Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
File: a7031a07-12ba-45f8-a53b-6bd5b713c999.roa (raw, json)
Hash identifier: YjlGVIgSu1dqUP34PQLSJCLAqD3sXqhFa1v0z8sT88Q=
Subject key identifier: 20:26:F7:CE:E2:D1:FB:4A:FD:D4:70:1F:D7:A8:6F:EB:E9:BA:65:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24C1CA3A33BE0BE26FD28C78070930DFE5C14558
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
Signing time: Tue 05 Aug 2025 20:01:03 +0000
ROA not before: Tue 05 Aug 2025 20:01:03 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:c1:ca:3a:33:be:0b:e2:6f:d2:8c:78:07:09:30:df:e5:c1:45:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:01:03 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=97d08a2dfbc2ed6411c34348f609c141f32a043673b0df991f3c566245621db8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b6:bd:96:e5:37:5e:54:c7:dd:24:d8:e7:65:
97:9a:2f:0c:6e:96:f7:c1:10:c4:22:bc:43:9b:44:
61:da:61:d6:23:83:fd:0e:89:c5:95:99:eb:6a:f6:
bf:43:3b:a2:fe:87:46:ce:69:db:40:44:ae:24:0b:
b5:d2:c4:a4:0c:85:59:fb:e5:2e:af:6b:83:b5:88:
4a:80:9c:1b:bb:22:9e:d9:0b:db:f2:bf:8c:65:24:
1a:99:4d:ce:b0:f9:94:e7:e9:58:68:7c:f7:6f:ad:
f5:66:77:eb:9f:67:6c:b1:66:1a:e1:26:8f:62:c2:
ec:00:a7:5b:d2:2e:c0:4a:f6:d5:4b:ad:98:bd:9e:
09:dc:c4:a8:88:9a:a3:1b:70:96:49:6e:b8:42:f3:
94:c4:77:5d:4d:1e:08:2f:f3:da:a9:20:ad:51:a1:
d2:05:17:19:ab:85:43:d3:4c:f8:96:bb:44:7a:36:
86:ff:b8:9d:79:67:2e:e8:5c:e7:86:d8:04:a0:e5:
f9:89:17:88:b7:d3:10:f6:95:0f:02:65:98:df:96:
a8:68:48:a4:52:18:31:44:c2:ae:0c:e1:29:82:b5:
7f:83:4d:43:71:ed:61:f7:74:0d:0e:d0:77:ed:4f:
c0:c7:20:52:2b:97:db:95:19:59:3e:64:28:b9:01:
c0:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:26:F7:CE:E2:D1:FB:4A:FD:D4:70:1F:D7:A8:6F:EB:E9:BA:65:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7031a07-12ba-45f8-a53b-6bd5b713c999.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a:400::/38
Signature Algorithm: sha256WithRSAEncryption
34:19:14:84:b2:a9:dd:e0:c2:38:a7:25:47:1d:ab:7f:3f:63:
7a:07:98:9a:14:65:21:f0:32:5a:93:64:6c:84:8a:8a:77:c6:
33:9b:ea:f9:16:a1:d6:39:3a:20:09:e4:f3:e4:8b:bf:1b:85:
14:1e:87:2e:57:6d:f6:8e:74:18:cb:a7:fe:99:a5:1c:64:66:
9e:9f:3c:21:24:61:04:9e:09:57:e1:16:8d:04:db:f3:21:92:
c3:c8:9e:a3:cf:ba:84:bb:82:83:a6:4c:bf:46:11:f2:6d:09:
a9:eb:d9:96:7d:d2:ff:b0:c7:41:02:ed:96:98:7e:49:b6:d8:
cc:42:67:22:65:59:37:8a:6b:8d:0d:dc:42:2a:be:84:f4:e4:
a2:b0:8a:aa:97:75:a2:68:29:0c:05:66:60:a4:e4:66:85:44:
4b:9f:bf:5c:57:6d:79:54:bb:9f:1c:ac:c5:23:22:e8:7a:97:
8c:bc:02:08:4f:c2:11:71:97:51:0e:d7:ed:b0:15:45:ab:73:
4d:8a:09:23:12:d4:73:e6:9d:09:eb:b6:49:e2:de:95:9f:24:
bb:b8:f9:ff:ad:1b:7d:09:84:7b:3a:49:e7:f8:7c:7a:cd:3b:
55:a4:4f:8a:07:2e:0c:ce:94:57:cd:55:de:89:ca:73:4e:d4:
f9:71:31:85
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJMHKOjO+C+Jv0ox4Bwkw3+XBRVgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAxMDNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3ZDA4YTJkZmJjMmVkNjQxMWMzNDM0OGY2MDljMTQxZjMyYTA0MzY3M2Iw
ZGY5OTFmM2M1NjYyNDU2MjFkYjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJa2vZblN15Ux90k2Odll5ovDG6W98EQxCK8Q5tEYdph1iOD/Q6JxZWZ62r2
v0M7ov6HRs5p20BEriQLtdLEpAyFWfvlLq9rg7WISoCcG7sintkL2/K/jGUkGplN
zrD5lOfpWGh892+t9WZ3659nbLFmGuEmj2LC7ACnW9IuwEr21UutmL2eCdzEqIia
oxtwlkluuELzlMR3XU0eCC/z2qkgrVGh0gUXGauFQ9NM+Ja7RHo2hv+4nXlnLuhc
54bYBKDl+YkXiLfTEPaVDwJlmN+WqGhIpFIYMUTCrgzhKYK1f4NNQ3HtYfd0DQ7Q
d+1PwMcgUiuX25UZWT5kKLkBwBcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQgJvfO
4tH7Sv3UcB/XqG/r6bpllzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTcwMzFhMDctMTJiYS00NWY4LWE1M2ItNmJkNWI3MTNjOTk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoE
MA0GCSqGSIb3DQEBCwUAA4IBAQA0GRSEsqnd4MI4pyVHHat/P2N6B5iaFGUh8DJa
k2RshIqKd8Yzm+r5FqHWOTogCeTz5Iu/G4UUHocuV232jnQYy6f+maUcZGaenzwh
JGEEnglX4RaNBNvzIZLDyJ6jz7qEu4KDpky/RhHybQmp69mWfdL/sMdBAu2WmH5J
ttjMQmciZVk3imuNDdxCKr6E9OSisIqql3WiaCkMBWZgpORmhURLn79cV215VLuf
HKzFIyLoepeMvAIIT8IRcZdRDtftsBVFq3NNigkjEtRz5p0J67ZJ4t6VnyS7uPn/
rRt9CYR7Oknn+Hx6zTtVpE+KBy4MzpRXzVXeicpzTtT5cTGF
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:48:20 2025 by rpki-client