Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
File: c768f15e-576e-48c0-91d4-8446a6be70a8.roa (raw, json)
Hash identifier: bg8nKIfdwA+G76yFSKdjauJ8HRhn8ZD/rHbRSTEYlRk=
Subject key identifier: C1:5A:66:E2:03:66:C4:FB:78:63:3E:ED:65:F6:B8:E6:C1:C4:A8:51
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39CB2ED6BDAD54C4E578EEAD0B5C75BF1D74BEF2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
Signing time: Tue 05 Aug 2025 19:50:03 +0000
ROA not before: Tue 05 Aug 2025 19:50:03 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:cb:2e:d6:bd:ad:54:c4:e5:78:ee:ad:0b:5c:75:bf:1d:74:be:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:50:03 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=22c10a896938d010ec921836987f05f433f31a13f82ffce09516cf12afd81545, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:86:70:f8:c4:ee:9b:52:fa:91:de:75:67:85:
be:af:c4:0f:5c:96:69:f6:97:42:c7:9b:cc:59:ed:
7e:fb:09:91:cb:de:b1:97:0e:3f:0f:02:73:7e:f8:
fb:d5:3f:95:fa:6c:e4:0d:0d:24:f7:1d:66:f8:65:
2f:70:a3:03:56:0a:d9:db:d8:d8:65:66:a6:8b:cf:
1a:27:52:67:2c:18:f2:88:1d:cf:8a:06:c1:58:57:
49:34:93:4a:bf:cf:b5:9c:89:fe:c8:22:67:af:ff:
63:64:82:b8:48:61:e7:43:b6:bf:a5:d6:90:17:e9:
ed:3c:9c:83:65:fb:31:47:93:a4:1b:b7:9e:eb:da:
bf:87:5f:f2:11:ec:bf:cd:29:72:db:82:aa:61:8c:
b7:08:2d:72:48:13:6b:f5:cc:b4:2b:e3:19:e1:22:
ea:89:45:48:b3:9d:7a:17:88:47:08:38:1b:f6:03:
9e:80:ae:b0:03:ff:1a:75:a1:f7:93:56:bc:a5:56:
79:b4:d3:92:24:8c:2a:0d:39:bd:5c:ba:98:be:27:
64:b7:3a:4e:26:da:04:5f:f0:c1:c8:ea:16:c9:ac:
22:3d:bf:06:cb:21:72:1b:3b:75:e9:e5:bf:fa:c9:
a8:26:2a:d7:72:ba:b3:5e:32:7d:19:d0:bc:21:0a:
b0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:5A:66:E2:03:66:C4:FB:78:63:3E:ED:65:F6:B8:E6:C1:C4:A8:51
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:e000::/40
Signature Algorithm: sha256WithRSAEncryption
30:83:7c:fb:a2:9e:ef:fb:bf:09:a9:91:9c:de:7e:fd:9f:2c:
13:5e:33:a6:58:83:bc:a1:04:a4:7d:eb:40:da:4a:08:95:b2:
b8:60:6d:d1:e4:87:d1:d3:50:13:78:cb:10:4c:ca:41:50:dc:
6b:cb:3f:b4:4e:35:9e:8b:a2:4a:ff:50:d5:bf:d9:43:e6:f2:
a4:31:ce:d6:9e:9d:09:05:1f:cf:a2:a0:6e:99:aa:1f:a2:90:
c6:43:f3:b4:bc:56:92:d8:95:ce:e5:92:95:02:dc:11:e7:f4:
e0:e6:d1:37:ab:31:8b:01:ab:dd:f8:34:2d:10:e0:31:d3:d8:
9e:13:99:5b:47:6e:79:08:74:79:c6:7a:55:ed:dc:7c:ab:c0:
db:50:de:07:7d:33:a9:3c:4d:e1:c2:48:c7:70:68:5b:72:6f:
1a:28:26:ab:1b:a9:4c:89:13:e4:5a:f1:d4:17:21:ff:4e:03:
ba:66:df:3a:4b:87:f7:b6:29:d3:94:af:54:6a:34:26:5c:7a:
a1:28:c9:03:f7:cb:4a:27:e9:82:2e:33:8b:1b:19:1f:53:f7:
46:08:36:7a:cf:e5:1a:8e:f7:0c:7b:22:d9:79:f3:f0:2d:9e:
b6:8a:4f:73:e1:53:6d:91:d7:97:10:a3:e4:88:8b:a9:ed:a0:
c9:67:73:a9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOcsu1r2tVMTleO6tC1x1vx10vvIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUwMDNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyYzEwYTg5NjkzOGQwMTBlYzkyMTgzNjk4N2YwNWY0MzNmMzFhMTNmODJm
ZmNlMDk1MTZjZjEyYWZkODE1NDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWGcPjE7ptS+pHedWeFvq/ED1yWafaXQsebzFntfvsJkcvesZcOPw8Cc374
+9U/lfps5A0NJPcdZvhlL3CjA1YK2dvY2GVmpovPGidSZywY8ogdz4oGwVhXSTST
Sr/PtZyJ/sgiZ6//Y2SCuEhh50O2v6XWkBfp7Tycg2X7MUeTpBu3nuvav4df8hHs
v80pctuCqmGMtwgtckgTa/XMtCvjGeEi6olFSLOdeheIRwg4G/YDnoCusAP/GnWh
95NWvKVWebTTkiSMKg05vVy6mL4nZLc6TibaBF/wwcjqFsmsIj2/Bsshchs7denl
v/rJqCYq13K6s14yfRnQvCEKsB8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTBWmbi
A2bE+3hjPu1l9rjmwcSoUTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc2OGYxNWUtNTc2ZS00OGMwLTkxZDQtODQ0NmE2YmU3MGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DLg
MA0GCSqGSIb3DQEBCwUAA4IBAQAwg3z7op7v+78JqZGc3n79nywTXjOmWIO8oQSk
fetA2koIlbK4YG3R5IfR01ATeMsQTMpBUNxryz+0TjWei6JK/1DVv9lD5vKkMc7W
np0JBR/PoqBumaofopDGQ/O0vFaS2JXO5ZKVAtwR5/Tg5tE3qzGLAavd+DQtEOAx
09ieE5lbR255CHR5xnpV7dx8q8DbUN4HfTOpPE3hwkjHcGhbcm8aKCarG6lMiRPk
WvHUFyH/TgO6Zt86S4f3tinTlK9UajQmXHqhKMkD98tKJ+mCLjOLGxkfU/dGCDZ6
z+UajvcMeyLZefPwLZ62ik9z4VNtkdeXEKPkiIup7aDJZ3Op
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:57 2025 by rpki-client