Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa
File: ad017d4e-10ed-4706-a728-1b3d3feae80f.roa (raw, json)
Hash identifier: J1NAMHPDaO8e7gTlLiAE31lWKxwBMZade6r5yBezhK8=
Subject key identifier: 42:BE:0D:A2:81:3D:90:89:9F:2D:91:02:88:18:0B:A6:03:5D:39:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1DF6DE6B009435088597A727922D61453CC932C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa
Signing time: Wed 06 Aug 2025 00:51:31 +0000
ROA not before: Wed 06 Aug 2025 00:51:31 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:f6:de:6b:00:94:35:08:85:97:a7:27:92:2d:61:45:3c:c9:32:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:51:31 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=e1e09e7a0becc5445935041dacf782f59d077c9edbce559dfc2ed28dfd00924c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:91:71:89:bd:eb:95:70:d3:17:1b:5e:99:2d:
e4:ee:56:e4:02:9a:91:f4:1a:f4:02:25:b5:f7:a6:
43:95:65:fe:e9:c0:50:be:d2:0e:3a:21:59:69:c4:
f6:38:9c:39:8c:0d:2d:0b:55:0f:42:5e:dd:81:f8:
f6:09:57:13:77:0b:8b:d9:7d:23:d4:29:b2:33:e3:
6c:b5:5d:8d:5f:0b:0a:2c:13:cf:4e:84:68:80:8d:
58:03:8d:a8:41:70:c7:01:e9:27:a5:dd:ee:9a:f0:
48:a9:73:08:d6:d0:1c:1e:c8:a2:4b:44:35:a9:d8:
62:71:00:26:e5:1d:7e:9d:19:1d:5c:a1:3e:13:ab:
00:66:07:1a:42:cc:8e:1c:d3:c7:d3:e8:68:a4:4d:
ab:28:2c:59:27:2a:be:a6:41:69:8e:3e:3f:5f:2d:
22:4a:cc:0a:2e:42:d7:e2:fd:47:c1:a3:04:b0:65:
09:cc:cd:0b:2b:7c:00:5c:c5:7c:5d:cb:20:67:7c:
e3:22:61:38:e9:48:1f:32:48:6c:37:db:42:51:c7:
6a:38:93:dc:3c:28:fe:32:ca:61:3e:da:e3:5e:02:
f3:71:9d:48:76:01:e6:ae:ef:00:74:76:58:2a:a7:
d1:e4:2c:74:93:5b:80:c0:dc:31:84:19:75:2a:bc:
19:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:BE:0D:A2:81:3D:90:89:9F:2D:91:02:88:18:0B:A6:03:5D:39:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
2d:be:00:a3:d6:d2:b9:32:bf:ff:04:48:3e:1f:a1:d9:ec:72:
d0:28:82:8f:9b:0d:ca:94:3f:c9:43:72:17:ee:6f:91:ba:21:
1f:61:5c:cf:8a:96:44:1f:ea:67:4e:9c:63:87:ff:56:1a:35:
6a:1e:d9:1b:3f:19:24:9b:5c:d3:d4:c8:bb:74:92:5b:85:72:
85:e6:4a:24:89:15:02:61:1f:bf:9b:a5:0d:89:e7:d1:6a:c1:
1e:82:ee:bd:e0:ae:3b:81:49:67:74:bb:67:12:17:7b:c4:df:
9d:f2:d9:7d:73:b6:dc:41:d9:79:ae:c1:ff:cb:89:e9:e3:bb:
8a:d8:8e:68:25:89:79:11:03:c5:3a:5b:a7:1c:7b:29:d3:fc:
43:3f:c7:50:94:c8:5f:07:5b:74:b8:c4:51:7c:2b:0e:cc:09:
17:82:37:a3:3f:f6:ae:ee:81:f4:bd:83:39:10:85:21:c1:d8:
17:97:a8:60:9f:5c:40:0c:75:38:b4:7c:12:05:d8:5a:b8:0b:
b0:95:e9:a8:e5:84:19:80:85:01:1d:fd:07:d1:02:32:e9:61:
c6:e0:26:0f:e8:3a:b1:3f:64:b0:54:e2:79:69:e0:f1:aa:52:
f0:16:06:31:f8:2c:ca:19:a4:65:58:46:33:0d:b7:23:8e:a3:
e7:6d:e6:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHfbeawCUNQiFl6cnki1hRTzJMsgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUxMzFaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxZTA5ZTdhMGJlY2M1NDQ1OTM1MDQxZGFjZjc4MmY1OWQwNzdjOWVkYmNl
NTU5ZGZjMmVkMjhkZmQwMDkyNGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM6RcYm965Vw0xcbXpkt5O5W5AKakfQa9AIltfemQ5Vl/unAUL7SDjohWWnE
9jicOYwNLQtVD0Je3YH49glXE3cLi9l9I9QpsjPjbLVdjV8LCiwTz06EaICNWAON
qEFwxwHpJ6Xd7prwSKlzCNbQHB7IoktENanYYnEAJuUdfp0ZHVyhPhOrAGYHGkLM
jhzTx9PoaKRNqygsWScqvqZBaY4+P18tIkrMCi5C1+L9R8GjBLBlCczNCyt8AFzF
fF3LIGd84yJhOOlIHzJIbDfbQlHHajiT3Dwo/jLKYT7a414C83GdSHYB5q7vAHR2
WCqn0eQsdJNbgMDcMYQZdSq8GW8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRCvg2i
gT2QiZ8tkQKIGAumA105pjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWQwMTdkNGUtMTBlZC00NzA2LWE3MjgtMWIzZDNmZWFlODBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9A
MA0GCSqGSIb3DQEBCwUAA4IBAQAtvgCj1tK5Mr//BEg+H6HZ7HLQKIKPmw3KlD/J
Q3IX7m+RuiEfYVzPipZEH+pnTpxjh/9WGjVqHtkbPxkkm1zT1Mi7dJJbhXKF5kok
iRUCYR+/m6UNiefRasEegu694K47gUlndLtnEhd7xN+d8tl9c7bcQdl5rsH/y4np
47uK2I5oJYl5EQPFOlunHHsp0/xDP8dQlMhfB1t0uMRRfCsOzAkXgjejP/au7oH0
vYM5EIUhwdgXl6hgn1xADHU4tHwSBdhauAuwlemo5YQZgIUBHf0H0QIy6WHG4CYP
6DqxP2SwVOJ5aeDxqlLwFgYx+CzKGaRlWEYzDbcjjqPnbeaG
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:48:20 2025 by rpki-client