Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
File: b0fb422a-c1ce-4269-b503-2c8145fc798a.roa (raw, json)
Hash identifier: rWdMRWM/9RsI/fmv+donxyioi/jQORKeNYGWVlPhANc=
Subject key identifier: D7:96:D5:E3:60:68:05:1F:62:FB:5C:9C:2A:7C:B3:B4:79:E8:BC:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 788DE76A80C990FE728EF39F13BAF5F63E93BBAB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
Signing time: Tue 05 Aug 2025 19:21:06 +0000
ROA not before: Tue 05 Aug 2025 19:21:06 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:8d:e7:6a:80:c9:90:fe:72:8e:f3:9f:13:ba:f5:f6:3e:93:bb:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:21:06 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=cfc9624aef7c65ab8a17d0cd73c51221184aa6787933ca0390d4be7248c517e9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:49:77:91:0b:41:dc:ff:1c:f7:9e:46:3c:b0:
23:b4:a8:ac:24:c5:69:b8:dd:a6:4e:d2:d4:69:16:
e4:f2:4a:91:2d:7c:31:76:58:c0:26:c0:8f:0c:d6:
3a:7d:42:88:ea:5f:de:e7:d7:65:87:06:4d:41:6e:
c3:10:ee:2e:b1:3c:2c:63:26:79:5e:1d:a7:66:99:
d7:7d:be:58:85:bf:84:8b:21:bc:45:76:49:ee:46:
59:17:11:6d:1f:f5:cf:42:93:eb:5a:0a:2f:d5:b5:
b4:fa:f2:35:7e:2f:30:3b:3d:58:4e:ed:b3:e7:c3:
d7:ef:2a:fb:1b:91:dc:4a:98:a4:47:11:8c:7f:08:
dc:43:25:9c:7e:fb:0f:a1:03:6d:cd:68:d8:ae:ac:
13:fd:63:60:40:dd:54:45:e1:43:93:a5:03:02:86:
76:5b:ed:3b:5b:1a:6e:25:67:bd:33:cf:03:4b:a8:
45:7e:82:eb:da:72:0b:b7:a2:ae:da:1a:cd:ab:1d:
39:17:b8:97:00:93:f1:8f:71:b8:0b:04:8b:e2:b9:
75:3b:81:a9:31:7d:da:38:f6:4e:aa:05:00:51:38:
bd:66:f5:24:96:f8:04:72:fa:e1:38:79:aa:87:f4:
99:5b:85:61:a9:a5:38:d6:8e:0b:7d:6c:4c:d0:fe:
d7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:96:D5:E3:60:68:05:1F:62:FB:5C:9C:2A:7C:B3:B4:79:E8:BC:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a020::/48
Signature Algorithm: sha256WithRSAEncryption
c1:ca:18:c4:e9:63:43:55:70:19:1a:cf:6f:3d:78:05:09:72:
42:25:9d:df:25:5c:b5:e6:d0:5a:47:9c:7a:82:52:74:83:24:
8f:9e:65:d8:8e:6c:ab:53:78:53:53:1f:b4:8f:e0:bb:4c:5f:
d8:12:9a:65:05:b0:74:04:6e:41:5a:57:6f:a8:0e:ff:90:55:
a4:16:d8:32:32:b8:a1:d1:97:5b:fa:71:b0:35:ae:d7:42:de:
9a:0c:64:31:18:a2:79:e7:c9:7b:3f:fe:c2:be:73:35:ab:b0:
20:88:5d:c9:a0:d4:2c:e8:c3:80:ed:d1:86:7d:b1:b4:52:a3:
90:36:3e:e4:e3:78:4f:60:db:78:56:85:1b:7f:89:64:b6:f2:
61:c2:e4:3a:24:9c:56:d2:c7:10:35:e1:ab:ce:47:5e:28:5d:
43:68:f3:5d:01:76:6a:ff:70:24:76:1a:ea:5d:7b:60:f0:cf:
ec:ef:b5:fd:29:d2:0b:81:f8:4c:83:89:a5:65:fa:a4:67:95:
46:4b:5a:fd:e8:e2:e8:93:b8:67:ea:b9:9d:b3:57:c9:13:98:
ec:40:63:c4:ac:c2:ab:c4:59:2a:86:6c:56:e3:be:c9:b8:05:
a5:af:c3:fd:ec:0a:55:9b:6d:26:75:a1:3b:dc:f0:5a:67:67:
7c:e0:c2:87
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeI3naoDJkP5yjvOfE7r19j6Tu6swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIxMDZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmYzk2MjRhZWY3YzY1YWI4YTE3ZDBjZDczYzUxMjIxMTg0YWE2Nzg3OTMz
Y2EwMzkwZDRiZTcyNDhjNTE3ZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVJd5ELQdz/HPeeRjywI7SorCTFabjdpk7S1GkW5PJKkS18MXZYwCbAjwzW
On1CiOpf3ufXZYcGTUFuwxDuLrE8LGMmeV4dp2aZ132+WIW/hIshvEV2Se5GWRcR
bR/1z0KT61oKL9W1tPryNX4vMDs9WE7ts+fD1+8q+xuR3EqYpEcRjH8I3EMlnH77
D6EDbc1o2K6sE/1jYEDdVEXhQ5OlAwKGdlvtO1sabiVnvTPPA0uoRX6C69pyC7ei
rtoazasdORe4lwCT8Y9xuAsEi+K5dTuBqTF92jj2TqoFAFE4vWb1JJb4BHL64Th5
qof0mVuFYamlONaOC31sTND+198CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTXltXj
YGgFH2L7XJwqfLO0eei8GjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjBmYjQyMmEtYzFjZS00MjY5LWI1MDMtMmM4MTQ1ZmM3OThhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
IDANBgkqhkiG9w0BAQsFAAOCAQEAwcoYxOljQ1VwGRrPbz14BQlyQiWd3yVctebQ
WkeceoJSdIMkj55l2I5sq1N4U1MftI/gu0xf2BKaZQWwdARuQVpXb6gO/5BVpBbY
MjK4odGXW/pxsDWu10LemgxkMRiieefJez/+wr5zNauwIIhdyaDULOjDgO3Rhn2x
tFKjkDY+5ON4T2DbeFaFG3+JZLbyYcLkOiScVtLHEDXhq85HXihdQ2jzXQF2av9w
JHYa6l17YPDP7O+1/SnSC4H4TIOJpWX6pGeVRkta/eji6JO4Z+q5nbNXyROY7EBj
xKzCq8RZKoZsVuO+ybgFpa/D/ewKVZttJnWhO9zwWmdnfODChw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:07 2025 by rpki-client