Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
File: b01a5a70-e8bc-4c88-8f86-597d891eae77.roa (raw, json)
Hash identifier: LZj10VMrK/1y/6UbNfw/2cHxmonQtjA1xzo3Z1tAVsU=
Subject key identifier: 4C:27:95:41:7F:66:3A:03:84:82:53:4D:92:9B:26:5A:70:28:99:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 623FF1A5C8F59AD1D40F07B37DEC1716E3DB96F6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
Signing time: Tue 05 Aug 2025 19:21:08 +0000
ROA not before: Tue 05 Aug 2025 19:21:08 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:3f:f1:a5:c8:f5:9a:d1:d4:0f:07:b3:7d:ec:17:16:e3:db:96:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:21:08 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=efadd54b4eea9ea348927d462e36c8b664b5b3a0621a434f64deef0eae815108, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:58:47:2f:70:a7:cb:47:e4:96:e9:24:fb:d4:
c3:3a:e1:83:27:fc:a1:1a:56:00:d0:17:5b:f5:a5:
2e:be:6a:1a:87:4b:dc:50:d4:be:ec:56:e8:22:09:
71:6b:20:9e:f6:1d:17:17:a9:84:23:07:36:55:85:
4f:5e:33:7c:02:65:8d:dc:1d:02:cb:3c:65:2e:63:
ed:63:f2:89:70:b1:15:1a:60:a0:46:60:91:04:97:
3a:3d:b4:0c:3f:57:4f:e8:49:cf:a8:25:d5:aa:ad:
d6:84:d8:6e:e6:bc:aa:3f:72:05:a5:fb:32:ba:38:
7c:a2:9a:08:31:58:62:84:74:44:6c:33:bd:84:fb:
81:58:d7:b7:52:6f:ee:72:ce:70:32:e0:91:9c:80:
28:18:58:6e:ae:be:e0:11:e0:05:e2:13:d1:70:c6:
e6:8c:ca:0c:56:62:74:23:e2:75:a4:05:f4:1a:80:
a3:7f:f1:34:ea:14:80:62:fc:02:eb:0d:4c:b2:16:
2b:85:9a:37:fb:7a:b7:c4:09:52:91:57:e9:a0:92:
35:d2:61:29:45:54:c7:71:00:af:4e:cd:78:88:3f:
b8:00:96:9e:71:0e:88:67:9c:f4:a4:aa:6c:a1:e3:
1d:3a:04:1f:00:15:07:b0:b4:44:98:db:fd:9b:66:
23:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:27:95:41:7F:66:3A:03:84:82:53:4D:92:9B:26:5A:70:28:99:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2080::/48
Signature Algorithm: sha256WithRSAEncryption
27:d9:58:0d:4c:8b:4b:5d:64:70:8c:60:02:56:d0:10:81:30:
c8:ba:c4:d7:33:de:5c:4b:da:27:e1:34:16:26:86:df:1e:41:
a1:46:5a:53:a9:a6:c1:a7:6f:56:03:c1:e1:a8:93:d6:54:3c:
03:22:e2:7e:49:8d:9c:70:1d:de:bc:83:25:4a:d7:35:d9:cc:
9e:19:e5:50:91:2e:77:90:0a:df:9c:b5:d6:bf:0c:5e:70:e3:
32:b6:d4:34:c9:1a:c7:98:25:41:19:16:61:2a:b0:88:c6:72:
76:33:69:54:2d:45:5f:67:da:d8:50:36:6e:d5:11:b6:66:9e:
b1:5a:c0:43:57:2b:ae:2d:ca:c2:2c:9d:49:72:a4:fb:a5:58:
e7:c3:28:f4:8c:ff:72:ca:7a:62:7d:15:b7:6c:41:d8:85:e1:
42:35:2b:61:73:56:4d:66:51:8f:36:1c:23:92:05:fa:91:a2:
dc:88:e6:19:60:2d:ee:af:0c:e9:42:69:25:38:52:2b:07:e2:
49:b9:f9:f2:66:f3:8c:62:e3:a8:09:26:e7:b2:04:64:c7:f7:
b4:2f:05:a6:96:29:ac:f6:7a:7b:3e:1f:db:8a:dd:ab:23:b7:
ee:31:1d:d8:6c:58:b9:cb:f3:57:77:d8:6b:c6:97:5e:fd:ed:
49:fb:04:ba
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYj/xpcj1mtHUDwezfewXFuPblvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIxMDhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmYWRkNTRiNGVlYTllYTM0ODkyN2Q0NjJlMzZjOGI2NjRiNWIzYTA2MjFh
NDM0ZjY0ZGVlZjBlYWU4MTUxMDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFYRy9wp8tH5JbpJPvUwzrhgyf8oRpWANAXW/WlLr5qGodL3FDUvuxW6CIJ
cWsgnvYdFxephCMHNlWFT14zfAJljdwdAss8ZS5j7WPyiXCxFRpgoEZgkQSXOj20
DD9XT+hJz6gl1aqt1oTYbua8qj9yBaX7Mro4fKKaCDFYYoR0RGwzvYT7gVjXt1Jv
7nLOcDLgkZyAKBhYbq6+4BHgBeIT0XDG5ozKDFZidCPidaQF9BqAo3/xNOoUgGL8
AusNTLIWK4WaN/t6t8QJUpFX6aCSNdJhKUVUx3EAr07NeIg/uACWnnEOiGec9KSq
bKHjHToEHwAVB7C0RJjb/ZtmIxsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRMJ5VB
f2Y6A4SCU02SmyZacCiZRjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjAxYTVhNzAtZThiYy00Yzg4LThmODYtNTk3ZDg5MWVhZTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
gDANBgkqhkiG9w0BAQsFAAOCAQEAJ9lYDUyLS11kcIxgAlbQEIEwyLrE1zPeXEva
J+E0FiaG3x5BoUZaU6mmwadvVgPB4aiT1lQ8AyLifkmNnHAd3ryDJUrXNdnMnhnl
UJEud5AK35y11r8MXnDjMrbUNMkax5glQRkWYSqwiMZydjNpVC1FX2fa2FA2btUR
tmaesVrAQ1crri3KwiydSXKk+6VY58Mo9Iz/csp6Yn0Vt2xB2IXhQjUrYXNWTWZR
jzYcI5IF+pGi3IjmGWAt7q8M6UJpJThSKwfiSbn58mbzjGLjqAkm57IEZMf3tC8F
ppYprPZ6ez4f24rdqyO37jEd2GxYucvzV3fYa8aXXv3tSfsEug==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:04 2025 by rpki-client