Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
File: b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa (raw, json)
Hash identifier: c7qYX3YcREt2Mlp7IhzmqnUo+C8ZP9dzw2kuLhbQ9fo=
Subject key identifier: AF:BD:7F:07:21:95:19:0A:E5:93:EC:17:BA:22:9B:7B:6E:87:84:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 238208CDA68334D333D0FB2A332CE5089033B11A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
Signing time: Tue 05 Aug 2025 20:01:00 +0000
ROA not before: Tue 05 Aug 2025 20:01:00 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:82:08:cd:a6:83:34:d3:33:d0:fb:2a:33:2c:e5:08:90:33:b1:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:01:00 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=23598ab014c81fe966d25a7bf542bc16fc54281e59e7af9abe7755983178c031, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bc:dd:b1:18:5f:bf:81:88:e8:68:30:53:b8:
31:bc:23:62:10:cc:bb:5c:0f:7b:12:c8:69:eb:a4:
4b:8c:13:9f:0f:45:78:65:8f:74:63:b6:00:c5:3b:
84:2d:09:51:18:38:c1:ab:9d:cc:7c:b6:58:eb:72:
6a:8c:63:16:d2:3d:91:3d:aa:aa:15:9f:64:a5:77:
56:25:50:81:5b:95:9b:2b:e7:c5:bd:93:e8:3a:6c:
64:0e:9f:13:65:76:cf:a9:83:16:65:71:d2:6c:84:
66:fb:75:61:8b:de:84:58:c9:9a:63:45:c4:f8:4e:
4f:58:f9:f6:06:16:00:03:c2:67:4e:e9:2f:5a:68:
e8:b6:5d:cb:24:5a:30:a7:0e:be:2e:2b:49:0a:fc:
f4:51:b8:58:b6:79:4b:d9:c6:c8:25:a2:2e:a3:72:
ed:a1:f8:dc:20:fd:61:78:2f:96:cc:11:60:50:fe:
e1:04:df:c2:c4:46:76:18:b2:fa:e2:77:c0:0f:73:
2a:13:6c:32:80:9b:d1:9f:56:05:ad:79:b6:94:ca:
f6:05:90:b8:07:d5:dc:ea:4e:b6:9d:82:e4:b9:42:
32:71:83:03:bd:63:9f:2b:44:1b:70:9e:29:0b:29:
78:a0:70:60:e5:32:b9:6d:a0:cf:d5:e7:d7:7c:d3:
f3:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:BD:7F:07:21:95:19:0A:E5:93:EC:17:BA:22:9B:7B:6E:87:84:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:800::/38
Signature Algorithm: sha256WithRSAEncryption
3e:42:b8:b6:f1:be:5a:53:17:a9:ea:2f:6c:22:e2:05:47:7b:
7a:e6:b9:a5:9c:e0:5b:4f:a1:c2:ef:df:23:f9:13:e0:2f:7a:
83:46:86:df:a0:16:75:dc:12:80:bb:be:48:fe:28:97:d3:4e:
ec:6d:94:02:55:fc:1d:8c:01:6c:45:36:ea:87:32:74:33:f1:
74:d9:24:c0:0d:00:74:d6:a5:95:2d:33:43:b0:e4:7e:35:31:
ec:6f:0a:14:4e:4d:1a:11:f3:a1:f2:74:1f:77:03:3d:1a:2f:
d1:69:fb:82:78:66:a3:f7:ab:f9:1c:40:bb:96:76:e4:f3:ed:
40:83:0e:6c:22:9b:16:40:00:db:59:8a:78:ac:e2:66:3c:3e:
97:de:18:27:0f:79:84:f2:e1:c3:54:dc:e3:b0:c1:eb:76:c8:
57:c2:6c:26:7e:d1:ff:b8:6c:de:82:9a:c5:9b:60:3e:5f:ba:
61:84:ea:9a:8c:6a:df:52:14:5a:11:04:c2:e2:d5:c4:b3:61:
59:6c:42:e9:99:b4:4a:ac:77:ff:86:e3:f3:6f:6d:78:3e:06:
7a:b5:89:e3:9a:e7:e3:ae:1e:e8:2a:53:6f:b3:4b:d2:05:10:
fe:58:8a:55:a0:73:c2:0b:11:fb:2b:0e:30:14:44:5e:c3:0d:
c0:f9:2d:11
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUI4IIzaaDNNMz0PsqMyzlCJAzsRowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAxMDBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzNTk4YWIwMTRjODFmZTk2NmQyNWE3YmY1NDJiYzE2ZmM1NDI4MWU1OWU3
YWY5YWJlNzc1NTk4MzE3OGMwMzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIq83bEYX7+BiOhoMFO4MbwjYhDMu1wPexLIaeukS4wTnw9FeGWPdGO2AMU7
hC0JURg4waudzHy2WOtyaoxjFtI9kT2qqhWfZKV3ViVQgVuVmyvnxb2T6DpsZA6f
E2V2z6mDFmVx0myEZvt1YYvehFjJmmNFxPhOT1j59gYWAAPCZ07pL1po6LZdyyRa
MKcOvi4rSQr89FG4WLZ5S9nGyCWiLqNy7aH43CD9YXgvlswRYFD+4QTfwsRGdhiy
+uJ3wA9zKhNsMoCb0Z9WBa15tpTK9gWQuAfV3OpOtp2C5LlCMnGDA71jnytEG3Ce
KQspeKBwYOUyuW2gz9Xn13zT8y0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSvvX8H
IZUZCuWT7Be6Ipt7boeE3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yjc2NjgzZmItZDQxZi00YmZkLWJhNzgtYjRiMjQ5MmFjZDFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4I
MA0GCSqGSIb3DQEBCwUAA4IBAQA+Qri28b5aUxep6i9sIuIFR3t65rmlnOBbT6HC
798j+RPgL3qDRobfoBZ13BKAu75I/iiX007sbZQCVfwdjAFsRTbqhzJ0M/F02STA
DQB01qWVLTNDsOR+NTHsbwoUTk0aEfOh8nQfdwM9Gi/RafuCeGaj96v5HEC7lnbk
8+1Agw5sIpsWQADbWYp4rOJmPD6X3hgnD3mE8uHDVNzjsMHrdshXwmwmftH/uGze
gprFm2A+X7phhOqajGrfUhRaEQTC4tXEs2FZbELpmbRKrHf/huPzb214PgZ6tYnj
mufjrh7oKlNvs0vSBRD+WIpVoHPCCxH7Kw4wFEReww3A+S0R
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:48:21 2025 by rpki-client