Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
File: c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa (raw, json)
Hash identifier: 7Errue4eEW8kU/TmeyQrfXVpmo5e+SN8NHJVUf2IS44=
Subject key identifier: A3:1A:2E:A4:93:7F:D0:69:CC:1F:8D:C1:BE:9F:68:90:28:A1:E4:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4821E1D002C771C312C364D1D931186C0F3FA231
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
Signing time: Tue 05 Aug 2025 19:11:29 +0000
ROA not before: Tue 05 Aug 2025 19:11:29 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:21:e1:d0:02:c7:71:c3:12:c3:64:d1:d9:31:18:6c:0f:3f:a2:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:11:29 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=897a337b522e6d6e4d6fc27e76191f9fad83f63cc00deddd47af4c263a5a04ff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cb:5c:52:2e:30:47:64:cb:fb:80:ab:2d:f0:
2f:b6:5c:35:0d:79:03:2b:c2:b8:86:87:6c:a5:bf:
a8:a9:f1:d9:47:18:e3:0b:73:d8:dc:23:5d:83:91:
be:ff:89:5d:ea:12:8c:a6:40:3e:df:f5:a6:f0:d4:
a0:a1:e6:ec:79:6d:ca:4e:e5:fa:98:e0:4d:11:ad:
8f:2d:f0:28:80:66:6e:93:94:66:de:d8:dd:70:bc:
e3:07:57:71:87:96:b7:f7:04:79:b2:66:86:a3:63:
bf:22:1a:7d:e2:49:7f:20:f8:98:47:28:84:c9:86:
d8:c2:4a:f9:3e:87:b4:8d:be:5e:04:35:96:c3:27:
ee:a2:a1:9b:5a:ac:f9:8f:bb:6d:8e:8a:4a:e7:5f:
9c:ec:1e:30:f7:99:38:c7:4a:2d:6f:77:85:79:a6:
82:ba:27:0a:02:ab:0f:4b:f5:97:3f:c1:06:48:b2:
60:08:81:df:fb:f5:e2:0d:21:89:f7:6d:ae:86:53:
fa:64:02:b5:dd:ab:2b:9a:4b:bb:89:35:df:8a:65:
16:aa:2d:65:c1:c0:4c:52:bf:ba:30:69:10:2e:5d:
a0:3f:41:a4:0c:18:d9:cd:68:31:3a:1e:a9:bc:3e:
8a:2e:94:da:84:36:65:da:f9:67:a0:7a:0e:0b:89:
f3:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:1A:2E:A4:93:7F:D0:69:CC:1F:8D:C1:BE:9F:68:90:28:A1:E4:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:c000::/40
Signature Algorithm: sha256WithRSAEncryption
2b:54:4b:bc:08:fd:c0:f3:2e:e5:e0:64:0f:f4:02:13:c4:45:
ac:82:7d:d3:9f:44:9d:d0:6d:47:52:79:b8:19:6f:bc:ed:2d:
f2:9e:33:81:63:ac:ad:89:22:ef:e8:4f:21:d4:c6:df:1c:5a:
b4:9a:d8:7e:60:65:24:07:d9:62:9f:98:82:bc:38:2a:0e:1f:
20:9f:54:94:6f:46:6c:86:b5:f9:b1:05:4c:0b:5d:4c:91:d6:
b6:43:1f:e8:b1:42:1b:4a:02:cd:14:b0:cc:9a:8a:28:11:8d:
74:20:fa:ef:74:d8:6d:64:8b:8a:eb:2e:42:73:e2:e8:15:95:
30:a5:79:46:e5:f5:0c:19:eb:c8:fc:31:d2:61:d8:8f:3d:33:
bf:71:91:5e:bd:32:a2:99:a1:1a:d2:b6:5f:dc:16:d6:a7:e4:
8f:25:aa:1e:03:cb:a5:25:b5:2b:00:e4:54:3a:cb:f1:e3:15:
21:d6:66:94:e2:87:71:94:f0:17:d4:82:d9:43:6c:06:7f:53:
1b:8a:7a:4f:d8:af:92:6b:df:56:49:83:44:fd:e2:71:01:06:
9e:1c:c0:62:18:91:2c:e5:f2:da:70:08:fd:43:61:95:44:70:
88:b4:76:66:21:83:06:a5:c9:f4:cb:4b:9d:3d:47:25:8f:09:
f3:69:93:df
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSCHh0ALHccMSw2TR2TEYbA8/ojEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTExMjlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5N2EzMzdiNTIyZTZkNmU0ZDZmYzI3ZTc2MTkxZjlmYWQ4M2Y2M2NjMDBk
ZWRkZDQ3YWY0YzI2M2E1YTA0ZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHLXFIuMEdky/uAqy3wL7ZcNQ15AyvCuIaHbKW/qKnx2UcY4wtz2NwjXYOR
vv+JXeoSjKZAPt/1pvDUoKHm7Hltyk7l+pjgTRGtjy3wKIBmbpOUZt7Y3XC84wdX
cYeWt/cEebJmhqNjvyIafeJJfyD4mEcohMmG2MJK+T6HtI2+XgQ1lsMn7qKhm1qs
+Y+7bY6KSudfnOweMPeZOMdKLW93hXmmgronCgKrD0v1lz/BBkiyYAiB3/v14g0h
ifdtroZT+mQCtd2rK5pLu4k134plFqotZcHATFK/ujBpEC5doD9BpAwY2c1oMToe
qbw+ii6U2oQ2Zdr5Z6B6DguJ818CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSjGi6k
k3/QacwfjcG+n2iQKKHkHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzkyNTY1MzYtMGU5YS00MTc1LThhYzctYTBmYjk5MWViZmY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HbA
MA0GCSqGSIb3DQEBCwUAA4IBAQArVEu8CP3A8y7l4GQP9AITxEWsgn3Tn0Sd0G1H
Unm4GW+87S3ynjOBY6ytiSLv6E8h1MbfHFq0mth+YGUkB9lin5iCvDgqDh8gn1SU
b0ZshrX5sQVMC11Mkda2Qx/osUIbSgLNFLDMmoooEY10IPrvdNhtZIuK6y5Cc+Lo
FZUwpXlG5fUMGevI/DHSYdiPPTO/cZFevTKimaEa0rZf3BbWp+SPJaoeA8ulJbUr
AORUOsvx4xUh1maU4odxlPAX1ILZQ2wGf1MbinpP2K+Sa99WSYNE/eJxAQaeHMBi
GJEs5fLacAj9Q2GVRHCItHZmIYMGpcn0y0udPUcljwnzaZPf
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:16 2025 by rpki-client