Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa
File: b9f26696-5522-477d-b8bf-72de7350b09a.roa (raw, json)
Hash identifier: 8NemQYWxIYAenS6U6iMXGvdTqBxDVaGPRDZnDHwlBYo=
Subject key identifier: BC:A5:4D:ED:B8:E0:8B:8C:AE:BD:5C:09:3E:DF:1C:80:01:BB:66:0B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0910AB07731CB71567B20ACBA3FCE6DDC7ED0468
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa
Signing time: Tue 05 Aug 2025 19:11:16 +0000
ROA not before: Tue 05 Aug 2025 19:11:16 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:10:ab:07:73:1c:b7:15:67:b2:0a:cb:a3:fc:e6:dd:c7:ed:04:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:11:16 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=bb50a0048fb78b8ae7f4515732bcaaf44c292403c3f6bf3ab8e234e9f145029c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:74:f8:29:29:b3:a5:65:35:74:53:c7:b8:c8:
c1:b4:b9:f7:6b:61:df:7c:c4:26:36:be:33:a0:20:
e5:61:6e:e4:24:61:4a:da:ed:c3:75:55:d6:b8:d2:
e1:2a:9b:ee:65:1a:91:15:38:64:22:06:df:53:8c:
c8:ea:6e:54:1d:fa:92:af:9c:2f:71:0c:f7:a5:b0:
99:d5:b4:dd:3c:8b:54:3f:95:ab:eb:85:7c:bd:5a:
cc:9e:9d:aa:0f:48:06:00:33:53:93:ef:92:34:a1:
12:ea:44:7d:d9:d5:65:c6:32:e2:64:6b:0b:38:69:
4c:d4:2f:fc:c8:8b:79:f8:83:32:26:2e:5c:b0:55:
31:08:80:a4:5d:92:e1:14:d2:98:ce:35:7e:e2:da:
ae:7e:83:e7:23:6c:04:92:dd:89:55:d4:f2:cf:c0:
09:9f:cb:56:3c:89:24:09:80:4d:75:37:62:83:d4:
e2:8a:1b:ca:ce:6e:20:1d:87:3f:1d:59:6f:8b:3d:
a8:72:fb:f7:8c:04:6a:b5:b8:21:d4:1a:a3:66:02:
e6:84:44:52:d0:6f:29:68:88:f8:47:0d:33:6a:e1:
ef:1b:5f:2a:52:45:40:55:59:4c:07:cf:c2:36:03:
35:ea:b7:5c:c4:77:f6:c2:f1:ef:79:75:d4:1d:44:
ec:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A5:4D:ED:B8:E0:8B:8C:AE:BD:5C:09:3E:DF:1C:80:01:BB:66:0B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b9f26696-5522-477d-b8bf-72de7350b09a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:5000::/40
Signature Algorithm: sha256WithRSAEncryption
2d:f7:3f:5b:99:3d:29:3d:b6:c7:df:f9:d6:2d:2e:e2:67:8a:
e2:07:33:64:e8:fd:d8:e0:dd:b2:e5:d0:f0:81:96:d6:c1:3f:
cd:19:76:a7:05:5f:0d:26:31:ed:ca:00:d0:eb:21:ae:e8:5b:
24:88:91:70:69:32:9c:05:42:47:82:54:41:0d:ec:fa:6f:5e:
45:87:c1:e6:24:d2:f9:86:63:7b:3a:ed:00:66:58:67:ab:d1:
48:ee:e4:fa:bd:1b:81:b4:0a:85:e3:4c:75:76:c3:29:50:9a:
ea:80:b2:df:84:cf:7e:50:cd:68:84:71:54:2a:4e:3f:d0:22:
97:66:1a:d8:9f:64:f1:b1:7c:e8:0d:4c:18:89:11:fb:90:50:
3e:4b:67:ca:a1:f8:47:14:86:45:9e:56:57:9c:6f:2a:c2:ab:
02:af:e7:47:53:52:e1:30:be:0c:f5:97:d1:1f:a6:84:e7:9d:
cc:b3:97:0e:1e:b5:93:88:2e:a6:8d:64:53:9e:63:6b:a9:27:
6e:a0:13:4d:e4:7f:1e:7f:bc:5a:95:49:a0:64:9b:c2:32:44:
7f:1a:78:c3:48:38:eb:22:d6:8e:2e:74:3a:26:bc:94:8d:00:
c3:b1:f7:0b:68:ae:95:6c:c7:a1:16:db:a5:6c:45:41:e0:42:
dc:e3:4b:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCRCrB3MctxVnsgrLo/zm3cftBGgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTExMTZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiNTBhMDA0OGZiNzhiOGFlN2Y0NTE1NzMyYmNhYWY0NGMyOTI0MDNjM2Y2
YmYzYWI4ZTIzNGU5ZjE0NTAyOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANR0+Ckps6VlNXRTx7jIwbS592th33zEJja+M6Ag5WFu5CRhStrtw3VV1rjS
4Sqb7mUakRU4ZCIG31OMyOpuVB36kq+cL3EM96WwmdW03TyLVD+Vq+uFfL1azJ6d
qg9IBgAzU5PvkjShEupEfdnVZcYy4mRrCzhpTNQv/MiLefiDMiYuXLBVMQiApF2S
4RTSmM41fuLarn6D5yNsBJLdiVXU8s/ACZ/LVjyJJAmATXU3YoPU4oobys5uIB2H
Px1Zb4s9qHL794wEarW4IdQao2YC5oREUtBvKWiI+EcNM2rh7xtfKlJFQFVZTAfP
wjYDNeq3XMR39sLx73l11B1E7AsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS8pU3t
uOCLjK69XAk+3xyAAbtmCzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjlmMjY2OTYtNTUyMi00NzdkLWI4YmYtNzJkZTczNTBiMDlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAt9z9bmT0pPbbH3/nWLS7iZ4riBzNk6P3Y4N2y
5dDwgZbWwT/NGXanBV8NJjHtygDQ6yGu6FskiJFwaTKcBUJHglRBDez6b15Fh8Hm
JNL5hmN7Ou0AZlhnq9FI7uT6vRuBtAqF40x1dsMpUJrqgLLfhM9+UM1ohHFUKk4/
0CKXZhrYn2TxsXzoDUwYiRH7kFA+S2fKofhHFIZFnlZXnG8qwqsCr+dHU1LhML4M
9ZfRH6aE553Ms5cOHrWTiC6mjWRTnmNrqSduoBNN5H8ef7xalUmgZJvCMkR/GnjD
SDjrItaOLnQ6JryUjQDDsfcLaK6VbMehFtulbEVB4ELc40v6
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:22 2025 by rpki-client