Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
File: bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa (raw, json)
Hash identifier: lwG4+1JI1LDLhxcu8d4bNhzGdJCWAqadLs5q8sIcIo0=
Subject key identifier: 04:62:32:CC:36:7F:AA:1F:EE:9D:64:1F:15:F6:67:D8:C2:F9:F0:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78308D631A8721526B2487C77D96A80B904AD9B1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
Signing time: Fri 22 Aug 2025 15:11:21 +0000
ROA not before: Fri 22 Aug 2025 15:11:21 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:30:8d:63:1a:87:21:52:6b:24:87:c7:7d:96:a8:0b:90:4a:d9:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:11:21 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=f39117315846849f8022be63f1d7cdc076587cb4758c7951db440cb66ec6b9b2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e3:28:e0:cd:e3:9b:a0:ba:59:32:81:6a:6f:
f4:0e:10:64:c1:51:69:ea:50:85:18:ef:20:c3:48:
99:30:ab:c2:9b:01:93:44:1f:e2:6c:22:14:94:44:
ef:9f:43:a2:00:3e:aa:dd:3f:28:b3:83:6e:da:36:
00:8a:8e:c0:3b:27:f4:f0:5c:42:2e:b0:4e:29:7b:
14:e6:dc:38:f9:5b:82:b6:14:4b:63:9f:89:b8:64:
dc:e8:c6:88:27:8f:09:96:62:a3:40:e3:61:e1:e4:
2d:7c:6d:d1:ff:42:43:46:6c:a9:72:85:09:da:2f:
be:c1:6c:be:15:1d:db:b3:5a:a6:84:ae:de:c7:9f:
6f:4a:14:9b:88:80:a2:eb:df:82:17:40:a8:7b:fd:
4c:92:58:28:59:f9:a8:76:b7:05:18:59:d3:02:2b:
d5:87:3a:17:38:02:e3:b1:a8:71:b6:45:b9:fc:3a:
a5:eb:ba:88:4f:2d:f4:04:61:b7:69:3f:52:2f:be:
a5:dc:14:b7:b6:59:64:36:b6:e0:5e:5f:dc:18:71:
52:41:7b:06:a5:f1:ea:8f:c4:84:55:bc:8f:73:60:
55:07:a2:e8:22:04:91:72:18:6f:48:ae:80:1c:cd:
59:0e:6d:a4:08:50:25:ed:e5:ba:8d:28:6e:b8:ea:
89:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:62:32:CC:36:7F:AA:1F:EE:9D:64:1F:15:F6:67:D8:C2:F9:F0:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:2000::/40
Signature Algorithm: sha256WithRSAEncryption
bb:3d:ca:ae:f8:0c:4e:59:7e:0d:da:9f:1f:23:31:46:94:06:
ca:03:ee:94:7a:35:be:d7:30:31:ac:be:b1:e2:39:7c:dd:8a:
27:5e:71:e4:2e:01:e0:09:1c:e8:b2:88:73:45:60:61:7e:02:
c5:f3:92:f9:da:ee:d1:be:4c:22:6e:1a:62:f4:2d:69:a5:28:
59:0c:ea:d3:04:c8:9c:44:94:1a:85:47:56:bf:99:25:f4:93:
03:0c:d4:b4:2f:84:f9:5f:3b:63:2e:5a:19:ab:eb:af:c6:ea:
fe:6d:53:07:e2:4b:19:ac:98:e0:38:0c:f6:73:53:3f:68:00:
65:f7:7e:19:45:ec:41:7e:f4:d9:9b:fe:20:ea:17:c7:d5:1d:
25:2a:d4:44:5c:d0:21:3f:22:c4:3e:71:44:c1:f8:f7:f5:20:
28:28:10:11:0d:d4:14:6e:91:88:41:55:4d:81:d0:42:29:01:
ea:c8:86:fd:cf:84:7a:12:7f:d1:59:3c:1f:ed:ee:9b:ee:e3:
94:dd:d0:03:ce:be:34:e0:92:56:94:9a:a2:5f:e8:93:d0:33:
67:e3:55:e1:4c:df:41:7f:d9:5e:9b:0f:fd:b4:d0:15:21:89:
36:73:cb:c2:5c:3c:19:68:ec:75:fe:8e:ec:23:3d:33:ed:60:
2a:31:10:01
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeDCNYxqHIVJrJIfHfZaoC5BK2bEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTExMjFaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzOTExNzMxNTg0Njg0OWY4MDIyYmU2M2YxZDdjZGMwNzY1ODdjYjQ3NThj
Nzk1MWRiNDQwY2I2NmVjNmI5YjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANPjKODN45ugulkygWpv9A4QZMFRaepQhRjvIMNImTCrwpsBk0Qf4mwiFJRE
759DogA+qt0/KLODbto2AIqOwDsn9PBcQi6wTil7FObcOPlbgrYUS2Ofibhk3OjG
iCePCZZio0DjYeHkLXxt0f9CQ0ZsqXKFCdovvsFsvhUd27NapoSu3sefb0oUm4iA
ouvfghdAqHv9TJJYKFn5qHa3BRhZ0wIr1Yc6FzgC47GocbZFufw6peu6iE8t9ARh
t2k/Ui++pdwUt7ZZZDa24F5f3BhxUkF7BqXx6o/EhFW8j3NgVQei6CIEkXIYb0iu
gBzNWQ5tpAhQJe3luo0obrjqie8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQEYjLM
Nn+qH+6dZB8V9mfYwvnwmjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmM1OWU0MjEtYmExZC00ZjZhLWFlYmEtOWQ1YzY3M2E3MDI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAg
MA0GCSqGSIb3DQEBCwUAA4IBAQC7Pcqu+AxOWX4N2p8fIzFGlAbKA+6UejW+1zAx
rL6x4jl83YonXnHkLgHgCRzosohzRWBhfgLF85L52u7Rvkwibhpi9C1ppShZDOrT
BMicRJQahUdWv5kl9JMDDNS0L4T5XztjLloZq+uvxur+bVMH4ksZrJjgOAz2c1M/
aABl934ZRexBfvTZm/4g6hfH1R0lKtREXNAhPyLEPnFEwfj39SAoKBARDdQUbpGI
QVVNgdBCKQHqyIb9z4R6En/RWTwf7e6b7uOU3dADzr404JJWlJqiX+iT0DNn41Xh
TN9Bf9lemw/9tNAVIYk2c8vCXDwZaOx1/o7sIz0z7WAqMRAB
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:46:42 2025 by rpki-client