Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
File: c153f994-19fd-4682-b6f7-f4e92e6144ea.roa (raw, json)
Hash identifier: Yqw54H2e68p2fi0UK5hn1AwfbjVw/3rSVZYXNfGPAPY=
Subject key identifier: CF:00:7D:B8:C8:7C:89:9D:77:42:E6:E7:DB:1C:46:FF:E5:A9:7A:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 661434EDF355B7186D196A614A41D75DB42869B0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
Signing time: Tue 05 Aug 2025 20:00:57 +0000
ROA not before: Tue 05 Aug 2025 20:00:57 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:14:34:ed:f3:55:b7:18:6d:19:6a:61:4a:41:d7:5d:b4:28:69:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:00:57 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=ab77fd8eece13635da4e8198ae314246351ebcb77df39002568948d5dfa46884, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d6:5f:4a:7c:ea:c4:55:49:86:1e:e2:9a:60:
d4:df:57:f9:b1:08:89:81:65:4f:55:6f:1e:93:4b:
33:27:26:15:13:20:e5:3e:cc:e5:93:70:41:d6:14:
89:f1:a8:1b:4b:57:2e:06:a2:61:9a:91:5c:c6:a4:
f4:0c:5f:49:03:08:35:10:ae:9c:02:8d:b2:ae:da:
bb:10:8b:2c:cb:dd:df:2d:e6:6e:11:7e:7f:5f:47:
d9:5e:a2:94:bf:37:3f:a7:f4:23:ef:b4:ba:26:5a:
de:ba:b6:ca:61:00:6f:f3:48:f4:f8:ec:72:c9:4d:
4e:53:3f:e4:3d:92:15:71:5e:f3:46:ee:6c:4d:e7:
e4:c1:60:a2:07:46:c5:43:b5:71:24:f1:4d:a8:1b:
19:53:29:4e:56:67:9c:c1:27:05:fc:6d:c6:64:ad:
23:34:85:e3:c5:d7:28:c9:6c:1d:62:db:bb:15:8c:
39:4b:65:ff:a4:ea:05:81:8b:72:91:16:21:79:47:
9f:11:4c:5d:55:6f:46:16:de:85:3f:52:93:05:6b:
7b:91:dc:e4:8f:34:d8:39:50:c7:d0:a3:26:4c:d5:
54:90:6e:02:47:3e:1c:68:33:c9:e1:0c:e2:ac:d2:
46:de:35:f6:67:b1:55:e6:96:20:f7:27:0e:9a:0e:
b2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:00:7D:B8:C8:7C:89:9D:77:42:E6:E7:DB:1C:46:FF:E5:A9:7A:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c153f994-19fd-4682-b6f7-f4e92e6144ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:c00::/38
Signature Algorithm: sha256WithRSAEncryption
46:60:1d:3a:46:bc:4f:bb:d4:9f:ed:78:25:67:b4:a6:f9:ec:
46:4a:16:b7:30:05:3e:e1:bf:b1:41:cd:07:45:bf:08:17:a8:
d5:f4:c0:be:f5:7e:25:8a:31:0b:6a:3a:33:25:27:d9:0c:06:
73:16:7b:ea:5b:57:12:63:6c:2d:fc:a9:51:ac:1f:3a:dc:82:
a6:16:1c:74:76:7f:53:a0:f1:2f:a2:af:33:6e:26:22:4e:ae:
fb:95:e3:10:3c:a6:5c:4e:57:59:54:ea:ff:6d:c0:44:01:2f:
81:36:77:6e:04:b4:dc:87:89:81:5a:56:f7:c5:c7:96:52:0f:
58:fa:92:09:99:e3:ea:8e:fb:47:49:d9:79:1b:2a:1c:6f:f1:
29:de:3f:f0:68:1b:de:30:92:da:4c:47:ed:81:dc:de:d9:67:
79:3f:a3:7a:dd:9f:a2:56:d0:fe:3d:0f:5e:6b:03:b9:ff:f4:
5b:4a:ba:bf:25:00:b0:d9:96:7c:98:12:ee:92:75:8a:e6:85:
09:98:e4:8d:8b:fc:00:be:6c:6d:78:e9:0f:a5:95:71:ca:ae:
ae:9c:52:84:cf:5b:00:27:2f:51:3d:49:c9:3a:e8:c6:51:39:
6a:38:d9:25:50:a7:13:21:c5:b6:24:db:7a:95:95:59:1b:c5:
b0:6d:a8:cf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZhQ07fNVtxhtGWphSkHXXbQoabAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAwNTdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiNzdmZDhlZWNlMTM2MzVkYTRlODE5OGFlMzE0MjQ2MzUxZWJjYjc3ZGYz
OTAwMjU2ODk0OGQ1ZGZhNDY4ODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDWX0p86sRVSYYe4ppg1N9X+bEIiYFlT1VvHpNLMycmFRMg5T7M5ZNwQdYU
ifGoG0tXLgaiYZqRXMak9AxfSQMINRCunAKNsq7auxCLLMvd3y3mbhF+f19H2V6i
lL83P6f0I++0uiZa3rq2ymEAb/NI9PjscslNTlM/5D2SFXFe80bubE3n5MFgogdG
xUO1cSTxTagbGVMpTlZnnMEnBfxtxmStIzSF48XXKMlsHWLbuxWMOUtl/6TqBYGL
cpEWIXlHnxFMXVVvRhbehT9SkwVre5Hc5I802DlQx9CjJkzVVJBuAkc+HGgzyeEM
4qzSRt419mexVeaWIPcnDpoOshkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTPAH24
yHyJnXdC5ufbHEb/5al6WTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzE1M2Y5OTQtMTlmZC00NjgyLWI2ZjctZjRlOTJlNjE0NGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwM
MA0GCSqGSIb3DQEBCwUAA4IBAQBGYB06RrxPu9Sf7XglZ7Sm+exGSha3MAU+4b+x
Qc0HRb8IF6jV9MC+9X4lijELajozJSfZDAZzFnvqW1cSY2wt/KlRrB863IKmFhx0
dn9ToPEvoq8zbiYiTq77leMQPKZcTldZVOr/bcBEAS+BNnduBLTch4mBWlb3xceW
Ug9Y+pIJmePqjvtHSdl5Gyocb/Ep3j/waBveMJLaTEftgdze2Wd5P6N63Z+iVtD+
PQ9eawO5//RbSrq/JQCw2ZZ8mBLuknWK5oUJmOSNi/wAvmxteOkPpZVxyq6unFKE
z1sAJy9RPUnJOujGUTlqONklUKcTIcW2JNt6lZVZG8WwbajP
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:14 2025 by rpki-client