Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
File: a37b3e49-cec5-4def-b3ef-5356277d82ab.roa (raw, json)
Hash identifier: I4o6uzyCmQRuZwCZNj0Y93il/SAZ9V1ileF83LXbaw8=
Subject key identifier: 82:9C:22:41:53:A6:53:99:33:40:8F:11:F9:D4:E7:37:B2:25:1A:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FEA21E678C53F043CFF18651A26FFA6056FFDFF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
Signing time: Wed 06 Aug 2025 00:50:59 +0000
ROA not before: Wed 06 Aug 2025 00:50:59 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:ea:21:e6:78:c5:3f:04:3c:ff:18:65:1a:26:ff:a6:05:6f:fd:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:59 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=e7b58e779e20c14fc893facfbff4d9ee97a8a52cdf5d216703bd60ffad8f4bc9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7c:6f:ba:76:d8:0e:b6:95:13:bb:f4:f3:e3:
26:40:e8:94:d3:2e:d0:d9:6f:2d:1b:a4:e8:48:18:
97:0e:60:b2:2e:8d:69:3d:4a:13:15:79:1d:85:c3:
ab:7d:dc:1c:a3:9a:75:73:51:38:42:9f:72:ed:d5:
a9:81:a5:b2:47:e0:35:92:a5:91:30:40:c2:30:5e:
b9:af:8a:6a:2d:eb:64:30:ea:ad:91:a7:42:a7:2a:
b9:42:62:d6:05:dc:bf:06:30:33:87:93:c0:f2:03:
4a:d6:14:fa:f3:4e:be:b5:ef:29:03:2a:cd:0f:38:
b1:66:ee:48:4d:4e:df:c8:de:c6:25:e5:a0:60:2d:
75:c8:74:8b:e7:24:1c:eb:1e:63:de:c3:79:f3:24:
c3:10:ab:5e:cc:a1:7b:17:a5:eb:ec:61:dc:54:15:
86:69:96:f4:f9:05:b1:5a:f2:08:79:75:1f:3f:7b:
6b:3b:89:c2:40:1f:b6:23:36:aa:4d:ed:33:ff:1c:
a7:75:df:89:a9:ac:79:36:37:fe:0e:97:f8:09:52:
58:c1:1d:44:7b:b2:8d:26:d4:62:5c:cf:bc:49:fd:
31:22:72:6f:2c:64:f5:04:6f:bd:b2:ca:38:9d:ba:
ea:25:bf:38:6c:b0:5c:d5:c6:91:d9:a5:cf:c8:8a:
44:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:9C:22:41:53:A6:53:99:33:40:8F:11:F9:D4:E7:37:B2:25:1A:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:1000::/40
Signature Algorithm: sha256WithRSAEncryption
87:77:3a:77:1f:0f:7e:45:a6:af:1e:6d:de:f1:8c:8e:7c:3f:
97:9c:05:95:af:53:8c:bf:31:80:17:43:37:ef:2d:fe:8a:9a:
70:75:90:59:11:c4:b3:7e:fe:2e:f5:e2:f7:dc:d1:9d:b0:7c:
74:d5:40:51:36:a5:d9:54:b7:fb:17:57:c0:7f:62:96:bd:8e:
01:c9:a6:3d:e7:4e:1c:d6:66:ae:be:c8:b7:b7:a6:94:fc:46:
33:15:ed:82:ff:0a:a6:8d:dc:f1:6e:aa:5c:21:f2:39:aa:6d:
25:5f:32:0c:5c:08:29:ea:8c:f6:7b:43:02:a4:35:94:c5:1d:
b8:a2:59:71:02:5e:e9:07:0a:2d:fc:61:78:9f:a4:a9:cb:61:
6c:01:ca:be:57:da:b7:7f:8a:db:1b:13:d0:34:50:b2:c0:59:
1b:f4:a5:6a:01:78:a3:ea:57:7c:15:5d:55:76:50:83:fe:6c:
ed:9b:33:cc:a5:80:e7:5b:d2:2e:2d:8c:a5:85:9a:9c:d3:6f:
f6:af:10:88:4a:67:e4:2d:16:64:96:ed:7f:08:97:ea:46:c1:
d5:0f:85:cb:e8:4b:64:85:2a:89:4a:91:76:5e:fe:79:58:9d:
6c:53:9f:76:15:68:8e:0b:e1:03:20:7c:2c:b2:8b:11:dd:c9:
cc:ee:be:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP+oh5njFPwQ8/xhlGib/pgVv/f8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwNTlaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3YjU4ZTc3OWUyMGMxNGZjODkzZmFjZmJmZjRkOWVlOTdhOGE1MmNkZjVk
MjE2NzAzYmQ2MGZmYWQ4ZjRiYzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALR8b7p22A62lRO79PPjJkDolNMu0NlvLRuk6EgYlw5gsi6NaT1KExV5HYXD
q33cHKOadXNROEKfcu3VqYGlskfgNZKlkTBAwjBeua+Kai3rZDDqrZGnQqcquUJi
1gXcvwYwM4eTwPIDStYU+vNOvrXvKQMqzQ84sWbuSE1O38jexiXloGAtdch0i+ck
HOseY97DefMkwxCrXsyhexel6+xh3FQVhmmW9PkFsVryCHl1Hz97azuJwkAftiM2
qk3tM/8cp3XfiamseTY3/g6X+AlSWMEdRHuyjSbUYlzPvEn9MSJybyxk9QRvvbLK
OJ266iW/OGywXNXGkdmlz8iKRG8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSCnCJB
U6ZTmTNAjxH51Oc3siUafTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTM3YjNlNDktY2VjNS00ZGVmLWIzZWYtNTM1NjI3N2Q4MmFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCHdzp3Hw9+RaavHm3e8YyOfD+XnAWVr1OMvzGA
F0M37y3+ippwdZBZEcSzfv4u9eL33NGdsHx01UBRNqXZVLf7F1fAf2KWvY4ByaY9
504c1mauvsi3t6aU/EYzFe2C/wqmjdzxbqpcIfI5qm0lXzIMXAgp6oz2e0MCpDWU
xR24ollxAl7pBwot/GF4n6Spy2FsAcq+V9q3f4rbGxPQNFCywFkb9KVqAXij6ld8
FV1VdlCD/mztmzPMpYDnW9IuLYylhZqc02/2rxCISmfkLRZklu1/CJfqRsHVD4XL
6EtkhSqJSpF2Xv55WJ1sU592FWiOC+EDIHwssosR3cnM7r7X
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:59 2025 by rpki-client