Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
File: b83c6ff3-492f-409c-86bf-cb90ca64f452.roa (raw, json)
Hash identifier: nEukdFmmtQ6WYaasLlo1xidMKW9tcRyJEq3Kia/4tag=
Subject key identifier: FE:56:55:06:73:BA:FB:35:03:C9:BB:E2:9A:C3:15:D0:2E:E0:F8:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 348E9084EF4F29C69091C5FF4643A7802CCF8E91
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
Signing time: Tue 19 Aug 2025 16:50:46 +0000
ROA not before: Tue 19 Aug 2025 16:50:46 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:8e:90:84:ef:4f:29:c6:90:91:c5:ff:46:43:a7:80:2c:cf:8e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:46 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=863483e547162e4e7e85aaffe2cbe859b43e370da1d4588c9c39c42c851490b7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:21:cd:e6:dc:71:3b:36:a4:71:6a:46:54:b5:
b0:be:43:e0:dc:50:8c:ba:cb:8f:dd:44:04:b1:86:
a0:dd:77:cb:a1:6e:03:42:16:ab:5b:41:20:56:b8:
74:3d:af:31:26:89:69:35:fa:65:13:44:50:ba:4b:
02:1d:9a:9f:2b:96:ea:4b:44:fc:a4:4e:69:3d:ec:
8c:8f:90:f5:74:75:c7:e6:65:60:32:3a:45:88:b4:
b5:c6:6f:44:d5:4a:75:83:fa:b9:6a:f1:36:7e:42:
f3:88:62:97:fe:7c:31:33:0e:56:a2:53:75:c2:89:
f8:31:3b:05:ce:9c:b4:99:5b:67:1f:d1:be:d2:a8:
d3:75:6b:bc:9f:ae:21:69:0c:21:ef:77:fb:a1:ec:
97:ab:85:66:70:bf:f8:9f:99:50:f6:7e:77:0a:0e:
d4:8c:0e:98:1e:e9:5c:b2:37:89:3d:a7:a4:7e:91:
85:87:4b:83:2c:03:c3:d4:0b:55:5f:d8:14:2e:dd:
05:99:fb:7d:af:aa:fc:b2:44:5d:2d:38:bb:15:bd:
f4:2e:35:1c:0f:7a:2b:48:ac:68:08:9f:da:f5:1c:
b8:50:ef:1c:40:e6:c3:de:6a:20:61:d9:8b:e5:b0:
46:53:4a:c9:d2:d0:5c:44:6c:98:71:d4:d8:e7:9b:
3a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:56:55:06:73:BA:FB:35:03:C9:BB:E2:9A:C3:15:D0:2E:E0:F8:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:e000::/40
Signature Algorithm: sha256WithRSAEncryption
15:75:20:8c:a1:55:36:10:c0:1d:f0:1c:e8:c4:ae:8f:d3:e7:
3c:a5:2d:47:dc:30:a9:b2:6b:89:a9:2e:3e:39:cf:83:d0:bd:
e9:9f:a9:7f:4c:48:46:5b:b1:f2:df:cd:04:ca:c8:dd:c2:6c:
60:5f:55:39:fe:95:19:a6:72:b4:b8:fe:19:a9:c1:67:5e:de:
2c:0f:a2:1f:0b:28:84:1b:ec:b1:35:ea:1c:ed:1e:bf:11:87:
73:f2:7a:f7:66:a8:60:5c:64:e9:08:77:0b:41:18:a4:a7:a9:
7e:9c:3b:fe:29:34:f1:3d:fd:1c:39:d4:6c:35:a4:b1:6b:28:
26:0f:2b:08:5e:eb:31:40:60:89:da:94:d0:d2:4c:8d:dc:95:
64:42:73:d8:6c:08:cf:6e:e3:94:13:a1:1c:97:aa:ee:88:44:
f8:ed:aa:4b:47:6e:ff:d9:f4:22:d1:48:52:17:cb:1d:ff:06:
b4:59:32:03:77:50:43:fc:c9:ec:39:6a:81:a8:0e:a9:5c:c1:
0b:10:d2:46:a3:0d:18:48:32:55:9b:0c:1c:6c:97:34:75:e7:
b3:bb:f9:18:49:f5:63:fb:5d:c4:a5:53:f5:34:61:dc:67:27:
a8:2b:26:3d:1e:fd:9b:45:43:50:2c:1b:53:5c:75:47:7b:6d:
1e:cd:db:11
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNI6QhO9PKcaQkcX/RkOngCzPjpEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwNDZaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2MzQ4M2U1NDcxNjJlNGU3ZTg1YWFmZmUyY2JlODU5YjQzZTM3MGRhMWQ0
NTg4YzljMzljNDJjODUxNDkwYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkhzebccTs2pHFqRlS1sL5D4NxQjLrLj91EBLGGoN13y6FuA0IWq1tBIFa4
dD2vMSaJaTX6ZRNEULpLAh2anyuW6ktE/KROaT3sjI+Q9XR1x+ZlYDI6RYi0tcZv
RNVKdYP6uWrxNn5C84hil/58MTMOVqJTdcKJ+DE7Bc6ctJlbZx/RvtKo03VrvJ+u
IWkMIe93+6Hsl6uFZnC/+J+ZUPZ+dwoO1IwOmB7pXLI3iT2npH6RhYdLgywDw9QL
VV/YFC7dBZn7fa+q/LJEXS04uxW99C41HA96K0isaAif2vUcuFDvHEDmw95qIGHZ
i+WwRlNKydLQXERsmHHU2OebOlcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT+VlUG
c7r7NQPJu+KawxXQLuD44TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjgzYzZmZjMtNDkyZi00MDljLTg2YmYtY2I5MGNhNjRmNDUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fng
MA0GCSqGSIb3DQEBCwUAA4IBAQAVdSCMoVU2EMAd8BzoxK6P0+c8pS1H3DCpsmuJ
qS4+Oc+D0L3pn6l/TEhGW7Hy380EysjdwmxgX1U5/pUZpnK0uP4ZqcFnXt4sD6If
CyiEG+yxNeoc7R6/EYdz8nr3ZqhgXGTpCHcLQRikp6l+nDv+KTTxPf0cOdRsNaSx
aygmDysIXusxQGCJ2pTQ0kyN3JVkQnPYbAjPbuOUE6Ecl6ruiET47apLR27/2fQi
0UhSF8sd/wa0WTIDd1BD/MnsOWqBqA6pXMELENJGow0YSDJVmwwcbJc0deezu/kY
SfVj+13EpVP1NGHcZyeoKyY9Hv2bRUNQLBtTXHVHe20ezdsR
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:11 2025 by rpki-client