Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa
File: a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa (raw, json)
Hash identifier: pGXAEqQ36ctGCIHFiBkkTG8/UnCbqZAJCSIVfiHnm7I=
Subject key identifier: 32:9F:5E:3F:0B:65:24:95:82:8E:24:BC:23:52:F1:97:93:B2:D4:50
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C2A0DF7D90CC987F027E9D2CD66799EF02E90D8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa
Signing time: Tue 19 Aug 2025 16:50:33 +0000
ROA not before: Tue 19 Aug 2025 16:50:33 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:2a:0d:f7:d9:0c:c9:87:f0:27:e9:d2:cd:66:79:9e:f0:2e:90:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:33 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=891af459e81ab2e1f87bf641d00c776df727d6ac0d357066a23463d1ed762cd2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:4a:b9:b0:22:93:c2:f7:f7:1d:51:f2:5a:1d:
d4:18:86:f2:2b:58:b5:c7:69:20:2b:62:48:f2:d6:
d7:14:59:3c:c5:b8:df:c9:9f:80:e4:b8:2a:8f:31:
3f:a1:8f:ea:c5:1a:8e:b0:c4:7d:63:42:59:33:1e:
5d:46:ce:b2:29:3e:ff:73:45:0a:8a:9e:f2:97:5e:
b2:39:ed:9a:ac:42:e5:12:8d:09:f5:56:d6:df:e4:
7e:9f:e2:86:e4:9f:75:53:ea:86:32:df:fd:0c:79:
6f:ef:fe:4c:ef:22:76:94:b6:40:bd:d0:1d:ec:90:
f6:bb:10:38:21:39:ae:54:f8:3c:63:8e:c0:19:8a:
a2:2f:98:68:b6:73:2a:e4:71:29:a2:59:ec:46:28:
86:d4:76:21:1f:15:9b:c7:24:2c:a8:15:85:13:da:
d3:36:ed:69:b4:85:99:ea:37:e6:ac:2a:94:dc:36:
95:a8:d2:1c:66:23:32:af:73:a0:84:c1:02:75:ef:
4f:df:fc:dc:02:e4:25:38:30:b5:29:d9:1b:e6:18:
a1:28:c4:e1:9e:44:32:b6:bd:51:a5:e4:19:03:0c:
25:2e:e3:a1:08:7a:34:13:c4:ae:a4:dc:49:0c:a0:
99:f5:e2:0c:7f:e6:80:bb:94:d0:6b:40:48:a6:32:
9d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:9F:5E:3F:0B:65:24:95:82:8E:24:BC:23:52:F1:97:93:B2:D4:50
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a49e23de-6fc9-412b-9d23-4f0830d9fa7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:800::/40
Signature Algorithm: sha256WithRSAEncryption
9e:12:b6:80:15:35:53:93:e3:3e:02:78:8d:ab:e1:a1:be:7b:
b6:75:fe:43:22:be:94:e6:87:02:8e:39:e4:96:6b:b9:75:4a:
05:49:3d:63:8e:9b:49:59:ba:e6:a6:57:89:60:87:25:30:d7:
01:68:21:24:c3:3b:b7:71:70:8a:cf:35:40:d6:11:17:53:36:
a0:0e:da:11:cc:09:b6:dd:3c:cf:f4:0d:b4:51:13:1b:9f:ae:
3e:36:1f:e2:3c:ad:f5:fe:96:05:ff:d1:22:fa:49:14:a3:a8:
33:eb:3c:7c:8c:61:05:81:be:fe:85:be:e2:3f:84:b0:7b:16:
09:61:be:62:ef:de:7e:d9:fc:7a:c6:a6:a2:88:a9:56:c8:e1:
f6:19:8d:c2:82:87:83:d3:2d:b1:c2:5a:47:5f:e5:31:80:62:
5e:82:e4:42:76:c6:30:e3:c4:b2:6b:ae:24:8f:8a:67:49:d1:
fe:9a:1d:3a:f9:d4:a4:4f:67:ff:c5:63:25:b1:44:ba:3d:39:
f5:42:79:24:7c:c1:1b:6a:09:4d:ba:9a:e2:d7:84:b1:db:3a:
79:ad:79:49:87:60:6b:7a:05:ea:c0:d6:b7:4a:0b:ed:2a:ce:
f1:6d:b3:36:dc:31:bd:c3:64:b8:5c:73:fd:cc:2a:d7:a9:97:
3a:4c:46:fe
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHCoN99kMyYfwJ+nSzWZ5nvAukNgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwMzNaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5MWFmNDU5ZTgxYWIyZTFmODdiZjY0MWQwMGM3NzZkZjcyN2Q2YWMwZDM1
NzA2NmEyMzQ2M2QxZWQ3NjJjZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOBKubAik8L39x1R8lod1BiG8itYtcdpICtiSPLW1xRZPMW438mfgOS4Ko8x
P6GP6sUajrDEfWNCWTMeXUbOsik+/3NFCoqe8pdesjntmqxC5RKNCfVW1t/kfp/i
huSfdVPqhjLf/Qx5b+/+TO8idpS2QL3QHeyQ9rsQOCE5rlT4PGOOwBmKoi+YaLZz
KuRxKaJZ7EYohtR2IR8Vm8ckLKgVhRPa0zbtabSFmeo35qwqlNw2lajSHGYjMq9z
oITBAnXvT9/83ALkJTgwtSnZG+YYoSjE4Z5EMra9UaXkGQMMJS7joQh6NBPErqTc
SQygmfXiDH/mgLuU0GtASKYynW8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQyn14/
C2UklYKOJLwjUvGXk7LUUDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQ5ZTIzZGUtNmZjOS00MTJiLTlkMjMtNGYwODMwZDlmYTdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQI
MA0GCSqGSIb3DQEBCwUAA4IBAQCeEraAFTVTk+M+AniNq+Ghvnu2df5DIr6U5ocC
jjnklmu5dUoFST1jjptJWbrmpleJYIclMNcBaCEkwzu3cXCKzzVA1hEXUzagDtoR
zAm23TzP9A20URMbn64+Nh/iPK31/pYF/9Ei+kkUo6gz6zx8jGEFgb7+hb7iP4Sw
exYJYb5i795+2fx6xqaiiKlWyOH2GY3CgoeD0y2xwlpHX+UxgGJeguRCdsYw48Sy
a64kj4pnSdH+mh06+dSkT2f/xWMlsUS6PTn1QnkkfMEbaglNupri14Sx2zp5rXlJ
h2BregXqwNa3SgvtKs7xbbM23DG9w2S4XHP9zCrXqZc6TEb+
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:49:45 2025 by rpki-client