Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
File: cda3712d-34a6-428d-a694-19bab377c44e.roa (raw, json)
Hash identifier: FIfBqEGkdp8dh67c1t23GXAyEaw6aLW6GmEoWUTukZo=
Subject key identifier: 23:E4:89:7E:A9:65:3C:B2:66:37:A7:61:F2:8C:0B:00:9A:46:9E:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79FB0B06C6DDB14BA15A85D4DCD5363C7B22AD60
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
Signing time: Tue 05 Aug 2025 20:10:24 +0000
ROA not before: Tue 05 Aug 2025 20:10:24 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:fb:0b:06:c6:dd:b1:4b:a1:5a:85:d4:dc:d5:36:3c:7b:22:ad:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:10:24 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=22e9b713d3b819c203b68916ff5522ba2f0bb2a098eecf9df0f35a465beeff6c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:90:3d:d2:8d:43:0a:58:51:05:4c:47:bd:b8:
e8:ff:ee:17:8e:e8:b8:71:7c:52:40:59:36:09:81:
3f:3d:eb:58:a6:e7:65:93:6a:d2:14:0f:b9:66:a4:
4a:63:d8:55:18:b7:71:aa:73:dd:66:fe:5f:80:24:
17:1d:7d:52:9a:65:22:d2:4a:e2:a5:35:4e:29:9c:
5d:2e:41:0f:5b:bb:19:14:e7:2c:01:97:2f:a9:42:
62:db:81:e3:7e:c3:c9:66:a8:65:bb:27:ca:3e:6c:
a9:1b:44:48:63:30:8b:e1:74:30:98:7b:a6:57:04:
18:b9:23:57:eb:63:86:2c:15:f2:96:c9:62:b0:39:
81:73:53:80:f2:bf:e8:e0:d5:7b:fc:fb:bf:49:0d:
70:fd:88:7a:fb:32:28:31:0a:85:f5:a8:73:2c:1d:
9d:90:a9:77:b9:9f:2a:a7:e5:ab:c5:f5:9c:6b:8a:
e5:61:3d:0a:f8:2e:3c:e8:1d:3a:50:b0:85:e4:05:
de:b3:7c:43:68:93:12:9c:e3:44:f1:a6:2d:cf:8d:
c3:33:eb:2e:15:17:a4:66:97:3b:73:14:41:a7:aa:
f6:a6:58:c0:a7:02:3d:25:50:85:58:27:82:43:01:
68:c8:6d:25:01:0f:3c:4b:8c:7c:ad:8d:d3:c0:ec:
79:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E4:89:7E:A9:65:3C:B2:66:37:A7:61:F2:8C:0B:00:9A:46:9E:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/38
Signature Algorithm: sha256WithRSAEncryption
6e:7b:f1:1b:5d:5b:46:90:a3:9b:2c:ef:c7:2a:11:a7:1f:85:
21:fc:0b:1f:9b:a1:36:23:5c:b4:5d:cb:85:dd:4a:bc:88:40:
a4:15:f1:93:77:35:b4:67:ae:3c:3e:b4:de:32:3c:78:ee:16:
21:04:8a:27:d4:dd:c6:23:35:3c:1c:21:2d:b5:93:48:44:b9:
e6:10:4c:10:21:67:b3:0e:f9:b1:a9:b9:1a:67:ca:8d:5a:3b:
3c:0c:a0:69:7d:22:16:a7:e3:81:4c:b1:cd:8b:9f:97:bf:d9:
63:62:5e:f0:bb:09:6f:96:72:f7:fb:d9:79:70:53:0c:0e:eb:
11:24:5d:a2:59:3f:68:cd:0e:4a:20:be:dd:78:85:1f:e8:1f:
6a:a6:ea:37:1b:84:b2:05:e4:a4:39:fe:ba:bd:db:69:9d:a8:
ce:a2:92:75:0b:e8:00:f4:e3:a6:69:42:2e:75:fc:c7:dc:dd:
48:b8:ae:3f:2c:af:7d:31:b8:69:33:21:bf:28:d6:c9:f7:ce:
7c:9a:ff:73:de:f7:7f:c3:58:f7:67:55:6b:1d:08:32:c6:a4:
75:06:5a:d1:c4:a1:41:fd:97:5e:13:cb:9b:73:bb:86:75:28:
24:98:6b:39:32:70:89:3d:7d:a1:e8:fb:dc:0e:4c:72:40:a4:
35:01:3b:44
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUefsLBsbdsUuhWoXU3NU2PHsirWAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDEwMjRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyZTliNzEzZDNiODE5YzIwM2I2ODkxNmZmNTUyMmJhMmYwYmIyYTA5OGVl
Y2Y5ZGYwZjM1YTQ2NWJlZWZmNmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIqQPdKNQwpYUQVMR7246P/uF47ouHF8UkBZNgmBPz3rWKbnZZNq0hQPuWak
SmPYVRi3capz3Wb+X4AkFx19UpplItJK4qU1TimcXS5BD1u7GRTnLAGXL6lCYtuB
437DyWaoZbsnyj5sqRtESGMwi+F0MJh7plcEGLkjV+tjhiwV8pbJYrA5gXNTgPK/
6ODVe/z7v0kNcP2IevsyKDEKhfWocywdnZCpd7mfKqflq8X1nGuK5WE9CvguPOgd
OlCwheQF3rN8Q2iTEpzjRPGmLc+NwzPrLhUXpGaXO3MUQaeq9qZYwKcCPSVQhVgn
gkMBaMhtJQEPPEuMfK2N08DseQkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQj5Il+
qWU8smY3p2HyjAsAmkaeATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RhMzcxMmQtMzRhNi00MjhkLWE2OTQtMTliYWIzNzdjNDRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQBue/EbXVtGkKObLO/HKhGnH4Uh/Asfm6E2I1y0
XcuF3Uq8iECkFfGTdzW0Z648PrTeMjx47hYhBIon1N3GIzU8HCEttZNIRLnmEEwQ
IWezDvmxqbkaZ8qNWjs8DKBpfSIWp+OBTLHNi5+Xv9ljYl7wuwlvlnL3+9l5cFMM
DusRJF2iWT9ozQ5KIL7deIUf6B9qpuo3G4SyBeSkOf66vdtpnajOopJ1C+gA9OOm
aUIudfzH3N1IuK4/LK99MbhpMyG/KNbJ9858mv9z3vd/w1j3Z1VrHQgyxqR1BlrR
xKFB/ZdeE8ubc7uGdSgkmGs5MnCJPX2h6PvcDkxyQKQ1ATtE
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:04 2025 by rpki-client