Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
File: bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa (raw, json)
Hash identifier: 8MWiyjgP2AU0Vz0nM29M0c8rqWjWtCVVVF1Iz9dUH58=
Subject key identifier: CA:DB:6C:EE:BD:1B:68:C0:78:CE:12:E9:E4:86:A8:AB:88:4C:E3:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5BC21F88DA7F11A0F6C88AD1A62F2AB694783884
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
Signing time: Tue 05 Aug 2025 19:50:19 +0000
ROA not before: Tue 05 Aug 2025 19:50:19 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:c2:1f:88:da:7f:11:a0:f6:c8:8a:d1:a6:2f:2a:b6:94:78:38:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:50:19 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=c0a583d0d69f261a961a6cf267859e1984db589ea2b4a0ec718bc56a19c5fbc2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:38:6b:8e:ca:da:bd:7f:95:81:3f:ac:6c:23:
c3:19:b6:06:36:7b:e2:89:01:90:ba:95:b4:0d:4d:
55:bb:5f:1a:92:e4:84:ce:6c:af:2a:62:cc:52:44:
d6:dd:cf:cb:62:de:48:8b:f5:bc:cb:15:81:09:86:
90:19:6a:36:c8:30:7e:f9:62:fb:4d:02:c7:4e:ee:
46:b7:f7:5c:e0:9d:8f:ce:12:8c:bb:6a:94:f7:25:
f3:24:9f:ce:96:9b:2a:35:e9:62:45:c0:1f:69:0d:
e2:73:19:00:e9:c9:05:7f:8b:94:2d:f8:81:e9:70:
cf:ef:81:54:26:eb:42:53:8f:6f:dd:28:51:68:3c:
0f:d8:95:fb:b2:2b:e8:9b:b7:44:a3:77:a0:42:39:
f0:47:4d:44:0f:0e:08:ff:ca:80:07:41:be:77:a0:
c4:b4:73:f5:7e:d4:64:e9:c6:3c:f6:ba:13:52:f9:
5e:70:39:50:a7:40:93:dc:21:17:76:cb:6e:cd:c6:
15:5d:af:99:02:92:24:13:50:c8:b4:1b:ba:1c:9f:
d0:35:fc:cf:76:d0:ba:47:f2:05:77:2f:d6:3b:94:
fe:2b:f5:d8:ec:4b:76:32:7e:03:e9:0c:f0:4d:9d:
27:0d:97:5e:72:74:1b:c7:0b:c2:d8:b8:ff:1e:dc:
af:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:DB:6C:EE:BD:1B:68:C0:78:CE:12:E9:E4:86:A8:AB:88:4C:E3:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:4000::/40
Signature Algorithm: sha256WithRSAEncryption
bb:e2:db:7a:ce:ef:87:61:6b:7d:25:41:76:a8:d6:f0:84:f7:
74:6d:b3:7c:d8:3e:2d:04:20:18:10:2e:d5:d5:08:a7:91:5f:
33:39:db:aa:42:e8:be:23:9e:89:96:f2:91:78:8e:d3:0d:1b:
a0:48:89:8b:bf:fd:13:78:83:c4:65:e2:7b:fc:77:50:02:09:
c9:64:1b:d4:24:ec:87:44:5a:5d:5c:78:b9:79:a8:6e:24:43:
8b:92:67:87:00:66:79:76:12:53:76:18:1a:7b:74:d6:96:a5:
04:23:14:2c:9f:7d:8e:80:ac:10:22:3a:37:a3:81:c9:76:9e:
47:51:8f:43:22:cb:42:dc:0f:fb:3e:7a:51:7f:30:90:af:54:
1a:23:79:56:d3:6b:82:16:de:e9:61:29:15:d6:99:c1:cf:b8:
18:e7:f6:43:1a:61:cd:96:50:c8:35:04:bb:6c:3a:fe:26:56:
93:a4:c3:d5:b6:e6:4c:df:81:c7:47:29:87:89:31:36:3f:4b:
b1:99:1e:b5:c8:d5:ce:eb:29:68:26:17:43:ee:4d:e7:04:05:
ea:0d:37:ff:e0:19:5e:c0:f8:9c:85:85:97:9c:aa:c7:50:0a:
f4:f7:23:f5:dd:c8:5b:fd:e5:f5:4e:0a:8d:8b:a9:a6:22:f1:
0b:35:0d:9b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW8IfiNp/EaD2yIrRpi8qtpR4OIQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUwMTlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwYTU4M2QwZDY5ZjI2MWE5NjFhNmNmMjY3ODU5ZTE5ODRkYjU4OWVhMmI0
YTBlYzcxOGJjNTZhMTljNWZiYzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMs4a47K2r1/lYE/rGwjwxm2BjZ74okBkLqVtA1NVbtfGpLkhM5srypizFJE
1t3Py2LeSIv1vMsVgQmGkBlqNsgwfvli+00Cx07uRrf3XOCdj84SjLtqlPcl8ySf
zpabKjXpYkXAH2kN4nMZAOnJBX+LlC34gelwz++BVCbrQlOPb90oUWg8D9iV+7Ir
6Ju3RKN3oEI58EdNRA8OCP/KgAdBvnegxLRz9X7UZOnGPPa6E1L5XnA5UKdAk9wh
F3bLbs3GFV2vmQKSJBNQyLQbuhyf0DX8z3bQukfyBXcv1juU/iv12OxLdjJ+A+kM
8E2dJw2XXnJ0G8cLwti4/x7cr/8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTK22zu
vRtowHjOEunkhqiriEzjFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmIyMTcxMGEtYTM3YS00NDc2LWFiNmItM2QwNzllOWQxY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5A
MA0GCSqGSIb3DQEBCwUAA4IBAQC74tt6zu+HYWt9JUF2qNbwhPd0bbN82D4tBCAY
EC7V1QinkV8zOduqQui+I56JlvKReI7TDRugSImLv/0TeIPEZeJ7/HdQAgnJZBvU
JOyHRFpdXHi5eahuJEOLkmeHAGZ5dhJTdhgae3TWlqUEIxQsn32OgKwQIjo3o4HJ
dp5HUY9DIstC3A/7PnpRfzCQr1QaI3lW02uCFt7pYSkV1pnBz7gY5/ZDGmHNllDI
NQS7bDr+JlaTpMPVtuZM34HHRymHiTE2P0uxmR61yNXO6yloJhdD7k3nBAXqDTf/
4BlewPichYWXnKrHUAr09yP13chb/eX1TgqNi6mmIvELNQ2b
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:48:22 2025 by rpki-client