Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
File: 9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa (raw, json)
Hash identifier: 4Ev6z2KO5aBNUB4Oj60fivoR6OAQHtlnGH6ApFoe8do=
Subject key identifier: D5:FA:67:7B:D1:03:B4:EF:80:84:29:49:21:34:CA:0E:FA:1D:59:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 296E29380D956B6815DC29837AF96330B0081E6E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
Signing time: Tue 05 Aug 2025 19:31:02 +0000
ROA not before: Tue 05 Aug 2025 19:31:02 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:6e:29:38:0d:95:6b:68:15:dc:29:83:7a:f9:63:30:b0:08:1e:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:31:02 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=ee5564e8cd3381804d24d0b62ac352aa8bd9addfa962842255d348a1b9c22f83, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f2:0f:78:d0:43:f3:1e:bd:4a:a3:69:57:17:
ed:f3:ee:55:48:4a:0b:b8:c6:10:0a:fb:3c:10:b0:
78:a5:41:e9:6b:2e:7c:83:95:79:81:ba:9c:c7:a9:
a2:2f:5b:6b:0c:a8:c8:e7:d0:ea:50:6c:5f:52:fe:
d1:92:de:38:ba:83:c7:cd:2e:5f:78:4d:cc:cf:b1:
92:7c:9e:39:23:ef:f7:16:f9:c5:61:5d:7f:14:55:
f6:4c:c5:0a:ba:33:fc:56:fd:e2:46:96:a5:47:bf:
e9:43:7a:2d:b2:dd:f3:44:5c:00:24:4b:21:61:d9:
31:17:cd:c1:8c:2e:97:68:c5:20:84:cf:9b:bf:34:
74:3d:00:95:2f:f2:bc:17:20:86:ee:53:4f:04:c2:
c0:98:d4:7b:f0:c7:7d:28:96:52:50:3f:42:dc:e7:
09:60:8c:8b:95:9b:3e:69:3a:cc:4b:00:5b:a5:f6:
cb:33:99:fa:25:41:30:5d:67:a1:5b:be:26:5a:95:
3f:bb:fa:6b:42:76:f5:40:0c:71:cd:31:75:7a:d6:
f6:c4:b7:85:b2:1a:16:08:88:9b:92:c5:18:d4:aa:
a6:2c:39:67:49:38:39:cb:f8:7b:b6:a0:19:36:83:
4e:30:5e:6c:eb:77:af:62:19:00:06:6b:4f:a0:ee:
38:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:FA:67:7B:D1:03:B4:EF:80:84:29:49:21:34:CA:0E:FA:1D:59:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:6000::/40
Signature Algorithm: sha256WithRSAEncryption
81:c2:aa:b2:8c:29:03:ed:e8:37:2c:bd:06:3d:54:38:09:72:
db:13:c4:47:c9:6c:89:25:86:34:1d:43:fa:8f:ce:1d:87:6c:
fe:7f:8f:d4:b9:24:dd:3a:b1:ac:dd:22:8d:7f:f5:e5:bf:26:
b4:7b:99:1a:3b:ec:5b:6a:23:18:40:49:21:ce:f6:27:31:27:
8f:65:98:7b:83:79:8a:7d:4c:d8:79:33:d8:54:66:a0:55:18:
6d:c0:7e:8a:1f:30:b7:2d:b6:2a:e9:50:4b:72:73:ae:75:5e:
6b:aa:74:d1:76:56:b3:5f:54:c1:d2:ea:90:56:88:39:78:43:
ea:65:6d:06:fb:7a:a2:fa:81:fb:4f:9c:48:ac:64:6f:79:96:
ed:22:d7:b8:6a:81:20:ae:2a:07:e4:79:16:c0:85:5f:c0:dc:
f4:5b:28:66:ea:ab:2a:7c:ac:03:0f:8d:fd:fb:48:e1:e8:b4:
bc:19:4b:b6:1c:45:42:36:00:e3:37:30:38:a8:c6:71:43:fb:
1e:16:87:31:71:f6:35:d4:b4:40:e7:cc:a2:b9:d5:72:97:f6:
8e:f2:4f:86:3f:b2:7a:09:7d:37:42:e0:b0:9d:e2:5f:19:5b:
d7:b1:d4:4a:5f:f5:d8:31:3e:69:64:ce:5e:ee:da:50:93:a5:
9a:d0:e5:21
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKW4pOA2Va2gV3CmDevljMLAIHm4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMxMDJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlNTU2NGU4Y2QzMzgxODA0ZDI0ZDBiNjJhYzM1MmFhOGJkOWFkZGZhOTYy
ODQyMjU1ZDM0OGExYjljMjJmODMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnyD3jQQ/MevUqjaVcX7fPuVUhKC7jGEAr7PBCweKVB6WsufIOVeYG6nMep
oi9bawyoyOfQ6lBsX1L+0ZLeOLqDx80uX3hNzM+xknyeOSPv9xb5xWFdfxRV9kzF
Croz/Fb94kaWpUe/6UN6LbLd80RcACRLIWHZMRfNwYwul2jFIITPm780dD0AlS/y
vBcghu5TTwTCwJjUe/DHfSiWUlA/QtznCWCMi5WbPmk6zEsAW6X2yzOZ+iVBMF1n
oVu+JlqVP7v6a0J29UAMcc0xdXrW9sS3hbIaFgiIm5LFGNSqpiw5Z0k4Ocv4e7ag
GTaDTjBebOt3r2IZAAZrT6DuOK0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTV+md7
0QO074CEKUkhNMoO+h1ZCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWRjYzcwZGUtNjJiMC00MTBhLThjNDAtZDUxMDJjOWNjZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJg
MA0GCSqGSIb3DQEBCwUAA4IBAQCBwqqyjCkD7eg3LL0GPVQ4CXLbE8RHyWyJJYY0
HUP6j84dh2z+f4/UuSTdOrGs3SKNf/Xlvya0e5kaO+xbaiMYQEkhzvYnMSePZZh7
g3mKfUzYeTPYVGagVRhtwH6KHzC3LbYq6VBLcnOudV5rqnTRdlazX1TB0uqQVog5
eEPqZW0G+3qi+oH7T5xIrGRveZbtIte4aoEgrioH5HkWwIVfwNz0Wyhm6qsqfKwD
D439+0jh6LS8GUu2HEVCNgDjNzA4qMZxQ/seFocxcfY11LRA58yiudVyl/aO8k+G
P7J6CX03QuCwneJfGVvXsdRKX/XYMT5pZM5e7tpQk6Wa0OUh
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:52 2025 by rpki-client