Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
File: cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa (raw, json)
Hash identifier: n9WJHFqzchQFM5fQvndO1iMU9OCPz/DkiV2TE+oAMlQ=
Subject key identifier: 2F:6C:F1:9D:2E:C1:67:41:F9:C7:0A:ED:EC:71:B9:B4:5C:4E:2B:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67D5DC677A86F192E995605715EDDAE2C7BECB9A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
Signing time: Tue 05 Aug 2025 19:31:27 +0000
ROA not before: Tue 05 Aug 2025 19:31:27 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:d5:dc:67:7a:86:f1:92:e9:95:60:57:15:ed:da:e2:c7:be:cb:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:31:27 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=2718138231f1298451c79da15d64c394d1d0cd31e19da1b38a8768fcc284d19f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0d:a4:40:17:5f:47:7e:40:bd:54:a9:73:2d:
52:81:67:02:cb:6e:3d:67:f6:81:52:fa:c2:aa:37:
25:9a:e6:c6:67:c4:43:7e:6a:30:01:01:d0:18:c4:
1d:ac:1e:e3:cd:c1:8a:db:b6:57:38:d6:37:14:f8:
2b:76:df:e5:70:4d:a9:88:16:c2:28:46:b7:10:13:
f6:b8:b8:09:c9:06:f1:0e:cf:38:74:ed:29:a3:5c:
75:e9:86:10:d7:37:38:a7:df:b1:0b:4b:af:72:25:
3d:55:cf:8d:b4:cf:03:57:e5:4a:a0:fa:b5:b5:a4:
28:63:98:50:37:b5:02:6f:39:31:9c:52:1b:22:ee:
47:a2:31:f2:c7:41:39:dd:19:07:ea:e1:7f:aa:6f:
07:f8:af:9d:2d:93:2e:73:b7:bd:95:61:58:5d:4d:
a7:af:13:d4:2c:e7:db:f1:1c:74:c6:8f:7a:84:6e:
ec:ac:91:52:2e:6b:01:77:b1:bd:d7:5d:b8:8d:7d:
e5:c0:f5:8a:85:5b:15:82:0c:af:33:b4:ca:4e:c9:
bc:9f:a7:97:e9:aa:cc:5b:93:66:3c:fe:b8:43:a0:
ab:cb:b9:7e:8d:2c:23:0a:d4:a9:c4:13:fc:8c:71:
86:66:87:eb:74:3b:21:78:64:79:b1:75:96:23:05:
cb:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:6C:F1:9D:2E:C1:67:41:F9:C7:0A:ED:EC:71:B9:B4:5C:4E:2B:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cac850f8-5aa9-4a56-aea2-e22d3afd4e38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:1040::/48
Signature Algorithm: sha256WithRSAEncryption
59:bc:b5:ca:5e:9a:00:1c:2a:d2:d5:46:eb:60:3a:43:b2:c8:
88:11:4e:05:0f:a2:98:82:ba:ea:80:98:56:92:f2:93:72:fb:
92:f4:1f:bd:c6:8d:c7:7f:84:82:be:aa:77:8c:c7:1f:a3:5a:
6b:88:b0:b2:d4:8e:77:83:a9:d7:2f:48:85:db:b2:6a:86:92:
09:78:6b:88:cd:0a:d1:0e:93:ac:28:bb:26:72:cf:43:24:21:
40:78:91:68:81:52:97:38:dd:0d:c0:48:4f:7a:39:b7:23:86:
67:58:3e:18:15:ee:bc:19:bb:32:b0:11:dc:40:8b:54:ac:36:
89:fc:95:5d:9a:42:fb:46:68:d3:4e:3e:3f:72:00:24:e1:8d:
b5:74:c0:79:48:52:71:e6:95:98:13:f7:e0:70:c6:df:24:bb:
49:34:c6:2e:c8:5c:89:bc:5e:53:2c:d2:c3:54:82:61:ee:58:
24:df:13:a6:ab:43:7b:aa:e5:1c:6a:bc:97:87:7d:c1:e8:1a:
19:61:3a:d3:0c:bd:34:ff:09:33:2e:26:3b:9c:07:c8:14:84:
5e:ac:48:4d:2b:b8:9c:23:76:0a:3f:95:d1:33:e0:9b:b9:26:
46:37:ab:da:03:52:2d:39:6b:d0:cc:93:7f:8f:52:7c:93:bc:
db:6e:29:7f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZ9XcZ3qG8ZLplWBXFe3a4se+y5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMxMjdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3MTgxMzgyMzFmMTI5ODQ1MWM3OWRhMTVkNjRjMzk0ZDFkMGNkMzFlMTlk
YTFiMzhhODc2OGZjYzI4NGQxOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYNpEAXX0d+QL1UqXMtUoFnAstuPWf2gVL6wqo3JZrmxmfEQ35qMAEB0BjE
Hawe483Bitu2VzjWNxT4K3bf5XBNqYgWwihGtxAT9ri4CckG8Q7POHTtKaNcdemG
ENc3OKffsQtLr3IlPVXPjbTPA1flSqD6tbWkKGOYUDe1Am85MZxSGyLuR6Ix8sdB
Od0ZB+rhf6pvB/ivnS2TLnO3vZVhWF1Np68T1Czn2/EcdMaPeoRu7KyRUi5rAXex
vddduI195cD1ioVbFYIMrzO0yk7JvJ+nl+mqzFuTZjz+uEOgq8u5fo0sIwrUqcQT
/IxxhmaH63Q7IXhkebF1liMFy4MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQvbPGd
LsFnQfnHCu3scbm0XE4rnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2FjODUwZjgtNWFhOS00YTU2LWFlYTItZTIyZDNhZmQ0ZTM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAWby1yl6aABwq0tVG62A6Q7LIiBFOBQ+imIK6
6oCYVpLyk3L7kvQfvcaNx3+Egr6qd4zHH6Naa4iwstSOd4Op1y9IhduyaoaSCXhr
iM0K0Q6TrCi7JnLPQyQhQHiRaIFSlzjdDcBIT3o5tyOGZ1g+GBXuvBm7MrAR3ECL
VKw2ifyVXZpC+0Zo004+P3IAJOGNtXTAeUhSceaVmBP34HDG3yS7STTGLshcibxe
UyzSw1SCYe5YJN8TpqtDe6rlHGq8l4d9wegaGWE60wy9NP8JMy4mO5wHyBSEXqxI
TSu4nCN2Cj+V0TPgm7kmRjer2gNSLTlr0MyTf49SfJO8224pfw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:04 2025 by rpki-client