Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
File: a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa (raw, json)
Hash identifier: i+SPC2ZEs4swhpcYGRdU1M3dExafmS81fcAcYrZenHA=
Subject key identifier: 9C:CC:C8:E2:E9:8A:EE:78:34:0A:52:AF:4C:3E:5C:5E:7B:D6:94:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 648407FA7EB40EE1F661FFC6419EE7E2AE1E6C24
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
Signing time: Fri 22 Aug 2025 15:10:49 +0000
ROA not before: Fri 22 Aug 2025 15:10:49 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:84:07:fa:7e:b4:0e:e1:f6:61:ff:c6:41:9e:e7:e2:ae:1e:6c:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:49 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=183e48610b19b029e091c2d87ba6027104818380d601ddb2bad48340d1b30be5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:4c:03:82:4b:98:62:c0:d7:74:2f:50:68:79:
d2:86:e3:55:df:24:79:3e:4d:96:b3:97:e9:ac:d0:
18:6f:34:46:9a:38:90:48:45:9f:21:66:12:4e:44:
da:52:24:a8:8d:84:cb:2d:4b:74:2a:a1:59:7c:5b:
e7:f5:4a:90:8d:eb:80:1b:a8:2f:f4:38:99:20:23:
28:fe:07:07:c7:ed:62:3e:02:7a:1e:50:4e:0d:74:
85:18:1a:69:60:a1:15:d1:19:bf:e8:6c:f6:32:d3:
9f:bc:46:4c:e3:11:42:ca:14:ad:b5:37:80:b4:f6:
03:55:74:b5:f1:24:01:18:d8:ce:71:04:13:c5:92:
5b:ef:88:77:a1:65:52:54:cf:8a:97:8a:6d:c0:24:
71:67:d2:3c:20:45:76:49:7b:6f:29:6a:7e:5b:ce:
bb:79:7d:3b:43:d8:83:bb:7f:d8:0d:97:7d:17:2d:
e8:8a:4b:97:ab:6b:d8:e8:ca:00:5b:78:39:93:18:
ea:1d:50:35:32:fc:97:cd:8b:94:78:84:9b:ce:f7:
6d:ed:0c:f0:d2:5c:9d:c6:5a:60:77:2c:4c:0b:da:
be:42:73:4a:e7:6e:e1:7e:74:50:de:94:72:08:f8:
23:fe:3a:3c:2b:bb:99:6a:b2:72:1d:41:f1:a9:76:
45:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:CC:C8:E2:E9:8A:EE:78:34:0A:52:AF:4C:3E:5C:5E:7B:D6:94:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:2000::/48
Signature Algorithm: sha256WithRSAEncryption
34:9f:ac:9d:65:d8:87:24:a3:f1:92:24:8e:24:37:b9:f1:8b:
e8:3f:2f:72:0f:07:8d:0a:63:c1:42:bb:2e:96:31:19:bc:c9:
3b:8a:df:8a:bf:56:31:03:64:9d:dd:64:de:1e:01:5f:6f:86:
36:d3:01:49:37:5e:52:3f:48:bb:5e:28:ba:d4:e3:2a:3d:be:
d0:2d:99:9f:6f:35:57:86:50:b0:02:08:85:d5:24:79:96:3d:
d7:0b:90:cd:da:30:68:f6:33:58:8f:b2:9a:6e:ff:a6:1b:2f:
46:19:b5:53:a2:d8:56:2d:05:e9:6c:6b:44:15:98:f0:c1:de:
55:27:26:44:10:ce:3f:dc:0b:73:a9:4a:98:29:18:3b:dd:a3:
f0:ca:d8:c6:0a:24:99:54:0d:c4:4c:f6:9d:4c:5a:7d:17:5c:
74:84:73:8f:6a:d0:43:ed:42:f3:4e:9e:58:5e:d3:24:ab:7a:
ee:5f:66:11:39:1a:61:98:05:89:41:c8:4f:e4:e8:81:6c:d4:
b9:12:79:54:e8:95:b6:fb:59:4c:77:a4:3d:7a:50:19:75:ae:
35:8e:fc:20:84:f5:f2:7a:b0:8d:a9:b4:9a:cb:4c:c1:07:e7:
c0:e8:76:be:04:01:55:ea:00:c3:02:3b:b7:88:09:cb:9a:14:
c5:bb:94:c6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZIQH+n60DuH2Yf/GQZ7n4q4ebCQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwNDlaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4M2U0ODYxMGIxOWIwMjllMDkxYzJkODdiYTYwMjcxMDQ4MTgzODBkNjAx
ZGRiMmJhZDQ4MzQwZDFiMzBiZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOpMA4JLmGLA13QvUGh50objVd8keT5NlrOX6azQGG80Rpo4kEhFnyFmEk5E
2lIkqI2Eyy1LdCqhWXxb5/VKkI3rgBuoL/Q4mSAjKP4HB8ftYj4Ceh5QTg10hRga
aWChFdEZv+hs9jLTn7xGTOMRQsoUrbU3gLT2A1V0tfEkARjYznEEE8WSW++Id6Fl
UlTPipeKbcAkcWfSPCBFdkl7bylqflvOu3l9O0PYg7t/2A2XfRct6IpLl6tr2OjK
AFt4OZMY6h1QNTL8l82LlHiEm873be0M8NJcncZaYHcsTAvavkJzSudu4X50UN6U
cgj4I/46PCu7mWqych1B8al2RQsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSczMji
6YrueDQKUq9MPlxee9aUyjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc5NzVhYmUtMGNkOC00NTkwLWI1OGItNzAzZmE1ZjRiZGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HYg
ADANBgkqhkiG9w0BAQsFAAOCAQEANJ+snWXYhySj8ZIkjiQ3ufGL6D8vcg8HjQpj
wUK7LpYxGbzJO4rfir9WMQNknd1k3h4BX2+GNtMBSTdeUj9Iu14outTjKj2+0C2Z
n281V4ZQsAIIhdUkeZY91wuQzdowaPYzWI+ymm7/phsvRhm1U6LYVi0F6WxrRBWY
8MHeVScmRBDOP9wLc6lKmCkYO92j8MrYxgokmVQNxEz2nUxafRdcdIRzj2rQQ+1C
806eWF7TJKt67l9mETkaYZgFiUHIT+TogWzUuRJ5VOiVtvtZTHekPXpQGXWuNY78
IIT18nqwjam0mstMwQfnwOh2vgQBVeoAwwI7t4gJy5oUxbuUxg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:35:19 2025 by rpki-client