Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa
File: ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa (raw, json)
Hash identifier: 4nOL9d3Qe6wCpBDAWcHLpl5XCZh7jYF/mmDDpXhHDls=
Subject key identifier: BD:07:85:B1:AC:25:E0:E1:FB:E9:90:68:91:A3:9D:CC:2B:52:5C:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7204BD2236AE1BAD4CC154EF8C292DC92B5CD907
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa
Signing time: Tue 05 Aug 2025 19:30:47 +0000
ROA not before: Tue 05 Aug 2025 19:30:47 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:04:bd:22:36:ae:1b:ad:4c:c1:54:ef:8c:29:2d:c9:2b:5c:d9:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:30:47 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=a33c0cf5b13d425015b0d618515c2ead137a66af24ad153d2d1909f0fbb10150, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:90:7c:da:78:78:81:7c:61:4f:ba:c6:c2:7c:
3a:47:20:e2:ae:2b:9c:17:9f:e4:2d:1b:dc:58:fc:
40:66:b9:41:b8:d0:cf:4f:34:c0:b1:de:a2:9d:af:
67:3f:c1:f3:08:85:da:6d:02:81:ab:2a:53:fc:c1:
9a:8b:01:31:3c:c3:4a:11:31:c7:0e:ef:d2:a7:0a:
74:99:b2:c4:88:97:21:78:43:56:ff:04:ff:95:26:
04:bb:80:55:80:d8:32:3a:25:be:44:fa:6b:e1:9a:
e8:c8:dc:66:18:14:aa:68:c9:7b:d3:8c:30:a7:75:
b8:39:35:4b:f7:0f:97:e9:47:38:a7:cf:4d:26:97:
e0:87:60:37:18:9b:3b:77:10:3d:df:6a:78:d7:f0:
d1:32:c0:a2:33:a1:04:23:e0:2a:3a:23:1b:78:e0:
46:0a:8c:ab:0d:78:ae:6c:ca:53:93:a0:9f:d8:f6:
33:63:d7:1d:d1:11:fc:2b:14:2f:17:62:35:3a:a5:
94:9f:2e:11:9f:74:86:e4:f9:21:68:2b:be:40:bc:
82:67:dd:a2:7d:ae:53:f3:d1:c0:a4:7c:57:bd:1c:
b1:34:f8:cb:68:1a:06:f0:5e:8b:c7:55:1e:31:30:
d3:b1:08:69:e4:92:4a:cc:14:61:43:30:68:61:63:
45:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:07:85:B1:AC:25:E0:E1:FB:E9:90:68:91:A3:9D:CC:2B:52:5C:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce577ba2-d2ac-4e2a-a4f9-ea37e9d56903.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:2000::/40
Signature Algorithm: sha256WithRSAEncryption
30:19:a2:57:58:1a:d2:f2:50:22:cb:a9:54:f3:ac:a3:6b:cd:
5a:94:68:1c:d8:01:4c:e1:b2:a6:0b:a6:09:c9:69:1c:1f:a0:
bd:7d:a6:04:a9:57:7e:05:e2:42:0f:05:c4:0b:e1:b0:a8:2e:
1d:a0:14:c9:db:e2:38:fa:c5:ea:b4:fb:01:2f:98:bb:c1:4b:
81:66:41:65:6f:a3:1f:00:1a:58:d8:e1:8f:46:a3:a5:64:a7:
09:98:7f:30:fe:0c:e2:da:39:cb:2f:9d:de:68:95:e9:77:91:
e9:24:4c:a4:44:b8:01:16:54:2f:bf:f3:4e:36:09:f2:c0:58:
5b:7a:cb:9d:ca:6d:86:3c:11:51:8b:d7:13:50:f5:65:50:c9:
f0:a8:32:83:8c:dc:60:61:c6:39:c6:ee:80:59:3a:fb:aa:60:
45:35:2d:a7:56:cd:e0:d8:5b:15:2d:d4:93:55:b0:99:27:78:
33:5a:e9:1c:76:44:a4:80:b0:49:58:be:1b:98:fe:15:66:89:
86:e9:b5:14:cf:ff:14:a7:a3:f1:ee:d2:c7:11:ff:3b:f3:33:
42:1d:d5:a5:c5:e0:74:bc:d9:c3:35:6b:9b:7b:a1:54:8f:52:
0e:06:62:28:72:2e:38:6b:00:c8:f7:81:b6:e7:d0:12:a0:3e:
1c:cf:ea:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcgS9IjauG61MwVTvjCktyStc2QcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMwNDdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzM2MwY2Y1YjEzZDQyNTAxNWIwZDYxODUxNWMyZWFkMTM3YTY2YWYyNGFk
MTUzZDJkMTkwOWYwZmJiMTAxNTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJqQfNp4eIF8YU+6xsJ8Okcg4q4rnBef5C0b3Fj8QGa5QbjQz080wLHeop2v
Zz/B8wiF2m0CgasqU/zBmosBMTzDShExxw7v0qcKdJmyxIiXIXhDVv8E/5UmBLuA
VYDYMjolvkT6a+Ga6MjcZhgUqmjJe9OMMKd1uDk1S/cPl+lHOKfPTSaX4IdgNxib
O3cQPd9qeNfw0TLAojOhBCPgKjojG3jgRgqMqw14rmzKU5Ogn9j2M2PXHdER/CsU
LxdiNTqllJ8uEZ90huT5IWgrvkC8gmfdon2uU/PRwKR8V70csTT4y2gaBvBei8dV
HjEw07EIaeSSSswUYUMwaGFjRccCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS9B4Wx
rCXg4fvpkGiRo53MK1JcSzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2U1NzdiYTItZDJhYy00ZTJhLWE0ZjktZWEzN2U5ZDU2OTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G0g
MA0GCSqGSIb3DQEBCwUAA4IBAQAwGaJXWBrS8lAiy6lU86yja81alGgc2AFM4bKm
C6YJyWkcH6C9faYEqVd+BeJCDwXEC+GwqC4doBTJ2+I4+sXqtPsBL5i7wUuBZkFl
b6MfABpY2OGPRqOlZKcJmH8w/gzi2jnLL53eaJXpd5HpJEykRLgBFlQvv/NONgny
wFhbesudym2GPBFRi9cTUPVlUMnwqDKDjNxgYcY5xu6AWTr7qmBFNS2nVs3g2FsV
LdSTVbCZJ3gzWukcdkSkgLBJWL4bmP4VZomG6bUUz/8Up6Px7tLHEf878zNCHdWl
xeB0vNnDNWube6FUj1IOBmIoci44awDI94G259ASoD4cz+qe
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:57 2025 by rpki-client