Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdfda4b5-843e-4797-9739-e616ff3d5825.roa
File: bdfda4b5-843e-4797-9739-e616ff3d5825.roa (raw, json)
Hash identifier: X9OZUD8TvKEjr2X80NsaVttjc39d/Uqfe5ugaFqMobE=
Subject key identifier: A7:CE:CF:B5:B2:75:8B:8A:85:B8:17:BB:FB:D3:63:71:A2:77:B2:A1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7350EBDEA7737F46119991643C881F9D14D9B180
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdfda4b5-843e-4797-9739-e616ff3d5825.roa
Signing time: Fri 22 Aug 2025 15:10:06 +0000
ROA not before: Fri 22 Aug 2025 15:10:06 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:50:eb:de:a7:73:7f:46:11:99:91:64:3c:88:1f:9d:14:d9:b1:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:06 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=66f67c08f024186da689b3fdf30370451e998c0a05ac1fa8f65bf1fd5a854799, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:93:6f:d8:b2:0f:5f:b5:c1:25:b2:cf:2f:44:
08:85:3b:b2:bd:0b:36:f8:e7:04:2e:f8:a1:fc:6a:
68:24:73:be:73:ac:10:be:d5:fc:f5:f2:67:9f:bf:
12:8f:b3:95:24:c1:ec:6f:a4:19:de:49:5b:3a:e7:
cd:dd:5f:ad:7f:1e:d9:2d:13:e1:ac:7d:7c:1e:c9:
f3:0e:79:8d:80:ec:d7:3f:d6:b7:3f:b4:e4:2c:ce:
cb:58:2b:08:bb:3b:df:24:2c:10:ea:49:98:3c:15:
7a:8c:29:65:a9:64:06:bd:90:e9:ee:57:c3:1e:09:
a5:67:16:13:70:1a:2d:04:4b:6c:77:43:2e:4c:a8:
cb:ce:a0:bb:06:5d:1b:d0:dc:bf:ab:ff:62:37:44:
73:e8:47:4f:1f:89:a0:2e:d6:c8:e3:e5:d0:ed:26:
b1:a3:ac:d9:a1:97:0b:62:59:c6:c9:40:39:3d:7e:
8d:d8:ec:81:3f:a7:fa:8d:40:6b:46:2f:70:dc:e5:
65:0c:3b:23:42:47:71:9a:b9:c6:a6:72:fa:fd:9a:
c0:a2:c1:a0:b6:83:d1:c9:e5:87:45:cf:45:61:b9:
b8:6c:c7:fa:7f:9e:93:ea:2c:ad:9c:65:b3:4d:b4:
a6:f7:cc:55:3a:5d:13:b2:46:21:05:76:86:ba:30:
8f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:CE:CF:B5:B2:75:8B:8A:85:B8:17:BB:FB:D3:63:71:A2:77:B2:A1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdfda4b5-843e-4797-9739-e616ff3d5825.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:8000::/40
Signature Algorithm: sha256WithRSAEncryption
42:dd:18:24:4c:6a:a2:21:72:f9:9b:70:5b:4a:f0:eb:c2:e7:
5c:20:5b:7b:f3:1c:96:44:46:f4:3f:8b:c0:68:d0:d1:e1:fc:
5a:a2:1c:50:21:f2:4d:62:12:48:89:78:93:b8:74:b6:5f:40:
4c:26:8d:b9:85:52:a2:7e:7c:49:1d:4e:4f:c2:65:c2:f0:48:
7d:c2:7d:45:28:aa:fd:3d:f8:94:e6:5b:e2:e4:07:fe:32:b2:
95:09:89:c0:0f:0f:27:4c:f2:32:97:2a:63:4a:64:ef:31:54:
d5:92:8f:47:70:52:f6:fc:6b:02:f7:31:b2:cf:c3:cd:96:e4:
8e:ac:a3:25:0b:7f:f8:d1:c2:25:c8:4a:33:79:99:86:b7:0a:
2d:f1:a8:80:43:95:b5:cd:23:7d:96:9f:d9:73:4b:d5:cd:73:
40:be:a3:bc:d8:19:6b:c5:32:05:03:05:33:19:31:c2:89:18:
87:06:32:b3:4f:20:a4:c3:5e:5b:0b:c7:79:62:4f:de:67:1e:
99:f5:84:bc:05:64:51:e1:3b:00:3e:16:90:5d:7e:e2:29:ed:
77:db:99:33:ac:e2:39:d9:28:6c:7f:d1:2c:86:3c:7f:48:f9:
b9:7d:57:8f:af:33:1c:49:5d:56:bc:5f:b0:d2:e4:a1:69:31:
de:2d:c6:7f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc1Dr3qdzf0YRmZFkPIgfnRTZsYAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwMDZaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2ZjY3YzA4ZjAyNDE4NmRhNjg5YjNmZGYzMDM3MDQ1MWU5OThjMGEwNWFj
MWZhOGY2NWJmMWZkNWE4NTQ3OTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOKTb9iyD1+1wSWyzy9ECIU7sr0LNvjnBC74ofxqaCRzvnOsEL7V/PXyZ5+/
Eo+zlSTB7G+kGd5JWzrnzd1frX8e2S0T4ax9fB7J8w55jYDs1z/Wtz+05CzOy1gr
CLs73yQsEOpJmDwVeowpZalkBr2Q6e5Xwx4JpWcWE3AaLQRLbHdDLkyoy86guwZd
G9Dcv6v/YjdEc+hHTx+JoC7WyOPl0O0msaOs2aGXC2JZxslAOT1+jdjsgT+n+o1A
a0YvcNzlZQw7I0JHcZq5xqZy+v2awKLBoLaD0cnlh0XPRWG5uGzH+n+ek+osrZxl
s020pvfMVTpdE7JGIQV2hrowjxkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSnzs+1
snWLioW4F7v702NxoneyoTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRmZGE0YjUtODQzZS00Nzk3LTk3MzktZTYxNmZmM2Q1ODI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCA
MA0GCSqGSIb3DQEBCwUAA4IBAQBC3RgkTGqiIXL5m3BbSvDrwudcIFt78xyWREb0
P4vAaNDR4fxaohxQIfJNYhJIiXiTuHS2X0BMJo25hVKifnxJHU5PwmXC8Eh9wn1F
KKr9PfiU5lvi5Af+MrKVCYnADw8nTPIylypjSmTvMVTVko9HcFL2/GsC9zGyz8PN
luSOrKMlC3/40cIlyEozeZmGtwot8aiAQ5W1zSN9lp/Zc0vVzXNAvqO82BlrxTIF
AwUzGTHCiRiHBjKzTyCkw15bC8d5Yk/eZx6Z9YS8BWRR4TsAPhaQXX7iKe1325kz
rOI52Shsf9Eshjx/SPm5fVePrzMcSV1WvF+w0uShaTHeLcZ/
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:54:09 2025 by rpki-client