Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
File: bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa (raw, json)
Hash identifier: TmcGlk6zOwV77H+orAQtPKjmpwSinlF9pAkTf8U/Lh4=
Subject key identifier: CC:AC:1F:34:67:23:7D:6B:EC:2B:33:06:64:E6:82:54:EA:2F:78:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34E6C53673E000120E4486C710A810D07DA70FC2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
Signing time: Tue 05 Aug 2025 19:51:32 +0000
ROA not before: Tue 05 Aug 2025 19:51:32 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:e6:c5:36:73:e0:00:12:0e:44:86:c7:10:a8:10:d0:7d:a7:0f:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:51:32 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=2369fac38e1019b11512d900c66bb14c6efff46a56ddf33e8873dc9b0123e6e1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f2:ca:b2:df:0a:c4:d4:0b:20:b8:9e:b5:fd:
3f:10:7b:56:b1:2d:64:ff:23:0b:f7:61:6e:45:e8:
d2:c6:8e:78:c5:0d:32:27:98:dc:13:f4:c7:54:85:
3a:80:f0:95:08:9a:1e:50:8a:b1:88:fc:54:8c:b1:
0e:bd:c6:ec:ae:ad:cc:44:ce:5c:c2:c1:07:70:ed:
25:6c:5c:c4:4f:62:d8:d0:43:30:e8:f5:7f:6f:3f:
31:ef:da:f1:7f:7d:89:b5:90:a8:9c:a6:27:8a:7a:
c3:85:91:e0:b9:bf:fa:2c:60:d5:10:bb:dd:ad:4a:
8c:1b:20:98:8c:07:6f:e0:49:91:38:4c:ac:ec:d5:
f8:3e:dc:a3:fb:0b:53:f3:cf:09:d3:d4:98:93:a9:
2b:8e:8d:f7:91:2e:7d:ac:e2:3f:0c:a8:87:30:b5:
b9:15:61:53:14:13:cd:39:eb:6b:e4:77:8f:86:99:
e3:75:40:1d:b6:ca:a5:f3:f8:d5:79:37:ba:d2:1c:
8c:bc:da:51:d6:88:00:d8:d6:a2:67:a7:38:95:2c:
c0:ff:ad:de:49:27:b4:1b:9c:f6:71:6c:04:fb:e9:
e6:a6:f4:d7:82:ba:7e:2b:c9:11:5b:c1:45:04:39:
ea:00:73:1d:d0:7a:9d:17:a0:bd:5c:a9:c4:19:9b:
c1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:AC:1F:34:67:23:7D:6B:EC:2B:33:06:64:E6:82:54:EA:2F:78:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:5000::/40
Signature Algorithm: sha256WithRSAEncryption
44:99:c8:60:8b:08:96:22:f3:80:61:a1:a4:a4:09:78:a0:ab:
a5:66:fa:1b:de:d9:3e:2e:0c:25:55:be:a2:04:42:45:1e:b2:
f7:e4:e8:ce:12:03:dd:cf:e0:83:a3:58:82:6b:3e:23:24:12:
7d:e9:73:69:e6:24:7c:48:52:65:f1:b4:71:45:f7:11:12:e4:
96:31:19:e7:28:1a:54:af:af:97:ee:32:00:b6:f6:c1:9c:a9:
a9:6d:28:75:07:87:67:e1:dc:89:4e:09:14:75:ad:76:92:b9:
73:32:cd:21:ed:00:07:0e:ff:fa:53:42:de:13:22:bb:1d:e9:
7d:66:87:64:ad:cf:d0:62:16:9d:b1:28:ba:87:cb:12:51:fe:
49:46:e1:5c:ee:a1:94:0d:6a:dd:0c:fc:68:9c:58:27:86:cf:
64:e4:0c:89:42:84:b6:6c:de:a8:7f:c7:a9:6b:4e:6b:bd:6d:
06:52:99:02:24:27:7e:4b:c1:09:98:59:df:f2:e8:92:5c:26:
73:d7:6c:e6:af:2f:0f:ef:52:d9:41:17:89:3e:e0:39:ff:a1:
47:da:68:10:e7:44:b4:38:d5:3d:86:a4:e4:ed:11:f1:77:99:
af:b9:dd:5c:ec:dc:f7:55:b9:69:b3:b9:52:73:cf:17:15:5f:
2b:c1:2b:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNObFNnPgABIORIbHEKgQ0H2nD8IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUxMzJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzNjlmYWMzOGUxMDE5YjExNTEyZDkwMGM2NmJiMTRjNmVmZmY0NmE1NmRk
ZjMzZTg4NzNkYzliMDEyM2U2ZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTyyrLfCsTUCyC4nrX9PxB7VrEtZP8jC/dhbkXo0saOeMUNMieY3BP0x1SF
OoDwlQiaHlCKsYj8VIyxDr3G7K6tzETOXMLBB3DtJWxcxE9i2NBDMOj1f28/Me/a
8X99ibWQqJymJ4p6w4WR4Lm/+ixg1RC73a1KjBsgmIwHb+BJkThMrOzV+D7co/sL
U/PPCdPUmJOpK46N95EufaziPwyohzC1uRVhUxQTzTnra+R3j4aZ43VAHbbKpfP4
1Xk3utIcjLzaUdaIANjWomenOJUswP+t3kkntBuc9nFsBPvp5qb014K6fivJEVvB
RQQ56gBzHdB6nRegvVypxBmbwY0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTMrB80
ZyN9a+wrMwZk5oJU6i94tDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmM2OWY4ZjYtMDNjOC00NDY4LWE5OGEtZjIzZmU0MGVlYWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBEmchgiwiWIvOAYaGkpAl4oKulZvob3tk+Lgwl
Vb6iBEJFHrL35OjOEgPdz+CDo1iCaz4jJBJ96XNp5iR8SFJl8bRxRfcREuSWMRnn
KBpUr6+X7jIAtvbBnKmpbSh1B4dn4dyJTgkUda12krlzMs0h7QAHDv/6U0LeEyK7
Hel9Zodkrc/QYhadsSi6h8sSUf5JRuFc7qGUDWrdDPxonFgnhs9k5AyJQoS2bN6o
f8epa05rvW0GUpkCJCd+S8EJmFnf8uiSXCZz12zmry8P71LZQReJPuA5/6FH2mgQ
50S0ONU9hqTk7RHxd5mvud1c7Nz3Vblps7lSc88XFV8rwSu/
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:05 2025 by rpki-client