Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
File: ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa (raw, json)
Hash identifier: 3Rj560BlgrQc7+bFE7Ft1hhPRqVcheyXY6slzF9YnDY=
Subject key identifier: 49:CD:74:B3:AA:17:58:E6:1A:2A:45:81:6C:95:1D:D1:27:1F:A2:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07AFE6B9FBB3B02236E88987E481392DFB40B1F3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
Signing time: Fri 22 Aug 2025 15:11:14 +0000
ROA not before: Fri 22 Aug 2025 15:11:14 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:af:e6:b9:fb:b3:b0:22:36:e8:89:87:e4:81:39:2d:fb:40:b1:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:11:14 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=aec168fc87793fe2b00b97c9ff912fa94ce0477b595d07fcda8532c8c3c8dbdd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b8:df:6b:12:48:86:31:79:07:12:04:bc:0b:
d4:0e:83:e2:f3:cb:22:ba:68:b7:46:0a:77:95:bb:
ad:ac:00:e1:4d:c7:5b:8a:80:ed:f5:2a:d6:04:a4:
b6:23:19:a1:2e:a0:56:3e:11:2f:1d:95:2f:5a:62:
b2:ae:6e:4f:ca:dd:cf:8a:fa:c0:71:19:ad:95:c7:
6a:3a:f6:c0:92:bb:dd:fc:1e:37:47:a0:0b:bf:90:
fc:51:fa:a8:13:d3:c4:75:3a:44:31:82:95:93:86:
89:0d:3e:3b:e1:8b:9a:11:16:1f:b6:4d:8a:0b:64:
9c:3f:be:ad:3d:99:38:85:2f:79:e4:75:02:dd:f7:
40:64:0a:54:fc:91:fa:e4:cb:b8:71:d1:c2:ba:6f:
eb:65:07:67:e2:d0:62:03:db:e2:be:c5:12:86:3b:
82:f6:64:5b:48:a5:a1:4b:3e:72:01:ba:90:00:ff:
b5:d5:6b:19:9c:34:cd:75:5d:3e:b3:b3:72:87:b9:
75:ac:a2:37:08:fa:0a:1b:60:29:88:f9:0c:62:3a:
ad:3a:77:7e:18:e1:52:62:69:43:0d:21:b2:9e:32:
c7:f6:7f:66:d0:83:fd:59:1a:e8:44:56:a0:84:b4:
33:5e:c2:52:6c:4d:a8:fe:b9:67:01:c6:c9:bb:e7:
f8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:CD:74:B3:AA:17:58:E6:1A:2A:45:81:6C:95:1D:D1:27:1F:A2:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8000::/40
Signature Algorithm: sha256WithRSAEncryption
7b:10:d4:fa:7f:06:16:10:28:f4:b4:8e:46:88:0c:48:07:bf:
3e:c0:e4:e2:4a:65:7f:c3:4f:fa:de:9b:7c:96:69:1c:26:a4:
8d:8d:cc:3b:ac:24:45:2e:7c:94:75:86:70:24:1a:cb:56:be:
34:38:28:c0:92:34:1f:02:4b:f0:ab:3b:33:14:00:45:53:54:
2c:9a:47:cc:47:71:c5:0d:3b:9b:04:26:a6:60:a9:74:f4:c6:
be:ee:c0:55:5c:1f:ee:5c:c4:eb:36:91:68:a8:aa:7c:63:8f:
79:34:1d:bc:d3:fe:0c:74:fe:d7:0d:3a:b0:d8:a2:4f:6d:d7:
5b:c2:8e:8e:50:80:d6:10:8e:b3:6b:d5:c8:f6:f3:71:bf:f9:
a1:b0:dc:b3:fc:c9:df:f3:03:b4:56:bd:8b:d6:35:dc:43:e8:
08:f8:85:5c:9f:a3:26:f7:72:c4:29:a1:75:75:d3:24:24:51:
32:b7:47:fb:10:bb:b8:60:23:13:6e:69:cf:77:ae:51:ba:d2:
b9:71:49:1f:01:48:7b:db:0b:a6:b6:6d:f3:30:31:e0:ab:09:
c5:73:94:f6:b2:e1:c8:c5:97:ef:54:e5:18:08:68:42:ee:2d:
55:ff:2a:4a:7a:cf:67:b6:8c:48:c8:81:39:34:35:c4:ee:d0:
e8:73:e4:2d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUB6/mufuzsCI26ImH5IE5LftAsfMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTExMTRaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlYzE2OGZjODc3OTNmZTJiMDBiOTdjOWZmOTEyZmE5NGNlMDQ3N2I1OTVk
MDdmY2RhODUzMmM4YzNjOGRiZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+432sSSIYxeQcSBLwL1A6D4vPLIrpot0YKd5W7rawA4U3HW4qA7fUq1gSk
tiMZoS6gVj4RLx2VL1pisq5uT8rdz4r6wHEZrZXHajr2wJK73fweN0egC7+Q/FH6
qBPTxHU6RDGClZOGiQ0+O+GLmhEWH7ZNigtknD++rT2ZOIUveeR1At33QGQKVPyR
+uTLuHHRwrpv62UHZ+LQYgPb4r7FEoY7gvZkW0iloUs+cgG6kAD/tdVrGZw0zXVd
PrOzcoe5dayiNwj6ChtgKYj5DGI6rTp3fhjhUmJpQw0hsp4yx/Z/ZtCD/Vka6ERW
oIS0M17CUmxNqP65ZwHGybvn+JsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRJzXSz
qhdY5hoqRYFslR3RJx+ikzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWM3ZDE2NTMtMmZhMy00ODE3LThlMDAtODdlNmMzZjJhOWMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSA
MA0GCSqGSIb3DQEBCwUAA4IBAQB7ENT6fwYWECj0tI5GiAxIB78+wOTiSmV/w0/6
3pt8lmkcJqSNjcw7rCRFLnyUdYZwJBrLVr40OCjAkjQfAkvwqzszFABFU1QsmkfM
R3HFDTubBCamYKl09Ma+7sBVXB/uXMTrNpFoqKp8Y495NB280/4MdP7XDTqw2KJP
bddbwo6OUIDWEI6za9XI9vNxv/mhsNyz/Mnf8wO0Vr2L1jXcQ+gI+IVcn6Mm93LE
KaF1ddMkJFEyt0f7ELu4YCMTbmnPd65RutK5cUkfAUh72wumtm3zMDHgqwnFc5T2
suHIxZfvVOUYCGhC7i1V/ypKes9ntoxIyIE5NDXE7tDoc+Qt
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:35:19 2025 by rpki-client