Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
File: b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa (raw, json)
Hash identifier: dcYOW+P4NgpB2BHNZVKSxsr6hn3rGlXa6+UV3iwxCy8=
Subject key identifier: DD:8E:B4:62:B7:4F:C0:12:51:13:5A:6D:D0:B8:08:0F:2D:44:B7:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 64299748374237A76D0F9AEA679BDB196789A9F3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
Signing time: Tue 05 Aug 2025 19:31:37 +0000
ROA not before: Tue 05 Aug 2025 19:31:37 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:29:97:48:37:42:37:a7:6d:0f:9a:ea:67:9b:db:19:67:89:a9:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:31:37 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=e58a235b4fba8a8e9102b7882d6f9b6f5817dcde93d761600ae13882878a88e2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9d:f1:9f:0c:d9:12:3e:1d:55:e5:b9:ef:73:
5f:1b:b2:eb:8f:cf:93:fa:71:16:b2:d1:ec:0d:81:
01:3c:23:f3:f0:e8:11:dd:ff:64:dc:13:f8:fb:e0:
20:b6:5f:f4:48:64:89:ae:21:f7:01:21:86:f3:78:
da:90:e2:9d:77:05:fa:85:09:02:e0:f8:0e:9d:b4:
14:cf:62:4c:1f:02:da:de:14:f4:a2:7c:d5:f3:6a:
15:ee:9e:d7:e7:e9:92:ea:12:20:ce:bc:15:c4:e7:
e3:2e:c6:40:4c:ba:c0:c7:bd:20:c4:87:e9:7b:94:
66:5f:bf:5b:d7:d0:1e:b5:5b:69:76:1c:f5:9d:f7:
a6:27:54:9a:9f:5a:1e:b4:6a:f2:9e:2d:74:55:06:
b6:cf:9b:ce:7d:11:21:40:54:2e:49:6b:e4:ad:ee:
d4:4d:46:45:5e:ae:8b:1c:a6:c9:fe:09:c1:ac:06:
44:d7:db:20:0e:20:5b:27:16:f1:a5:76:6d:bc:68:
1d:fb:e6:d5:89:63:72:17:6d:52:69:b6:ed:f1:0e:
09:a6:fc:1b:36:94:66:9c:73:06:2c:4c:0a:38:7f:
ce:a3:e8:ff:7b:d2:83:a1:c8:44:9f:df:3a:bc:b9:
15:fe:e5:b0:6f:a2:98:2b:36:80:db:0e:f5:f1:bb:
54:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:8E:B4:62:B7:4F:C0:12:51:13:5A:6D:D0:B8:08:0F:2D:44:B7:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
47:b3:bd:6d:38:9b:42:5a:42:fc:b9:34:33:d3:02:07:c0:40:
23:51:24:41:cd:35:ec:b4:65:e5:1c:b7:d6:c8:06:86:e7:39:
e3:c5:ed:56:8c:5b:a6:fb:a2:5d:2a:b9:6d:69:dd:12:74:21:
fb:c8:b2:54:f1:de:6d:2e:eb:72:c8:58:53:10:ee:21:5b:b2:
c4:22:f5:78:44:35:c6:be:a9:96:84:6b:79:71:40:c9:24:99:
7e:24:f5:2a:bc:63:9a:f2:80:54:7c:49:37:66:64:42:38:59:
06:e6:65:2b:b0:ef:7d:ad:8b:90:dc:e4:fc:22:bb:d7:7a:b0:
ea:9a:4e:c8:32:cc:b4:92:18:d5:4e:8c:0e:5b:50:d8:c3:2b:
da:50:3e:ed:4c:ce:96:3e:3f:77:4e:0f:6c:3c:24:a6:43:9c:
4a:7b:c8:47:dc:84:df:ea:d2:0c:95:f1:6e:c5:60:9a:2e:0a:
0b:6d:38:cf:23:04:a3:6e:33:f3:c1:6d:2c:c9:00:92:6a:71:
2a:87:5d:c3:18:1d:9f:e7:d9:a3:91:ca:17:70:32:77:a7:42:
b5:ad:5e:8d:f2:b1:a2:da:24:6e:5e:63:ba:91:2a:b1:c4:07:
c2:39:f3:d7:3d:85:05:f7:4f:bd:ea:e4:eb:b4:21:52:43:99:
13:1f:d4:3a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZCmXSDdCN6dtD5rqZ5vbGWeJqfMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMxMzdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1OGEyMzViNGZiYThhOGU5MTAyYjc4ODJkNmY5YjZmNTgxN2RjZGU5M2Q3
NjE2MDBhZTEzODgyODc4YTg4ZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKd8Z8M2RI+HVXlue9zXxuy64/Pk/pxFrLR7A2BATwj8/DoEd3/ZNwT+Pvg
ILZf9Ehkia4h9wEhhvN42pDinXcF+oUJAuD4Dp20FM9iTB8C2t4U9KJ81fNqFe6e
1+fpkuoSIM68FcTn4y7GQEy6wMe9IMSH6XuUZl+/W9fQHrVbaXYc9Z33pidUmp9a
HrRq8p4tdFUGts+bzn0RIUBULklr5K3u1E1GRV6uixymyf4JwawGRNfbIA4gWycW
8aV2bbxoHfvm1YljchdtUmm27fEOCab8GzaUZpxzBixMCjh/zqPo/3vSg6HIRJ/f
Ory5Ff7lsG+imCs2gNsO9fG7VDcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTdjrRi
t0/AElETWm3QuAgPLUS3bzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjYxZjg1OGEtMzFiMS00ODVhLThjZWQtMGMzMjhjZTljNGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9A
MA0GCSqGSIb3DQEBCwUAA4IBAQBHs71tOJtCWkL8uTQz0wIHwEAjUSRBzTXstGXl
HLfWyAaG5znjxe1WjFum+6JdKrltad0SdCH7yLJU8d5tLutyyFhTEO4hW7LEIvV4
RDXGvqmWhGt5cUDJJJl+JPUqvGOa8oBUfEk3ZmRCOFkG5mUrsO99rYuQ3OT8IrvX
erDqmk7IMsy0khjVTowOW1DYwyvaUD7tTM6WPj93Tg9sPCSmQ5xKe8hH3ITf6tIM
lfFuxWCaLgoLbTjPIwSjbjPzwW0syQCSanEqh13DGB2f59mjkcoXcDJ3p0K1rV6N
8rGi2iRuXmO6kSqxxAfCOfPXPYUF90+96uTrtCFSQ5kTH9Q6
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:17 2025 by rpki-client