Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c91ab8e7-8370-48ed-9e25-0dc260ba196b.roa
File: c91ab8e7-8370-48ed-9e25-0dc260ba196b.roa (raw, json)
Hash identifier: 9JjHZJpdX+m6eon5Qsodf+7mr6CMziYlynkrJXwOonA=
Subject key identifier: 7D:7F:CF:DE:15:9D:D1:23:79:2E:DE:9C:83:8E:C3:B5:BD:25:93:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 19CF832FE6719A7B6AB6D3BB9188C446AB8A3492
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c91ab8e7-8370-48ed-9e25-0dc260ba196b.roa
Signing time: Tue 05 Aug 2025 19:00:15 +0000
ROA not before: Tue 05 Aug 2025 19:00:15 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:cf:83:2f:e6:71:9a:7b:6a:b6:d3:bb:91:88:c4:46:ab:8a:34:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:00:15 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=c27cc2ffcc16c3c3cad42a72a400c958c278947fdabc6e605740831b3cb5b6d1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:67:b2:02:5c:2a:ec:1d:70:b6:88:84:f3:7a:
3d:58:8a:aa:53:1f:c5:fc:9f:fa:de:09:fe:a5:97:
c4:4c:68:97:02:c3:60:d7:a4:77:2d:7b:7e:bd:02:
08:ea:60:bb:a9:62:8b:ab:cb:04:a6:6f:be:19:dc:
38:31:8d:a2:f9:b1:6a:8a:96:6b:82:b8:5b:fb:ca:
8f:10:8a:df:d5:69:aa:bb:f4:96:47:1c:e1:82:ed:
7b:f6:3c:b8:0a:67:d3:4f:03:2a:df:2a:11:49:cc:
d4:9d:59:1e:49:b4:70:41:21:da:0d:fb:76:d3:1a:
73:50:23:96:64:4f:57:ad:08:87:77:f5:67:c4:35:
d4:b1:0f:4c:56:14:1d:41:08:d6:73:c7:c3:09:c6:
d3:24:bd:25:b0:df:0f:1a:29:d5:6c:19:9b:a0:35:
1a:95:9c:32:4e:36:23:27:3e:de:92:90:d8:92:88:
a6:c1:bc:ff:2b:d8:d9:dd:67:18:b7:e4:e6:73:a3:
75:51:d8:ed:fa:7a:be:5d:b7:be:01:c9:3a:db:ed:
76:55:f4:21:0b:bf:f0:14:df:a2:54:c3:c9:31:8d:
6b:0e:71:d0:d5:3b:6a:5d:74:c9:ba:17:17:c9:73:
46:c3:9b:f6:f7:94:8f:37:3f:5e:dd:71:61:dc:eb:
a8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:7F:CF:DE:15:9D:D1:23:79:2E:DE:9C:83:8E:C3:B5:BD:25:93:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c91ab8e7-8370-48ed-9e25-0dc260ba196b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
63:62:45:f8:79:68:ac:3f:35:6d:1e:c0:e5:25:d7:9e:8d:84:
1f:2a:02:cc:c5:83:3d:52:7f:18:f6:e4:ac:41:1c:a0:67:18:
85:39:5e:aa:17:e0:d4:53:75:b6:54:f1:ce:54:5e:8c:ed:d8:
43:aa:19:e6:9b:29:d5:ae:30:58:67:e6:86:52:ab:49:4d:ca:
10:0b:82:f0:13:e6:41:a3:eb:e2:99:3a:24:43:92:c1:13:90:
c1:62:32:4d:f1:ac:f6:2b:1c:fa:fd:29:3e:78:4f:da:ea:ca:
23:1c:09:82:b0:7a:00:15:6a:e0:15:cb:36:c0:41:96:9d:bf:
49:ae:85:c4:fc:ce:fe:fd:11:ed:cc:39:15:b3:4d:b8:0d:65:
fa:5a:cf:88:c9:4c:8d:5d:51:bd:fc:b2:48:ba:bf:c9:4c:04:
57:57:9c:06:30:23:33:92:cf:1d:fb:6a:f3:51:23:26:be:cd:
e0:71:c1:3b:33:c0:80:c4:f5:71:8b:67:a4:3a:a5:86:84:6f:
db:72:6b:14:4f:47:3f:c7:f6:11:c8:5b:0c:3d:88:2e:04:10:
f9:87:23:a0:f7:23:c7:14:c8:89:8a:17:10:85:18:2d:44:c9:
f4:8f:25:c1:c2:04:02:1a:63:0f:2f:0d:b4:b3:3d:27:93:90:
d3:37:78:85
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGc+DL+ZxmntqttO7kYjERquKNJIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAwMTVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyN2NjMmZmY2MxNmMzYzNjYWQ0MmE3MmE0MDBjOTU4YzI3ODk0N2ZkYWJj
NmU2MDU3NDA4MzFiM2NiNWI2ZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlnsgJcKuwdcLaIhPN6PViKqlMfxfyf+t4J/qWXxExolwLDYNekdy17fr0C
COpgu6lii6vLBKZvvhncODGNovmxaoqWa4K4W/vKjxCK39Vpqrv0lkcc4YLte/Y8
uApn008DKt8qEUnM1J1ZHkm0cEEh2g37dtMac1AjlmRPV60Ih3f1Z8Q11LEPTFYU
HUEI1nPHwwnG0yS9JbDfDxop1WwZm6A1GpWcMk42Iyc+3pKQ2JKIpsG8/yvY2d1n
GLfk5nOjdVHY7fp6vl23vgHJOtvtdlX0IQu/8BTfolTDyTGNaw5x0NU7al10yboX
F8lzRsOb9veUjzc/Xt1xYdzrqHMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR9f8/e
FZ3RI3ku3pyDjsO1vSWTCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzkxYWI4ZTctODM3MC00OGVkLTllMjUtMGRjMjYwYmExOTZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJg
wDANBgkqhkiG9w0BAQsFAAOCAQEAY2JF+HlorD81bR7A5SXXno2EHyoCzMWDPVJ/
GPbkrEEcoGcYhTleqhfg1FN1tlTxzlRejO3YQ6oZ5psp1a4wWGfmhlKrSU3KEAuC
8BPmQaPr4pk6JEOSwROQwWIyTfGs9isc+v0pPnhP2urKIxwJgrB6ABVq4BXLNsBB
lp2/Sa6FxPzO/v0R7cw5FbNNuA1l+lrPiMlMjV1RvfyySLq/yUwEV1ecBjAjM5LP
Hftq81EjJr7N4HHBOzPAgMT1cYtnpDqlhoRv23JrFE9HP8f2EchbDD2ILgQQ+Ycj
oPcjxxTIiYoXEIUYLUTJ9I8lwcIEAhpjDy8NtLM9J5OQ0zd4hQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:03 2025 by rpki-client