Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa
File: b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa (raw, json)
Hash identifier: h7ZycFABAzR48UMgQc+LcXWH0NFEIJkNN98BDioA8ho=
Subject key identifier: A7:C2:B7:7C:12:33:FC:C4:76:4A:20:23:57:FB:C2:BB:8A:E2:20:38
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A419C560709B1072F40B34A41F621CA4B6FEA0B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa
Signing time: Tue 05 Aug 2025 19:10:13 +0000
ROA not before: Tue 05 Aug 2025 19:10:13 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:20c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:41:9c:56:07:09:b1:07:2f:40:b3:4a:41:f6:21:ca:4b:6f:ea:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:10:13 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=290daf4804ac485a614cdf4df90f0b621f95844769f9897c46b32b629bfab910, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e5:cf:80:25:b3:8f:8b:59:c5:ea:bb:41:2f:
a3:c5:95:b3:83:ea:d9:5d:a3:9f:6e:0c:98:a5:9a:
a8:7e:86:6a:fa:9e:82:c0:c7:a2:e7:02:55:35:83:
71:ca:58:b8:b6:11:6c:54:a6:fd:42:33:05:c4:1c:
e9:e7:9c:c5:00:87:04:65:e6:38:b7:39:7b:25:46:
61:fb:5a:68:a0:91:ab:e2:cd:71:dd:bb:15:7c:05:
8a:e1:90:97:a8:f8:fd:c5:7b:bd:df:cf:e2:45:ff:
18:a4:1e:a2:cc:22:cb:df:d8:50:25:4a:6e:b4:c6:
a9:46:37:a3:b6:19:b0:57:97:a6:79:8d:b7:8e:ec:
1f:90:a8:c5:b8:a0:3f:0c:a4:a3:b3:10:a8:87:a7:
f0:8c:8a:9f:c0:53:24:80:aa:2d:57:e7:a5:b0:0c:
b7:43:e9:4a:95:4b:f4:ba:a3:d6:30:8f:3e:63:c1:
34:07:1e:de:2f:be:50:47:b1:91:af:6f:2b:0a:e8:
52:16:98:68:5f:00:4a:96:f3:07:63:5b:88:73:ea:
79:e9:3e:ea:3f:75:d5:df:30:3a:71:23:30:07:b5:
0b:d9:b4:af:8d:d7:af:33:d5:18:33:1e:82:f0:80:
84:3a:66:d5:83:99:7f:57:a2:0d:86:10:1b:56:69:
9a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:C2:B7:7C:12:33:FC:C4:76:4A:20:23:57:FB:C2:BB:8A:E2:20:38
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0cb661c-43c3-4c2a-86e3-cc88642d6314.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:20c0::/48
Signature Algorithm: sha256WithRSAEncryption
1b:d1:e0:02:24:a1:31:19:60:ce:0d:7d:68:77:02:4f:52:8d:
a5:0f:d7:8d:09:fd:77:78:12:2e:69:1f:74:6a:06:ae:98:c1:
94:fb:a5:4c:05:e4:a9:bd:3d:e5:72:d3:20:98:08:8c:57:db:
45:b1:75:c6:f2:6a:86:fc:6a:8f:62:ab:86:d5:84:f1:b6:77:
8f:be:60:b9:a5:03:a2:44:1b:7c:a1:58:07:a0:ae:95:f5:12:
5a:72:5f:cc:a8:39:ab:1a:6b:34:b1:15:ea:5f:98:16:b1:d7:
5e:7e:2f:ca:fa:22:6c:6b:8f:cc:9c:25:7c:64:05:cd:9c:44:
a2:de:60:2f:4f:46:8a:da:ae:ba:fc:84:36:59:f4:c9:cc:d4:
13:24:22:d8:87:5a:82:ae:29:b5:fd:7c:fe:43:61:15:d3:69:
68:75:bf:fa:14:53:7c:5d:d1:d2:85:99:b4:22:12:0a:13:db:
9e:47:c6:de:88:cc:8a:7a:e5:9a:b5:9b:59:c7:56:10:a7:65:
fb:e2:fc:5a:bd:1a:6f:7f:3b:0b:51:48:c2:90:7c:c9:a8:22:
c6:18:4f:17:d0:a3:1a:74:e1:75:e6:99:e0:73:21:e1:8f:3c:
cf:47:11:e6:2c:6c:75:73:3d:6b:bb:0f:f0:c9:36:dc:15:2d:
9a:57:bd:a1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKkGcVgcJsQcvQLNKQfYhyktv6gswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTEwMTNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5MGRhZjQ4MDRhYzQ4NWE2MTRjZGY0ZGY5MGYwYjYyMWY5NTg0NDc2OWY5
ODk3YzQ2YjMyYjYyOWJmYWI5MTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJzlz4Als4+LWcXqu0Evo8WVs4Pq2V2jn24MmKWaqH6GavqegsDHoucCVTWD
ccpYuLYRbFSm/UIzBcQc6eecxQCHBGXmOLc5eyVGYftaaKCRq+LNcd27FXwFiuGQ
l6j4/cV7vd/P4kX/GKQeoswiy9/YUCVKbrTGqUY3o7YZsFeXpnmNt47sH5Coxbig
Pwyko7MQqIen8IyKn8BTJICqLVfnpbAMt0PpSpVL9Lqj1jCPPmPBNAce3i++UEex
ka9vKwroUhaYaF8ASpbzB2NbiHPqeek+6j911d8wOnEjMAe1C9m0r43XrzPVGDMe
gvCAhDpm1YOZf1eiDYYQG1ZpmuMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSnwrd8
EjP8xHZKICNX+8K7iuIgODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjBjYjY2MWMtNDNjMy00YzJhLTg2ZTMtY2M4ODY0MmQ2MzE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEg
wDANBgkqhkiG9w0BAQsFAAOCAQEAG9HgAiShMRlgzg19aHcCT1KNpQ/XjQn9d3gS
LmkfdGoGrpjBlPulTAXkqb095XLTIJgIjFfbRbF1xvJqhvxqj2KrhtWE8bZ3j75g
uaUDokQbfKFYB6CulfUSWnJfzKg5qxprNLEV6l+YFrHXXn4vyvoibGuPzJwlfGQF
zZxEot5gL09GitquuvyENln0yczUEyQi2Idagq4ptf18/kNhFdNpaHW/+hRTfF3R
0oWZtCISChPbnkfG3ojMinrlmrWbWcdWEKdl++L8Wr0ab387C1FIwpB8yagixhhP
F9CjGnThdeaZ4HMh4Y88z0cR5ixsdXM9a7sP8Mk23BUtmle9oQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:17 2025 by rpki-client