Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
File: 9ea9340f-dd25-4e30-a952-27ce8d9906df.roa (raw, json)
Hash identifier: KhN9WzwRd/vDtjAJ3lcZbXu+Drc4xFc0/7oT38h87yw=
Subject key identifier: 17:A3:CF:C7:14:12:9D:5C:F8:CA:A6:02:32:81:39:D8:38:29:82:D6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3969C1425DAD06F1AB9B48F65060F15EB013EBD0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
Signing time: Fri 22 Aug 2025 15:11:18 +0000
ROA not before: Fri 22 Aug 2025 15:11:18 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:69:c1:42:5d:ad:06:f1:ab:9b:48:f6:50:60:f1:5e:b0:13:eb:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:11:18 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=689926acb3f6fb25a28f4ceae5761866c4a691d2944fa09d59411e384f046ebd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:fe:32:b2:5c:4b:38:6c:7a:51:86:85:88:4e:
cf:53:d2:58:ac:10:d5:98:9f:ed:3f:79:56:2e:0e:
72:4c:85:96:c0:05:6b:2c:4d:98:58:0a:82:57:3b:
28:6e:3f:10:86:b6:be:9b:0d:b3:71:d7:f5:5b:54:
2b:e3:8c:91:0e:aa:9e:49:1a:62:b7:7f:28:10:ee:
db:eb:86:ad:b7:79:93:20:77:70:da:4f:d5:21:63:
ca:f6:83:b2:02:83:61:f3:d6:7e:81:3f:5b:78:3c:
b3:66:1e:53:3b:07:5c:4c:56:3c:5b:aa:de:cd:07:
36:bc:1a:73:e6:91:6a:90:61:ae:f8:73:c6:f2:13:
81:8d:15:ca:6f:5d:71:d3:20:cb:23:e4:cf:17:71:
f6:e7:b9:18:ab:ce:72:de:52:ab:9f:f8:70:fd:35:
54:d1:6f:d8:90:c6:bc:20:7b:6c:cb:21:80:04:b8:
d7:27:e4:a4:f8:63:56:a3:62:0e:e9:46:2c:5d:99:
b2:91:0d:bb:c1:48:0c:57:af:e7:ab:89:f9:89:fd:
a2:ca:23:cf:9b:89:fe:15:86:fe:f8:45:fd:fc:cd:
e1:b0:8c:55:35:7b:98:8b:17:a5:d5:35:f7:c1:98:
7a:1d:58:b4:7c:ce:43:ce:76:95:a3:d9:22:c7:a8:
e8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:A3:CF:C7:14:12:9D:5C:F8:CA:A6:02:32:81:39:D8:38:29:82:D6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:4000::/40
Signature Algorithm: sha256WithRSAEncryption
69:4c:1a:43:1d:05:be:ef:2e:ea:53:f3:f0:f7:58:16:76:83:
55:bf:f0:34:8d:d6:46:9f:d2:86:8e:4f:05:e6:91:c7:a2:3d:
64:8a:bb:19:1f:1c:d6:13:71:f3:0d:e7:62:87:cc:15:8b:3e:
8e:ff:e8:2a:93:42:7e:8e:e2:0f:4e:b6:14:2e:72:36:56:a9:
ae:14:1f:65:46:15:83:b5:43:9e:7a:c8:a1:e9:bc:fe:de:d6:
c6:3d:79:1f:27:9e:25:b0:b3:e1:ac:15:e0:f0:5f:e1:94:b4:
f6:2e:4b:27:81:dc:b3:ee:44:5d:61:4d:b0:00:e0:8b:77:06:
ed:15:23:de:49:3f:e7:21:8f:3d:ae:ce:92:a9:16:8b:82:5f:
02:fe:25:64:e1:4b:cb:39:a6:33:a6:b1:b2:c0:39:5a:27:c2:
7d:ac:2e:f9:c8:e0:6d:ae:59:99:2d:c5:3c:0e:54:1d:47:5b:
b8:b9:17:70:ae:99:fb:7f:61:91:78:84:9c:b9:71:f4:ca:ac:
3d:56:7c:a0:05:ba:48:ba:0c:b3:81:83:01:c5:ca:ef:f2:b3:
0e:bf:62:bd:07:a4:89:ba:10:10:37:4d:ff:cb:46:d0:9a:61:
8b:26:2e:bf:76:69:6d:54:ba:d0:0e:53:e1:c0:f3:ac:a1:ce:
6d:5b:a7:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOWnBQl2tBvGrm0j2UGDxXrAT69AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTExMThaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4OTkyNmFjYjNmNmZiMjVhMjhmNGNlYWU1NzYxODY2YzRhNjkxZDI5NDRm
YTA5ZDU5NDExZTM4NGYwNDZlYmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANn+MrJcSzhselGGhYhOz1PSWKwQ1Zif7T95Vi4OckyFlsAFayxNmFgKglc7
KG4/EIa2vpsNs3HX9VtUK+OMkQ6qnkkaYrd/KBDu2+uGrbd5kyB3cNpP1SFjyvaD
sgKDYfPWfoE/W3g8s2YeUzsHXExWPFuq3s0HNrwac+aRapBhrvhzxvITgY0Vym9d
cdMgyyPkzxdx9ue5GKvOct5Sq5/4cP01VNFv2JDGvCB7bMshgAS41yfkpPhjVqNi
DulGLF2ZspENu8FIDFev56uJ+Yn9osojz5uJ/hWG/vhF/fzN4bCMVTV7mIsXpdU1
98GYeh1YtHzOQ852laPZIseo6B0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQXo8/H
FBKdXPjKpgIygTnYOCmC1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVhOTM0MGYtZGQyNS00ZTMwLWE5NTItMjdjZThkOTkwNmRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBA
MA0GCSqGSIb3DQEBCwUAA4IBAQBpTBpDHQW+7y7qU/Pw91gWdoNVv/A0jdZGn9KG
jk8F5pHHoj1kirsZHxzWE3HzDedih8wViz6O/+gqk0J+juIPTrYULnI2VqmuFB9l
RhWDtUOeesih6bz+3tbGPXkfJ54lsLPhrBXg8F/hlLT2Lksngdyz7kRdYU2wAOCL
dwbtFSPeST/nIY89rs6SqRaLgl8C/iVk4UvLOaYzprGywDlaJ8J9rC75yOBtrlmZ
LcU8DlQdR1u4uRdwrpn7f2GReIScuXH0yqw9VnygBbpIugyzgYMBxcrv8rMOv2K9
B6SJuhAQN03/y0bQmmGLJi6/dmltVLrQDlPhwPOsoc5tW6fX
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:45 2025 by rpki-client