Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d5fdc3a-1bfd-4677-9e52-a12c872852f2.roa
File: 9d5fdc3a-1bfd-4677-9e52-a12c872852f2.roa (raw, json)
Hash identifier: 6tWYMWtBzlcS+N6dRlrNQjOqlzETdyQ8swAtSzH/ca4=
Subject key identifier: A2:93:F4:E7:77:FE:33:26:AF:19:71:21:01:FD:C2:11:1A:14:BC:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35593DF12A3CDF4BD6EF6EDFD5E5DBF266EBA01E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d5fdc3a-1bfd-4677-9e52-a12c872852f2.roa
Signing time: Tue 05 Aug 2025 20:11:31 +0000
ROA not before: Tue 05 Aug 2025 20:11:31 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:59:3d:f1:2a:3c:df:4b:d6:ef:6e:df:d5:e5:db:f2:66:eb:a0:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:11:31 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=784df619488e06ad299ff553d67aec165659ae0c94d2112e460a65522a77e95b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:26:f4:4d:8e:ab:7d:45:31:dc:47:b8:58:04:
d9:0c:b1:54:5d:92:9c:e5:c1:a9:c3:e6:a6:37:30:
ab:3c:05:d9:ff:f4:12:c6:2b:09:9e:91:92:f0:f3:
d9:38:a4:36:79:51:21:65:7f:ae:34:bc:70:27:80:
4d:cb:4e:27:e1:0f:61:49:bb:52:e0:6a:7a:02:fc:
d1:2c:59:79:c1:82:2c:1d:37:d8:16:b3:4e:45:e9:
02:0f:e7:9d:34:d7:56:cc:51:a0:c2:78:61:44:56:
88:3d:49:3e:2b:86:3a:bf:e0:76:22:87:3a:2b:2c:
55:43:fa:98:c2:87:c7:1e:6e:fd:d9:20:e2:f6:5e:
15:19:13:63:d0:f2:46:8c:78:9d:d1:2f:a0:0a:fd:
4e:d4:7c:32:ee:e9:2e:84:5c:7e:35:98:49:32:7f:
61:ed:fd:09:1f:6d:47:94:d9:03:a3:13:8c:22:86:
5d:7a:62:89:65:3f:f1:f5:13:76:26:d8:6c:93:76:
68:04:66:d6:2a:03:d5:5f:a6:ee:7a:1a:b8:47:67:
93:f9:44:b5:33:7d:8d:ba:30:e8:17:10:57:c9:c6:
e7:41:a4:46:92:92:ad:64:87:23:61:59:7a:0b:6a:
84:54:f2:eb:ee:e6:2b:57:5b:ae:52:57:ba:20:e8:
b9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:93:F4:E7:77:FE:33:26:AF:19:71:21:01:FD:C2:11:1A:14:BC:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d5fdc3a-1bfd-4677-9e52-a12c872852f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011::/36
Signature Algorithm: sha256WithRSAEncryption
b3:79:9f:3d:6d:dd:95:28:ba:f8:42:d0:7b:12:8c:77:a5:57:
46:75:e0:1b:94:ed:5c:9b:84:6c:9a:3d:5d:fc:0e:80:5e:ff:
15:42:7f:fa:46:d0:f6:19:34:ab:39:df:f9:c9:93:a2:67:7e:
c5:4e:f7:99:32:fe:e7:04:02:ff:49:d6:7e:d2:91:3f:83:39:
bb:f4:d8:b2:50:58:a8:7b:d5:5a:79:b6:4a:42:c7:12:1e:49:
88:76:e0:f6:a0:91:71:af:c6:a5:9b:1b:bd:d5:bd:15:42:57:
bd:ce:be:13:a8:4a:98:a9:c0:1a:c1:f0:dc:a8:20:b7:66:af:
cb:dc:62:62:7d:d9:a9:e4:78:cd:36:ef:fa:fa:c1:ef:4e:af:
11:8b:7b:33:f3:ff:da:88:0f:77:f3:ca:40:58:35:ad:1a:d6:
4a:71:af:e0:bf:09:ca:dd:e9:48:15:31:54:68:0e:7d:fb:c3:
0b:9b:78:75:5d:36:54:ea:42:61:fc:7f:5f:77:e1:33:91:9e:
50:67:97:b7:2e:f4:c3:31:93:1e:da:35:63:e5:f1:3a:da:0f:
92:65:c3:9f:93:7f:35:ee:50:5f:48:64:b5:86:b3:1d:4d:a5:
7f:f6:1e:d0:61:d7:c1:82:57:67:e4:27:5f:9c:2e:77:2a:4a:
17:af:3d:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNVk98So830vW727f1eXb8mbroB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDExMzFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4NGRmNjE5NDg4ZTA2YWQyOTlmZjU1M2Q2N2FlYzE2NTY1OWFlMGM5NGQy
MTEyZTQ2MGE2NTUyMmE3N2U5NWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANUm9E2Oq31FMdxHuFgE2QyxVF2SnOXBqcPmpjcwqzwF2f/0EsYrCZ6RkvDz
2TikNnlRIWV/rjS8cCeATctOJ+EPYUm7UuBqegL80SxZecGCLB032BazTkXpAg/n
nTTXVsxRoMJ4YURWiD1JPiuGOr/gdiKHOissVUP6mMKHxx5u/dkg4vZeFRkTY9Dy
Rox4ndEvoAr9TtR8Mu7pLoRcfjWYSTJ/Ye39CR9tR5TZA6MTjCKGXXpiiWU/8fUT
dibYbJN2aARm1ioD1V+m7noauEdnk/lEtTN9jbow6BcQV8nG50GkRpKSrWSHI2FZ
egtqhFTy6+7mK1dbrlJXuiDouZ0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSik/Tn
d/4zJq8ZcSEB/cIRGhS8JTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQ1ZmRjM2EtMWJmZC00Njc3LTllNTItYTEyYzg3Mjg1MmYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BEA
MA0GCSqGSIb3DQEBCwUAA4IBAQCzeZ89bd2VKLr4QtB7Eox3pVdGdeAblO1cm4Rs
mj1d/A6AXv8VQn/6RtD2GTSrOd/5yZOiZ37FTveZMv7nBAL/SdZ+0pE/gzm79Niy
UFioe9VaebZKQscSHkmIduD2oJFxr8almxu91b0VQle9zr4TqEqYqcAawfDcqCC3
Zq/L3GJifdmp5HjNNu/6+sHvTq8Ri3sz8//aiA9388pAWDWtGtZKca/gvwnK3elI
FTFUaA59+8MLm3h1XTZU6kJh/H9fd+EzkZ5QZ5e3LvTDMZMe2jVj5fE62g+SZcOf
k3817lBfSGS1hrMdTaV/9h7QYdfBgldn5CdfnC53KkoXrz25
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:10 2025 by rpki-client