Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
File: a96d9971-6d4e-47a3-9408-d633699b643b.roa (raw, json)
Hash identifier: Yzyp/bwQ+b3CPrXlX+3mwNO2tGyxzNLFpuaxTAE/7V8=
Subject key identifier: 2D:B2:AB:E5:32:0E:C8:90:D5:FA:53:BD:94:7C:80:50:E4:EE:5D:2D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3307DEF3D788E48EDE165E33223981463E226429
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
Signing time: Tue 05 Aug 2025 19:30:57 +0000
ROA not before: Tue 05 Aug 2025 19:30:57 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:07:de:f3:d7:88:e4:8e:de:16:5e:33:22:39:81:46:3e:22:64:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:30:57 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=5f498f96e153c978afdd57ea3bb265b1e929c4ac81546df2016bf8a555169e7e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:6a:69:b9:f6:ef:46:42:ba:c1:4e:7d:04:63:
2e:0c:0c:c4:63:f3:f8:3c:5a:d8:59:43:ec:f3:28:
67:bc:52:c3:1c:61:55:43:5d:94:61:f3:a1:f7:09:
c1:30:27:d7:43:c7:24:06:c4:9d:2b:da:d8:30:ae:
19:86:de:bd:4e:bb:83:f1:e2:26:b6:e3:7a:53:24:
d6:86:e4:be:62:a3:0e:a4:05:8e:2c:b7:a7:c9:b5:
c9:ef:c1:8d:61:87:39:3f:6a:3f:f1:28:67:df:91:
e4:98:b2:b1:ad:bb:62:d1:05:9a:a8:a4:12:c1:13:
1d:4a:66:da:bb:b2:7b:9f:17:a4:8b:5a:b7:bc:24:
59:16:ea:04:16:b1:b4:a2:f2:52:22:11:9e:26:42:
a0:ae:db:5e:ce:e0:7d:16:2d:7e:b1:f9:43:00:55:
c8:f4:4e:43:0e:78:e5:02:4a:18:a6:cc:41:ec:a4:
5c:e3:ab:7c:14:f8:06:6a:35:0e:6b:30:c1:c4:c8:
6d:58:df:78:28:e7:9f:e6:b9:fc:73:29:ba:53:3e:
13:8f:d6:6f:cb:f3:51:c1:63:2a:f1:4f:8e:c4:0e:
bb:32:bf:df:3b:fc:22:bf:6c:7d:bd:cc:fa:28:82:
91:7f:b2:ff:f2:83:31:76:6e:59:84:41:de:43:a3:
e2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B2:AB:E5:32:0E:C8:90:D5:FA:53:BD:94:7C:80:50:E4:EE:5D:2D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a96d9971-6d4e-47a3-9408-d633699b643b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:2000::/40
Signature Algorithm: sha256WithRSAEncryption
a5:0f:2c:f6:ed:cb:dd:49:7b:65:bd:8b:04:7c:f0:c9:33:03:
df:48:24:d2:aa:ef:4b:93:6d:12:c2:04:4e:78:2a:fd:36:18:
e7:b3:0a:5c:e1:04:43:16:3f:24:60:8a:e7:86:11:17:ee:3b:
67:b8:5f:6b:0d:a2:f4:36:8c:c4:26:9a:ff:29:30:95:52:95:
b1:d2:0f:88:d4:a7:7f:9d:35:9b:48:15:6e:1e:ab:a2:24:5c:
32:aa:b9:4f:40:4b:35:f4:38:51:0e:59:84:ce:08:81:db:67:
ff:3c:bd:5f:0d:f5:c5:dc:22:24:44:9b:9b:fe:d0:87:26:91:
cd:fc:9a:e0:f8:51:e3:24:f1:64:51:bd:3a:20:f8:0a:f9:c8:
02:ad:3b:72:a9:72:47:19:87:9e:94:0f:5e:c1:7c:22:f3:3b:
b7:ec:c1:28:61:3f:3b:d3:ad:a7:6c:e6:14:9d:cc:64:fa:99:
79:f0:e6:b9:2f:03:a1:1d:7c:9e:02:d5:db:04:8b:4a:d8:30:
0c:27:7c:e1:92:a6:89:2c:50:ad:56:3c:72:17:f2:4b:3c:bb:
08:0e:d8:ef:fc:6e:50:88:66:2e:b6:8f:7f:7e:08:1f:ee:94:
5d:3a:9a:f0:69:e7:48:bf:5b:ed:da:5c:fa:8e:a5:f4:4f:36:
70:e3:e7:df
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMwfe89eI5I7eFl4zIjmBRj4iZCkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMwNTdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmNDk4Zjk2ZTE1M2M5NzhhZmRkNTdlYTNiYjI2NWIxZTkyOWM0YWM4MTU0
NmRmMjAxNmJmOGE1NTUxNjllN2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO5qabn270ZCusFOfQRjLgwMxGPz+Dxa2FlD7PMoZ7xSwxxhVUNdlGHzofcJ
wTAn10PHJAbEnSva2DCuGYbevU67g/HiJrbjelMk1obkvmKjDqQFjiy3p8m1ye/B
jWGHOT9qP/EoZ9+R5Jiysa27YtEFmqikEsETHUpm2ruye58XpItat7wkWRbqBBax
tKLyUiIRniZCoK7bXs7gfRYtfrH5QwBVyPROQw545QJKGKbMQeykXOOrfBT4Bmo1
DmswwcTIbVjfeCjnn+a5/HMpulM+E4/Wb8vzUcFjKvFPjsQOuzK/3zv8Ir9sfb3M
+iiCkX+y//KDMXZuWYRB3kOj4gECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQtsqvl
Mg7IkNX6U72UfIBQ5O5dLTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTk2ZDk5NzEtNmQ0ZS00N2EzLTk0MDgtZDYzMzY5OWI2NDNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H4g
MA0GCSqGSIb3DQEBCwUAA4IBAQClDyz27cvdSXtlvYsEfPDJMwPfSCTSqu9Lk20S
wgROeCr9Nhjnswpc4QRDFj8kYIrnhhEX7jtnuF9rDaL0NozEJpr/KTCVUpWx0g+I
1Kd/nTWbSBVuHquiJFwyqrlPQEs19DhRDlmEzgiB22f/PL1fDfXF3CIkRJub/tCH
JpHN/Jrg+FHjJPFkUb06IPgK+cgCrTtyqXJHGYeelA9ewXwi8zu37MEoYT87062n
bOYUncxk+pl58Oa5LwOhHXyeAtXbBItK2DAMJ3zhkqaJLFCtVjxyF/JLPLsIDtjv
/G5QiGYuto9/fggf7pRdOprwaedIv1vt2lz6jqX0TzZw4+ff
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:05 2025 by rpki-client