Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa
File: d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa (raw, json)
Hash identifier: pCVyluX4DyHZRa7dEmKV3wOfZaRjFd20RvLc6P6pvco=
Subject key identifier: CB:25:A5:3C:5D:AD:85:18:DB:1C:F1:56:08:49:36:0E:C8:7A:3D:D9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1184CB7AF1EDD9DC5465EFF1D00B0CF58781401A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa
Signing time: Sat 09 Aug 2025 00:20:08 +0000
ROA not before: Sat 09 Aug 2025 00:20:08 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02f::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:84:cb:7a:f1:ed:d9:dc:54:65:ef:f1:d0:0b:0c:f5:87:81:40:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 9 00:20:08 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=21992690bc32457ec0d7345df4e8210bf40d25cdd5ae65a03642b12d2ac2f09d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2e:1b:da:ba:77:d2:d6:57:94:d2:90:0a:43:
77:ba:ed:e7:57:b7:fc:43:e1:cb:26:51:9b:ce:4c:
e9:37:94:47:50:61:a9:1f:f8:e6:52:b2:2b:98:42:
2c:14:94:45:51:7b:90:f9:19:8d:64:7a:79:bb:7a:
ae:e3:dd:82:6a:a4:12:b3:39:08:2e:df:1c:4f:b1:
08:0f:76:ed:32:ec:e2:13:22:55:f0:b3:6f:b7:94:
39:fe:41:76:1e:e2:ff:76:0b:d2:03:41:8f:4f:96:
35:9e:b0:65:99:9b:e5:ce:b3:d0:2b:d3:fa:f5:73:
35:e4:0f:29:4f:2e:cc:f4:3c:8a:5b:d1:e9:06:df:
08:7b:9c:eb:9c:95:7a:13:e6:42:2f:ae:b3:7a:05:
1e:e9:1b:1f:9a:4b:f9:43:51:9d:d1:9a:69:8d:99:
a0:86:d7:2d:4a:2a:f7:3f:c4:17:95:31:6c:87:9e:
07:2f:5f:91:4c:90:5f:55:f6:4a:a0:f6:07:8f:0a:
49:e9:5d:23:f6:04:ec:ff:f2:77:1a:bd:e7:b9:1a:
95:ae:f7:fa:16:7b:b0:ea:88:33:69:3a:0c:19:db:
1a:f1:c9:21:9e:c5:93:1e:87:76:68:c7:45:97:69:
fd:4d:2b:e2:84:7a:30:d6:a6:74:d6:02:d1:97:c6:
ae:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:25:A5:3C:5D:AD:85:18:DB:1C:F1:56:08:49:36:0E:C8:7A:3D:D9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2cf476c-9f39-4ea8-a6d5-79a82c4a4dfa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02f::/37
Signature Algorithm: sha256WithRSAEncryption
bc:75:3c:ae:f8:29:cd:25:94:1e:8c:2f:f3:94:40:4b:f4:1f:
12:1a:bb:be:14:47:88:14:52:ea:29:c9:15:3f:cc:c7:74:76:
f0:35:a8:38:75:4a:06:a5:ba:ec:7e:a6:6e:71:c0:e9:93:d3:
89:0c:62:a7:82:96:ad:c1:82:b5:c2:67:30:e8:ae:8d:b3:ce:
84:03:ac:4d:be:90:e2:3f:f5:15:77:89:38:fb:55:85:1a:a7:
cb:37:43:6d:a5:62:94:76:7a:db:53:85:c7:61:ed:c5:43:0f:
89:67:c6:a0:07:4b:ea:ea:8f:1b:69:e8:02:46:62:be:9f:c6:
b6:00:43:3f:5e:92:06:99:7d:2d:1a:00:78:b5:9f:39:6c:9c:
bc:c2:e7:c9:79:61:25:70:89:a0:70:1b:5c:a7:b0:2c:5e:ec:
1b:d1:8e:d0:44:66:99:5c:2a:ce:45:af:a0:f0:34:1b:d7:59:
e2:c1:97:46:ea:b2:8f:2d:61:8f:24:23:8a:8c:48:42:d5:18:
19:2b:df:d2:74:69:36:93:d2:d0:dd:13:66:2e:f0:64:ce:06:
90:6a:4e:e9:b6:a2:73:ce:c6:26:9f:af:0c:98:e3:1e:da:73:
bc:9f:b4:a5:5f:91:74:e4:74:0d:63:fb:72:6a:de:59:15:8f:
87:4d:a4:a2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEYTLevHt2dxUZe/x0AsM9YeBQBowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDkwMDIwMDhaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxOTkyNjkwYmMzMjQ1N2VjMGQ3MzQ1ZGY0ZTgyMTBiZjQwZDI1Y2RkNWFl
NjVhMDM2NDJiMTJkMmFjMmYwOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4uG9q6d9LWV5TSkApDd7rt51e3/EPhyyZRm85M6TeUR1BhqR/45lKyK5hC
LBSURVF7kPkZjWR6ebt6ruPdgmqkErM5CC7fHE+xCA927TLs4hMiVfCzb7eUOf5B
dh7i/3YL0gNBj0+WNZ6wZZmb5c6z0CvT+vVzNeQPKU8uzPQ8ilvR6QbfCHuc65yV
ehPmQi+us3oFHukbH5pL+UNRndGaaY2ZoIbXLUoq9z/EF5UxbIeeBy9fkUyQX1X2
SqD2B48KSeldI/YE7P/ydxq957kala73+hZ7sOqIM2k6DBnbGvHJIZ7Fkx6HdmjH
RZdp/U0r4oR6MNamdNYC0ZfGrnUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTLJaU8
Xa2FGNsc8VYISTYOyHo92TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDJjZjQ3NmMtOWYzOS00ZWE4LWE2ZDUtNzlhODJjNGE0ZGZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0C8A
MA0GCSqGSIb3DQEBCwUAA4IBAQC8dTyu+CnNJZQejC/zlEBL9B8SGru+FEeIFFLq
KckVP8zHdHbwNag4dUoGpbrsfqZuccDpk9OJDGKngpatwYK1wmcw6K6Ns86EA6xN
vpDiP/UVd4k4+1WFGqfLN0NtpWKUdnrbU4XHYe3FQw+JZ8agB0vq6o8baegCRmK+
n8a2AEM/XpIGmX0tGgB4tZ85bJy8wufJeWElcImgcBtcp7AsXuwb0Y7QRGaZXCrO
Ra+g8DQb11niwZdG6rKPLWGPJCOKjEhC1RgZK9/SdGk2k9LQ3RNmLvBkzgaQak7p
tqJzzsYmn68MmOMe2nO8n7SlX5F05HQNY/tyat5ZFY+HTaSi
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:12 2025 by rpki-client