Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
File: 9fb96617-2d2f-468d-b766-35c52d9f2681.roa (raw, json)
Hash identifier: TIw3xwhL9LGSZBWVMOr8WIM2+awNh8hZZbYnB6/qK6o=
Subject key identifier: 3C:78:B0:1F:63:FF:AE:25:C8:5B:99:FF:38:35:E5:DB:62:4D:74:6E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7231C440409933A3AF0E995C42660DA9AE00E0AB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
Signing time: Tue 05 Aug 2025 20:01:04 +0000
ROA not before: Tue 05 Aug 2025 20:01:04 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:31:c4:40:40:99:33:a3:af:0e:99:5c:42:66:0d:a9:ae:00:e0:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:01:04 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=ad953abe08df32fc9b2c9bbc65305b256b208b0aea7dd452b8776095ec859482, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8d:22:9a:ed:eb:91:8d:21:f1:48:64:a7:2f:
d2:75:55:81:18:c1:27:25:31:7c:7a:ff:63:92:62:
53:b9:f8:c8:83:22:b4:1d:5b:69:c7:70:ad:d7:31:
cd:0c:bf:d2:96:03:bc:4f:6a:e2:9f:47:b7:02:0a:
fa:b5:03:85:5a:d4:11:1e:97:fb:9e:96:a9:c1:e9:
ee:e8:81:52:6e:c1:1d:24:45:db:d5:c6:e1:75:b6:
92:66:eb:47:a9:49:10:9c:f8:eb:88:98:58:70:14:
cc:84:59:d6:ae:36:d8:7c:10:91:7c:51:2a:83:f1:
3a:cd:f3:c4:1b:08:3a:21:88:a7:37:74:96:1e:49:
29:36:dc:ab:82:71:c5:32:1d:74:f8:c4:a4:87:a8:
d3:d4:33:de:e2:10:14:4c:4e:5a:20:6a:47:3f:bb:
ca:d5:91:3a:66:85:1f:3a:35:55:be:36:4e:30:b6:
c8:c4:e5:f6:fd:20:59:e0:77:03:a9:12:0b:4b:c5:
ce:cd:15:fe:ad:8f:f0:17:b9:d4:36:5e:d7:11:af:
df:3b:d1:d0:d0:6b:7f:39:bf:c5:d7:e3:14:f5:80:
cc:07:4f:b4:20:4e:d3:44:c2:1c:1a:66:46:a7:3e:
0f:57:67:1b:d3:4d:e1:e3:23:69:4a:90:de:ce:13:
f6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:78:B0:1F:63:FF:AE:25:C8:5B:99:FF:38:35:E5:DB:62:4D:74:6E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015:800::/38
Signature Algorithm: sha256WithRSAEncryption
a8:91:47:c2:ed:9e:2d:eb:90:50:0c:db:79:f3:f3:5c:da:b5:
bc:09:d1:c3:24:4f:86:e2:d5:fa:7d:73:b0:de:d4:d5:0a:7a:
9a:c2:b5:e6:20:d5:7f:46:d9:64:aa:74:35:ee:e3:56:e7:7c:
23:9e:9a:03:4e:92:e5:3e:fd:b6:23:c0:8c:cb:09:38:16:7e:
5a:81:27:1e:c6:17:e4:70:41:3b:56:df:80:c3:ed:fa:73:6d:
84:64:19:b5:2a:83:22:1c:24:b3:9b:9a:ac:34:e5:fc:c7:bb:
ee:18:16:2d:b0:91:c3:cd:36:e7:94:6d:a4:70:40:07:86:2a:
40:a5:6d:95:dd:6e:f0:10:67:7d:e0:75:bb:db:62:7c:2c:a7:
04:76:bf:6e:2e:b6:33:da:98:e0:4a:72:d6:89:14:01:17:82:
86:bf:9a:d1:e8:b5:f6:68:d5:de:3b:69:a3:e0:29:7c:4e:7f:
b1:eb:77:e3:90:ce:cc:e0:f0:f1:dd:f1:11:23:b1:ce:53:6a:
2c:30:0c:a9:fa:b8:3e:0d:80:f8:54:aa:df:6b:97:e0:ef:14:
f0:3d:8e:06:e7:6f:71:0d:25:2a:5f:82:a3:28:5e:9f:b3:1c:
fe:4d:32:5d:95:14:79:47:9f:c3:35:e0:69:f7:18:7c:1b:fd:
32:8f:da:f4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcjHEQECZM6OvDplcQmYNqa4A4KswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAxMDRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkOTUzYWJlMDhkZjMyZmM5YjJjOWJiYzY1MzA1YjI1NmIyMDhiMGFlYTdk
ZDQ1MmI4Nzc2MDk1ZWM4NTk0ODIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKNIprt65GNIfFIZKcv0nVVgRjBJyUxfHr/Y5JiU7n4yIMitB1bacdwrdcx
zQy/0pYDvE9q4p9HtwIK+rUDhVrUER6X+56WqcHp7uiBUm7BHSRF29XG4XW2kmbr
R6lJEJz464iYWHAUzIRZ1q422HwQkXxRKoPxOs3zxBsIOiGIpzd0lh5JKTbcq4Jx
xTIddPjEpIeo09Qz3uIQFExOWiBqRz+7ytWROmaFHzo1Vb42TjC2yMTl9v0gWeB3
A6kSC0vFzs0V/q2P8Be51DZe1xGv3zvR0NBrfzm/xdfjFPWAzAdPtCBO00TCHBpm
Rqc+D1dnG9NN4eMjaUqQ3s4T9lsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ8eLAf
Y/+uJchbmf84NeXbYk10bjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZiOTY2MTctMmQyZi00NjhkLWI3NjYtMzVjNTJkOWYyNjgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUI
MA0GCSqGSIb3DQEBCwUAA4IBAQCokUfC7Z4t65BQDNt58/Nc2rW8CdHDJE+G4tX6
fXOw3tTVCnqawrXmINV/RtlkqnQ17uNW53wjnpoDTpLlPv22I8CMywk4Fn5agSce
xhfkcEE7Vt+Aw+36c22EZBm1KoMiHCSzm5qsNOX8x7vuGBYtsJHDzTbnlG2kcEAH
hipApW2V3W7wEGd94HW722J8LKcEdr9uLrYz2pjgSnLWiRQBF4KGv5rR6LX2aNXe
O2mj4Cl8Tn+x63fjkM7M4PDx3fERI7HOU2osMAyp+rg+DYD4VKrfa5fg7xTwPY4G
529xDSUqX4KjKF6fsxz+TTJdlRR5R5/DNeBp9xh8G/0yj9r0
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:54:09 2025 by rpki-client