Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
File: b176a187-5863-4413-a001-74ccc0321be5.roa (raw, json)
Hash identifier: S2gjkg9nd6yMoW3g4a7UcH1nos+Uin8U2cLvB1jXwgA=
Subject key identifier: B7:5E:14:F7:1A:86:5A:37:80:33:C4:8B:0D:3C:81:BF:CE:81:03:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6935323DBCC87D55DAE228FC403D32177CCE43CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
Signing time: Tue 05 Aug 2025 20:10:58 +0000
ROA not before: Tue 05 Aug 2025 20:10:58 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02c::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:35:32:3d:bc:c8:7d:55:da:e2:28:fc:40:3d:32:17:7c:ce:43:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:10:58 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=0314da10624b7f41e20c3175ed346eff5af58af75f9f9763310add02e6989bdc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:cb:27:00:8b:62:7b:56:29:5d:f7:65:c2:7e:
9b:4a:5f:da:7e:d6:b5:54:fa:68:aa:b4:12:f2:6d:
5d:99:0b:59:65:3b:8d:63:a9:bb:64:71:5e:84:de:
88:f9:40:14:30:c6:57:d6:cc:a9:9b:03:bc:43:7d:
8a:64:37:72:5c:ff:57:5d:12:73:35:5d:14:95:42:
15:f5:35:01:07:1e:da:aa:45:2e:ae:e3:0c:6e:d8:
1d:71:c8:76:f9:3c:97:06:62:fb:3a:77:d8:05:9f:
f9:f0:57:a6:cb:1c:b8:8e:d5:0b:4d:e8:45:45:d8:
9a:60:a2:56:c8:40:70:b0:24:f7:dd:30:8c:b7:4d:
22:66:ff:6e:49:b3:76:35:41:03:56:33:65:8c:5d:
ac:22:f1:de:e1:e2:38:0f:3c:71:75:6e:d8:89:5c:
9f:fd:88:6c:69:67:40:99:ee:50:ab:dc:2d:18:25:
f6:ed:39:7f:b0:b3:17:35:93:04:91:6b:50:ca:9a:
18:28:ae:2a:85:8a:0e:e9:42:36:1d:61:71:da:94:
33:e3:fc:2b:86:34:6e:db:9a:b6:78:89:34:05:c2:
a9:93:94:9c:df:0c:55:b4:19:2c:47:73:77:64:92:
29:ef:a1:2e:ac:de:7c:2e:06:f7:65:0d:d2:b2:14:
0d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:5E:14:F7:1A:86:5A:37:80:33:C4:8B:0D:3C:81:BF:CE:81:03:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b176a187-5863-4413-a001-74ccc0321be5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02c::/36
Signature Algorithm: sha256WithRSAEncryption
13:2d:fe:07:30:01:a7:da:a3:fc:5b:bb:6f:9d:21:29:6b:93:
21:52:ab:0f:c3:7c:b2:49:dd:3b:ca:a7:86:9b:22:99:84:ba:
d7:87:d4:63:8e:1b:55:98:12:69:16:e1:57:b7:15:94:56:a4:
30:a8:9e:97:0e:b3:da:b9:1d:f7:4d:e3:76:75:6c:13:5c:0f:
e4:8c:39:0d:0b:c4:71:d3:1b:5e:38:78:fe:c4:07:73:94:06:
be:80:a4:72:07:8a:fb:79:4e:07:2c:1b:b1:7e:2d:b4:58:a8:
aa:ef:29:cd:31:59:0f:61:78:34:91:04:7a:c3:d0:c5:b0:42:
8f:9d:65:e4:a9:2a:24:3b:30:cc:a6:7b:4b:cc:28:e4:5e:c6:
06:74:c3:39:7e:fa:23:9e:e6:55:24:52:1b:00:9a:f5:02:4f:
bf:ba:bb:50:d5:d5:fc:75:34:7c:77:7e:af:ad:de:f0:38:d4:
68:87:93:8b:7d:52:3c:b5:f4:21:91:2b:2e:05:5f:80:ed:3d:
05:a4:ff:b4:a6:0d:bb:21:0d:41:08:0c:f7:8f:3c:d3:5b:1a:
50:d0:9c:4f:66:1a:a7:cf:c2:9d:f6:c7:10:d6:08:78:ba:8f:
f7:b2:10:5f:c8:e4:0d:bf:1e:36:bb:fb:72:17:35:9c:20:05:
f6:44:3f:8c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaTUyPbzIfVXa4ij8QD0yF3zOQ8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDEwNThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzMTRkYTEwNjI0YjdmNDFlMjBjMzE3NWVkMzQ2ZWZmNWFmNThhZjc1Zjlm
OTc2MzMxMGFkZDAyZTY5ODliZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIbLJwCLYntWKV33ZcJ+m0pf2n7WtVT6aKq0EvJtXZkLWWU7jWOpu2RxXoTe
iPlAFDDGV9bMqZsDvEN9imQ3clz/V10SczVdFJVCFfU1AQce2qpFLq7jDG7YHXHI
dvk8lwZi+zp32AWf+fBXpsscuI7VC03oRUXYmmCiVshAcLAk990wjLdNImb/bkmz
djVBA1YzZYxdrCLx3uHiOA88cXVu2Ilcn/2IbGlnQJnuUKvcLRgl9u05f7CzFzWT
BJFrUMqaGCiuKoWKDulCNh1hcdqUM+P8K4Y0btuatniJNAXCqZOUnN8MVbQZLEdz
d2SSKe+hLqzefC4G92UN0rIUDYcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS3XhT3
GoZaN4AzxIsNPIG/zoEDQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjE3NmExODctNTg2My00NDEzLWEwMDEtNzRjY2MwMzIxYmU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CwA
MA0GCSqGSIb3DQEBCwUAA4IBAQATLf4HMAGn2qP8W7tvnSEpa5MhUqsPw3yySd07
yqeGmyKZhLrXh9RjjhtVmBJpFuFXtxWUVqQwqJ6XDrPauR33TeN2dWwTXA/kjDkN
C8Rx0xteOHj+xAdzlAa+gKRyB4r7eU4HLBuxfi20WKiq7ynNMVkPYXg0kQR6w9DF
sEKPnWXkqSokOzDMpntLzCjkXsYGdMM5fvojnuZVJFIbAJr1Ak+/urtQ1dX8dTR8
d36vrd7wONRoh5OLfVI8tfQhkSsuBV+A7T0FpP+0pg27IQ1BCAz3jzzTWxpQ0JxP
Zhqnz8Kd9scQ1gh4uo/3shBfyOQNvx42u/tyFzWcIAX2RD+M
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:16:54 2025 by rpki-client