Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
File: a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa (raw, json)
Hash identifier: bzu9bv2orIFypFeMWSMno8j/QwUyg2fHgSluk3mn2sY=
Subject key identifier: AF:7B:32:61:34:79:9A:B9:1B:F9:C2:11:E4:B1:4B:05:C0:E9:9B:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20B0CCD77322D28AD8D97416EF9B29320F9A9AE7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
Signing time: Tue 19 Aug 2025 16:50:48 +0000
ROA not before: Tue 19 Aug 2025 16:50:48 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:b0:cc:d7:73:22:d2:8a:d8:d9:74:16:ef:9b:29:32:0f:9a:9a:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:48 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=7b87d7daba467540e109bcaf9909c531f4ee0bbb55b04a42444e947e92969e37, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ab:b2:b2:a3:16:c5:40:80:b2:f0:a7:c6:48:
0b:db:a8:19:98:42:57:c6:73:9d:24:be:33:6b:71:
55:da:98:f9:ec:0f:df:03:f9:89:de:95:21:b0:0a:
53:ad:85:ed:92:36:1b:11:82:f3:3a:44:94:e9:7c:
50:7d:8f:32:3c:3c:21:26:89:67:a0:3e:19:e9:25:
fa:92:8d:fb:f7:43:1b:0b:75:13:b4:d3:e7:fb:e5:
19:0c:28:5f:a5:6b:4a:94:fc:a7:a0:b0:97:ca:7a:
b7:69:9d:62:6e:dd:dc:6c:42:9a:6d:83:34:f3:15:
33:84:0c:6c:63:aa:19:80:f7:71:e6:00:3e:b6:0c:
74:9a:bc:8d:cc:14:21:bb:f2:fa:37:64:83:1c:cc:
37:c1:20:97:56:26:10:64:00:8c:9d:ea:93:2d:4f:
f0:0c:9b:3a:90:08:0a:f4:2d:4f:cd:eb:4d:f5:2b:
5e:0b:11:e0:f6:1e:31:5d:ed:a2:69:76:cc:86:ed:
d9:e3:35:19:da:95:e3:4a:bb:8a:8f:80:15:5b:a3:
0a:df:18:6c:ab:35:a3:b7:a8:4e:33:df:44:76:41:
9b:43:f8:c6:09:0f:c2:d6:81:9a:90:d8:e0:c2:3a:
b0:95:d6:52:94:01:08:a5:df:62:91:53:39:18:c9:
80:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:7B:32:61:34:79:9A:B9:1B:F9:C2:11:E4:B1:4B:05:C0:E9:9B:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a78aefb4-d1eb-4a11-9899-bf6729e18ccd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:b000::/40
Signature Algorithm: sha256WithRSAEncryption
21:4f:ea:99:fb:67:70:a6:0e:24:f9:30:13:d0:6a:a0:53:3c:
58:6b:76:95:f8:96:ca:1c:2b:49:f9:4f:75:1a:d8:43:cc:4b:
de:9d:00:c0:6f:ad:67:a5:29:fb:2c:8c:0c:8e:cf:2d:02:ad:
7e:42:9d:1b:c2:d0:47:a5:d7:86:d7:4a:84:9e:e3:86:a9:d6:
3d:6f:fa:14:c3:b6:fb:10:dd:cd:28:4f:0a:62:53:85:87:01:
9e:0d:23:52:5f:12:d6:60:51:25:cb:69:ed:0f:56:8d:d3:1e:
e1:75:a4:11:f5:8a:5c:b3:15:0a:ea:e0:7f:bc:58:76:f1:cb:
68:1e:f2:b2:03:d8:9d:88:8f:c0:16:d8:3a:5b:6d:27:80:dc:
30:0c:29:5c:60:81:dc:9c:ae:c4:fc:cb:7a:1c:00:01:41:fe:
b7:ba:6d:ad:bb:b9:79:8c:83:8f:5b:4b:62:b2:16:77:72:e5:
54:85:84:8a:1e:c7:a9:fb:12:9b:f0:a2:1e:60:cb:f4:87:7b:
34:b8:c1:37:33:e1:32:ec:3c:f6:cb:6c:d3:5b:ef:12:74:12:
7f:cd:6e:e2:a2:29:f8:4b:47:d3:6a:23:18:75:16:6d:44:31:
3d:0b:72:3c:b1:b0:ab:25:87:89:a3:84:12:57:20:d2:d0:d5:
75:bb:15:f3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUILDM13Mi0orY2XQW75spMg+amucwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwNDhaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiODdkN2RhYmE0Njc1NDBlMTA5YmNhZjk5MDljNTMxZjRlZTBiYmI1NWIw
NGE0MjQ0NGU5NDdlOTI5NjllMzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOersrKjFsVAgLLwp8ZIC9uoGZhCV8ZznSS+M2txVdqY+ewP3wP5id6VIbAK
U62F7ZI2GxGC8zpElOl8UH2PMjw8ISaJZ6A+Gekl+pKN+/dDGwt1E7TT5/vlGQwo
X6VrSpT8p6Cwl8p6t2mdYm7d3GxCmm2DNPMVM4QMbGOqGYD3ceYAPrYMdJq8jcwU
Ibvy+jdkgxzMN8Egl1YmEGQAjJ3qky1P8AybOpAICvQtT83rTfUrXgsR4PYeMV3t
oml2zIbt2eM1GdqV40q7io+AFVujCt8YbKs1o7eoTjPfRHZBm0P4xgkPwtaBmpDY
4MI6sJXWUpQBCKXfYpFTORjJgKsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSvezJh
NHmauRv5whHksUsFwOmbEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc4YWVmYjQtZDFlYi00YTExLTk4OTktYmY2NzI5ZTE4Y2NkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSw
MA0GCSqGSIb3DQEBCwUAA4IBAQAhT+qZ+2dwpg4k+TAT0GqgUzxYa3aV+JbKHCtJ
+U91GthDzEvenQDAb61npSn7LIwMjs8tAq1+Qp0bwtBHpdeG10qEnuOGqdY9b/oU
w7b7EN3NKE8KYlOFhwGeDSNSXxLWYFEly2ntD1aN0x7hdaQR9YpcsxUK6uB/vFh2
8ctoHvKyA9idiI/AFtg6W20ngNwwDClcYIHcnK7E/Mt6HAABQf63um2tu7l5jIOP
W0tishZ3cuVUhYSKHsep+xKb8KIeYMv0h3s0uME3M+Ey7Dz2y2zTW+8SdBJ/zW7i
oin4S0fTaiMYdRZtRDE9C3I8sbCrJYeJo4QSVyDS0NV1uxXz
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:12 2025 by rpki-client