Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa
File: b8a24699-2493-4e45-8227-bd2ec32f88ab.roa (raw, json)
Hash identifier: YEGm7gEoJ9/DKR6vIvYZ3iMbCTpcbpkUtInKw3SuFGo=
Subject key identifier: F2:8B:F1:A4:3C:0B:2E:BC:98:5A:D9:5E:F2:A7:DB:7C:0B:3E:C2:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 045D4B55D20A5608B7F1031B8E78EEA1755D27FF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa
Signing time: Tue 05 Aug 2025 19:20:15 +0000
ROA not before: Tue 05 Aug 2025 19:20:15 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:5d:4b:55:d2:0a:56:08:b7:f1:03:1b:8e:78:ee:a1:75:5d:27:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:20:15 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=dc86936a722c7a56a21147ad7ca959c49ebd8f1e5f58f81704dd17b77922327b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c1:24:75:f0:8e:18:df:8c:a2:d0:ad:50:c1:
1a:0d:e3:94:2c:a8:8f:13:73:40:31:b2:c0:0b:a2:
4e:f9:5a:46:a6:ad:41:28:f7:18:42:6c:63:67:76:
2a:aa:47:17:97:ee:65:e6:9e:73:58:1b:0d:60:8c:
a5:73:1d:f9:67:d3:b6:d3:8d:84:d7:e4:cd:00:37:
dd:6c:ae:eb:79:97:4e:3e:c5:7e:0d:3c:5b:e0:f8:
0c:45:38:36:3a:80:d1:c9:80:2b:c6:f9:8c:e5:92:
18:9d:a9:64:13:cf:f5:92:30:b5:bb:24:b7:b9:d1:
3a:35:28:3a:73:33:62:d5:d5:1c:12:fa:ff:53:c7:
3a:2d:82:08:f8:b0:39:05:3b:1c:a3:8d:03:e5:a4:
46:bb:57:81:ab:d2:f6:72:6d:14:72:91:2e:ad:ad:
c5:15:87:ae:fe:b3:f8:06:cf:50:a1:30:82:da:02:
f6:0a:a3:55:45:d9:2c:cd:83:7d:54:fa:8a:9f:fd:
08:f2:78:a3:f6:3c:b7:b1:03:3b:58:37:5c:7e:23:
3e:26:1a:ad:bd:ed:5e:e7:d0:1c:a5:74:fb:48:6e:
00:af:09:d6:ce:0a:15:04:72:68:64:06:45:1f:57:
54:13:bd:2e:31:fe:3a:8b:32:4b:02:33:f1:4a:87:
7f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:8B:F1:A4:3C:0B:2E:BC:98:5A:D9:5E:F2:A7:DB:7C:0B:3E:C2:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8a24699-2493-4e45-8227-bd2ec32f88ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
4c:ab:58:ac:72:08:58:72:fa:0d:1e:cb:9e:e9:3f:ce:c4:61:
f3:b6:4c:27:8f:46:5f:cf:ce:4f:c4:f0:45:e8:c1:f5:23:6d:
a6:79:4d:e6:de:c0:a3:89:96:76:c2:66:e7:c4:ab:09:67:d3:
10:b1:4d:f1:63:17:84:ae:77:f2:24:b3:df:e6:54:38:97:75:
64:b2:3e:4e:b2:a7:1d:86:60:bc:4a:d3:92:93:4c:f1:0f:71:
bc:fa:53:c7:36:dd:a8:fb:0f:fb:10:bf:e0:27:69:52:6e:19:
b5:3d:0a:64:34:15:9b:3c:61:1d:c7:84:51:7a:5a:09:e4:37:
a4:76:b6:69:65:89:87:cb:5c:fb:62:74:7f:17:3a:9c:47:7a:
2f:4b:c9:0e:24:b9:d1:d8:2f:14:e1:1a:fe:4f:e1:a5:cf:fe:
d7:a0:21:1a:98:98:9b:a5:c8:f7:6a:ec:dc:cd:e9:05:2d:4d:
ae:e2:18:51:e7:f3:45:34:3f:2f:61:1a:86:37:08:35:3a:93:
c3:16:67:cc:cc:a6:51:2e:0f:f1:f0:57:33:da:3b:4d:94:fa:
ea:52:48:a8:cf:34:d3:4f:cf:d6:fb:75:2a:c7:95:8a:aa:89:
dc:46:bc:62:9b:66:e1:63:8c:9c:62:33:02:6b:c4:91:95:5d:
01:97:80:66
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBF1LVdIKVgi38QMbjnjuoXVdJ/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIwMTVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjODY5MzZhNzIyYzdhNTZhMjExNDdhZDdjYTk1OWM0OWViZDhmMWU1ZjU4
ZjgxNzA0ZGQxN2I3NzkyMjMyN2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXBJHXwjhjfjKLQrVDBGg3jlCyojxNzQDGywAuiTvlaRqatQSj3GEJsY2d2
KqpHF5fuZeaec1gbDWCMpXMd+WfTttONhNfkzQA33Wyu63mXTj7Ffg08W+D4DEU4
NjqA0cmAK8b5jOWSGJ2pZBPP9ZIwtbskt7nROjUoOnMzYtXVHBL6/1PHOi2CCPiw
OQU7HKONA+WkRrtXgavS9nJtFHKRLq2txRWHrv6z+AbPUKEwgtoC9gqjVUXZLM2D
fVT6ip/9CPJ4o/Y8t7EDO1g3XH4jPiYarb3tXufQHKV0+0huAK8J1s4KFQRyaGQG
RR9XVBO9LjH+OosySwIz8UqHf+cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTyi/Gk
PAsuvJha2V7yp9t8Cz7CZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjhhMjQ2OTktMjQ5My00ZTQ1LTgyMjctYmQyZWMzMmY4OGFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
wDANBgkqhkiG9w0BAQsFAAOCAQEATKtYrHIIWHL6DR7Lnuk/zsRh87ZMJ49GX8/O
T8TwRejB9SNtpnlN5t7Ao4mWdsJm58SrCWfTELFN8WMXhK538iSz3+ZUOJd1ZLI+
TrKnHYZgvErTkpNM8Q9xvPpTxzbdqPsP+xC/4CdpUm4ZtT0KZDQVmzxhHceEUXpa
CeQ3pHa2aWWJh8tc+2J0fxc6nEd6L0vJDiS50dgvFOEa/k/hpc/+16AhGpiYm6XI
92rs3M3pBS1NruIYUefzRTQ/L2EahjcINTqTwxZnzMymUS4P8fBXM9o7TZT66lJI
qM8000/P1vt1KseViqqJ3Ea8Yptm4WOMnGIzAmvEkZVdAZeAZg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:10 2025 by rpki-client