Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
File: bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa (raw, json)
Hash identifier: 4wBGGO6gglFRdU6aSNHjPlPG/PghPmJH8g4HO2PrPYo=
Subject key identifier: 8F:B5:8A:3A:D9:8E:A7:EF:F4:D5:46:CF:2D:6C:E4:8B:1B:D8:0B:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7362983DD4E54DF71695C089B37F12B1825DBB21
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
Signing time: Tue 05 Aug 2025 19:00:07 +0000
ROA not before: Tue 05 Aug 2025 19:00:07 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:62:98:3d:d4:e5:4d:f7:16:95:c0:89:b3:7f:12:b1:82:5d:bb:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:00:07 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=d67678add150ff8999a82a30b57ba601f26ec8a6f9abfef8f088511ea10a8242, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3b:5c:1b:a9:c9:44:81:64:dc:6b:78:3a:98:
7c:83:7c:73:32:ce:57:a2:a9:26:91:6d:f8:d8:f4:
88:12:15:33:d8:e2:66:d4:df:e9:57:cd:4d:f0:67:
65:b0:53:d3:cc:35:df:34:cb:3b:b5:1b:db:c1:eb:
db:3d:43:32:5e:cc:ac:c5:8b:55:73:06:ef:92:36:
f5:e1:ba:8c:4d:56:0c:fc:44:a8:be:c1:d9:d1:83:
cd:0d:96:c9:3c:a3:8a:70:66:56:84:cd:df:ab:7a:
df:a4:0f:d0:b1:cd:21:de:ad:7b:e2:83:44:30:23:
fe:b0:58:05:68:ef:21:4b:7a:67:24:39:29:08:63:
db:43:15:ea:02:d7:0a:7b:2b:66:94:2a:ec:43:9b:
4d:9a:e4:6f:93:cc:14:94:e9:5f:48:4f:bc:7c:a3:
52:35:8f:79:26:7b:e3:84:3d:e0:27:05:56:eb:64:
f2:dd:70:69:21:75:ba:d2:d0:1c:b6:ca:51:f2:c0:
89:23:48:be:1a:96:aa:2f:b7:49:87:61:fa:9b:91:
50:60:b4:b0:5f:f1:07:49:78:51:07:ea:50:f4:b4:
53:eb:7b:e3:a0:66:0b:58:ce:73:69:98:6c:84:1b:
1f:d7:e6:d0:73:15:8d:51:28:d8:0d:75:85:07:65:
02:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B5:8A:3A:D9:8E:A7:EF:F4:D5:46:CF:2D:6C:E4:8B:1B:D8:0B:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4020::/48
Signature Algorithm: sha256WithRSAEncryption
68:e8:85:e7:36:31:26:bc:4c:47:d7:00:ef:bd:ca:07:b3:35:
7d:ed:03:4f:1c:92:a2:93:12:6a:68:fa:49:aa:fd:a1:d1:85:
95:57:96:71:ea:e1:1b:9f:1e:65:0c:84:33:c0:bb:66:72:d3:
b3:e9:1c:81:13:50:2b:e5:07:03:25:92:32:82:28:a8:5a:b6:
cf:3d:e6:6b:10:b4:d0:fe:2a:cf:42:ce:58:d9:d7:40:3f:99:
cb:ac:df:56:e1:d2:d0:83:a5:1b:2c:4c:b5:d9:26:42:be:78:
bd:4b:8b:db:6b:ab:57:b4:5b:eb:67:06:af:72:c5:f4:67:4c:
81:7e:54:2d:b7:95:b6:5d:a7:fd:45:4c:1a:cf:93:65:90:f9:
01:78:6d:46:0c:cd:99:a8:1a:a9:cd:80:e2:32:9e:e1:19:11:
a1:a0:f2:13:83:84:c5:33:1e:55:5c:1e:01:8c:c6:e4:ff:18:
e3:e9:2e:eb:2c:2d:ec:98:46:b7:70:75:a5:ad:2d:ff:ae:3e:
03:d6:ab:60:ac:9d:1c:dd:0b:15:c9:21:85:65:fc:d6:b1:12:
d6:f3:fe:c4:6e:6e:e0:e7:9e:5f:5a:37:34:0d:f4:9b:d9:22:
d3:64:e1:08:6a:a8:3d:29:82:c3:0d:1b:4c:36:c2:d8:62:f6:
70:1b:1a:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUc2KYPdTlTfcWlcCJs38SsYJduyEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAwMDdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2NzY3OGFkZDE1MGZmODk5OWE4MmEzMGI1N2JhNjAxZjI2ZWM4YTZmOWFi
ZmVmOGYwODg1MTFlYTEwYTgyNDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL07XBupyUSBZNxreDqYfIN8czLOV6KpJpFt+Nj0iBIVM9jiZtTf6VfNTfBn
ZbBT08w13zTLO7Ub28Hr2z1DMl7MrMWLVXMG75I29eG6jE1WDPxEqL7B2dGDzQ2W
yTyjinBmVoTN36t636QP0LHNId6te+KDRDAj/rBYBWjvIUt6ZyQ5KQhj20MV6gLX
CnsrZpQq7EObTZrkb5PMFJTpX0hPvHyjUjWPeSZ744Q94CcFVutk8t1waSF1utLQ
HLbKUfLAiSNIvhqWqi+3SYdh+puRUGC0sF/xB0l4UQfqUPS0U+t746BmC1jOc2mY
bIQbH9fm0HMVjVEo2A11hQdlAr8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSPtYo6
2Y6n7/TVRs8tbOSLG9gLTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmY1NDA0YzItYmNiZS00ZGY0LTg2Y2UtNzJjZWIwNjdmNjY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
IDANBgkqhkiG9w0BAQsFAAOCAQEAaOiF5zYxJrxMR9cA773KB7M1fe0DTxySopMS
amj6Sar9odGFlVeWcerhG58eZQyEM8C7ZnLTs+kcgRNQK+UHAyWSMoIoqFq2zz3m
axC00P4qz0LOWNnXQD+Zy6zfVuHS0IOlGyxMtdkmQr54vUuL22urV7Rb62cGr3LF
9GdMgX5ULbeVtl2n/UVMGs+TZZD5AXhtRgzNmagaqc2A4jKe4RkRoaDyE4OExTMe
VVweAYzG5P8Y4+ku6ywt7JhGt3B1pa0t/64+A9arYKydHN0LFckhhWX81rES1vP+
xG5u4OeeX1o3NA30m9ki02ThCGqoPSmCww0bTDbC2GL2cBsajw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:09 2025 by rpki-client