2BfEuyUsoNRF5UnN8xF
wjISyUWcd16INOCp5E8gHousV2xwEVaifa0ueD+4aRUNhlFSTbZsqC5zP+v+SpEi
Rx948aI9sbl+SxKXrA1PE/Uve414+NPWFqJHwjk9vPeFNq/RNCoWd6NMFJoPnNVC
Ebuu0+Da6XM5E4xXuz9qU8ETBJN207KSqajzwRkCRJBx7EW2y0Fki+/IvmiJeYTv
psqzsSa1Bku93xbfZyTvaV3OaHeFsBbiY6AFRcte0+QJwR66aGkHLMqpsqkvAN2V
vpL8nMzRVEWTwNVcrn1IZSj3sNKnpCzQKiVnygWfTKHfLwDn
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:56 2025 by rpki-client