Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
File: cd129ecb-5978-40fd-ada8-5ab27adcb622.roa (raw, json)
Hash identifier: g24C+rNpKMQw/vLN8wEmZXfEOeiL/9orfoBQw3BXlJo=
Subject key identifier: 2E:15:44:A4:18:3B:14:77:F7:EE:14:26:E1:75:E2:93:61:BA:CA:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3638B8F1C6BE1479D3BE98F873F719C3E5FC75A9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
Signing time: Tue 05 Aug 2025 19:22:00 +0000
ROA not before: Tue 05 Aug 2025 19:22:00 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:38:b8:f1:c6:be:14:79:d3:be:98:f8:73:f7:19:c3:e5:fc:75:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:22:00 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=5444578ef6e8631bd6f20464f884e2d947fb050df2c0e4445bd9778f37bd8b51, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:24:7c:28:9c:ee:30:16:db:ac:a3:5e:d8:34:
42:31:97:de:2b:20:41:e1:cc:e4:6a:77:a7:76:75:
29:79:e0:7c:be:8a:9d:7e:b1:1d:60:cd:ca:cd:cd:
e7:65:38:77:7d:be:e4:8e:b8:ba:5f:ec:31:89:75:
a4:7e:a8:5d:11:71:13:54:43:ee:52:63:a0:cd:23:
66:0c:e1:78:ba:10:78:47:14:d4:2a:1d:a1:39:a0:
a6:09:f7:9c:ff:32:c8:e5:cd:ed:e7:18:ff:07:6d:
44:9d:b8:8b:e1:e1:1f:2c:1d:0d:ec:89:cc:2c:58:
d7:73:e8:59:4a:ee:48:de:51:52:8a:80:13:29:b2:
67:a4:62:5d:24:35:18:a9:e0:74:23:42:86:79:e5:
1b:26:02:2a:e6:f1:4c:6b:91:23:60:d7:da:f7:bf:
92:7f:5b:45:62:e6:83:37:8e:f4:01:ab:9f:07:cc:
6b:a3:f9:be:5b:d5:a9:95:d4:64:7e:d5:9f:04:a9:
e2:ab:7d:3a:dc:50:eb:d3:1b:56:49:32:8f:63:33:
d8:7b:1d:0c:10:13:0f:9c:f6:2e:9a:f6:cc:6f:12:
88:6b:4d:69:2d:77:d3:79:4a:1d:aa:3b:ee:16:12:
dc:88:df:8c:38:4c:de:97:27:72:49:c3:90:f5:85:
d3:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:15:44:A4:18:3B:14:77:F7:EE:14:26:E1:75:E2:93:61:BA:CA:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
60:33:4e:73:b7:ff:17:26:0e:1a:6a:18:4b:c8:8a:f2:a2:4a:
0e:68:4b:fa:dc:7a:55:61:37:d5:71:d1:0a:79:f7:58:9e:43:
bd:e9:f1:6c:30:e2:c9:f9:db:29:00:09:c1:4b:6d:36:cb:9b:
8a:8d:09:93:19:59:59:4a:31:78:67:16:50:9e:0b:93:86:02:
0b:f9:7a:d3:a4:b1:fd:51:9b:c8:ed:9f:22:22:68:2e:fa:c3:
c1:98:b8:c9:64:3e:e4:1e:98:b6:4e:72:80:16:16:de:30:ae:
e6:d7:3e:fc:4b:78:81:f8:1f:c1:87:50:7e:f2:24:ac:3d:a2:
3d:45:34:e9:e2:6d:93:5d:3c:8c:dd:ca:08:32:e6:7a:f0:fa:
ef:3d:fb:f7:44:6e:bc:64:30:3d:06:b9:3b:a8:8f:7b:d9:3e:
dd:75:9a:82:0c:17:20:c2:b4:eb:44:a1:62:63:05:e7:1d:c4:
74:9a:45:2d:43:d6:e4:39:0a:f4:f1:ea:57:ce:81:1c:ce:7a:
2b:54:e1:62:5f:3d:cf:ad:f2:34:de:4b:51:ed:ce:cc:9c:0c:
4b:74:ec:48:fd:9e:52:5a:57:0d:1f:e1:a6:13:34:24:06:72:
9f:bb:dc:8e:3b:d1:b3:f3:3b:40:83:16:61:76:33:35:43:c2:
d9:74:55:1f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNji48ca+FHnTvpj4c/cZw+X8dakwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIyMDBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0NDQ1NzhlZjZlODYzMWJkNmYyMDQ2NGY4ODRlMmQ5NDdmYjA1MGRmMmMw
ZTQ0NDViZDk3NzhmMzdiZDhiNTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4kfCic7jAW26yjXtg0QjGX3isgQeHM5Gp3p3Z1KXngfL6KnX6xHWDNys3N
52U4d32+5I64ul/sMYl1pH6oXRFxE1RD7lJjoM0jZgzheLoQeEcU1CodoTmgpgn3
nP8yyOXN7ecY/wdtRJ24i+HhHywdDeyJzCxY13PoWUruSN5RUoqAEymyZ6RiXSQ1
GKngdCNChnnlGyYCKubxTGuRI2DX2ve/kn9bRWLmgzeO9AGrnwfMa6P5vlvVqZXU
ZH7VnwSp4qt9OtxQ69MbVkkyj2Mz2HsdDBATD5z2Lpr2zG8SiGtNaS1303lKHao7
7hYS3IjfjDhM3pcncknDkPWF0wsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQuFUSk
GDsUd/fuFCbhdeKTYbrKPTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2QxMjllY2ItNTk3OC00MGZkLWFkYTgtNWFiMjdhZGNiNjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
wDANBgkqhkiG9w0BAQsFAAOCAQEAYDNOc7f/FyYOGmoYS8iK8qJKDmhL+tx6VWE3
1XHRCnn3WJ5DvenxbDDiyfnbKQAJwUttNsubio0JkxlZWUoxeGcWUJ4Lk4YCC/l6
06Sx/VGbyO2fIiJoLvrDwZi4yWQ+5B6Ytk5ygBYW3jCu5tc+/Et4gfgfwYdQfvIk
rD2iPUU06eJtk108jN3KCDLmevD67z3790RuvGQwPQa5O6iPe9k+3XWaggwXIMK0
60ShYmMF5x3EdJpFLUPW5DkK9PHqV86BHM56K1ThYl89z63yNN5LUe3OzJwMS3Ts
SP2eUlpXDR/hphM0JAZyn7vcjjvRs/M7QIMWYXYzNUPC2XRVHw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:10 2025 by rpki-client