Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa
File: d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa (raw, json)
Hash identifier: e2QtXUap6b2Smtkc9yJw/9fx/N6mv35VfIbl9v+fLrE=
Subject key identifier: 8D:97:E8:A4:45:FB:C7:26:E2:82:86:90:B4:06:B3:EC:44:DE:CE:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1674EF1325F23C6CF2F06E86208A551D34ACD3D1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa
Signing time: Sat 09 Aug 2025 00:20:07 +0000
ROA not before: Sat 09 Aug 2025 00:20:07 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01f::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:74:ef:13:25:f2:3c:6c:f2:f0:6e:86:20:8a:55:1d:34:ac:d3:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 9 00:20:07 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=e613ae5a1273697fa48fddf5fe15003aea5d1e3ba070ed942f2ab0019c449872, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:00:6b:2e:e4:34:37:08:6a:77:c1:98:df:70:
2d:57:ae:4d:af:fb:b5:26:11:38:85:59:34:a6:c1:
de:6a:79:4e:d0:04:9e:b0:01:2c:2f:9d:dd:7f:3c:
de:00:bb:0f:a3:97:2d:1b:96:8f:41:8c:eb:92:76:
bd:1a:06:97:a3:55:43:d2:7d:e8:4e:ac:b7:d5:dc:
79:df:da:89:92:9e:7c:0c:46:55:ca:b4:6a:ea:0d:
52:91:36:20:bc:9c:52:2c:11:d2:ba:5c:bf:70:99:
6b:82:6f:b3:fa:84:a9:76:46:24:4b:01:33:11:fa:
c2:83:6b:e1:5a:4a:89:ca:bb:45:f2:df:1b:61:7d:
99:44:4b:10:07:2f:99:55:7d:cf:ab:ef:2d:7b:aa:
97:1e:9e:79:ba:df:32:38:32:cd:de:cb:6b:4d:ac:
cb:21:84:9f:5e:c0:37:95:ca:af:31:92:42:33:f7:
d9:3b:92:bd:c8:93:f1:e2:21:d8:42:e5:84:67:21:
0e:0e:3e:34:81:60:a3:68:bd:a3:e3:d5:c3:f7:72:
58:04:73:54:07:30:b6:4e:d5:c3:1f:96:14:90:fe:
db:8b:e4:8a:ee:28:65:aa:ef:97:14:ec:25:e1:74:
81:50:7a:7f:4b:2a:42:b9:cf:4b:f1:75:eb:49:f5:
df:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:97:E8:A4:45:FB:C7:26:E2:82:86:90:B4:06:B3:EC:44:DE:CE:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2e5cd11-e33b-4080-91d5-f550f1d7a0b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01f::/37
Signature Algorithm: sha256WithRSAEncryption
78:92:15:81:9f:bc:09:c0:85:c1:73:76:7f:22:36:5c:c7:af:
83:1c:21:01:0c:ea:5a:8d:ca:a2:48:c9:82:db:bd:a3:fd:de:
53:f8:9c:95:16:bc:04:85:36:09:5f:61:cd:04:34:b1:20:09:
04:72:a9:36:8e:93:75:b1:0e:74:19:6b:f7:77:80:26:19:8a:
a8:db:35:77:09:74:06:b8:70:44:43:7c:9b:c0:b1:4d:ad:43:
5b:2f:95:94:3d:6c:4a:0a:63:48:28:83:c9:81:55:ba:81:db:
03:79:92:3d:0e:31:4a:3a:4e:6b:3a:bc:1c:c6:9d:55:9b:fa:
ca:59:10:84:67:20:0e:a0:8c:69:e6:db:f4:e3:b1:62:ca:71:
bd:99:2c:08:37:37:ef:b4:e3:6d:6d:64:2f:5d:e2:ff:6a:ad:
40:03:21:1b:db:d3:83:ca:45:32:78:31:ae:04:2f:71:98:9c:
38:c8:6c:d8:fd:bb:f4:bf:8b:12:21:9a:c1:8d:4d:a8:e4:d4:
74:c1:a8:48:a8:6d:5a:ab:2e:4a:3e:ad:52:4a:db:a7:15:4e:
33:2e:f2:07:50:8a:15:48:9e:de:ef:b4:9a:f2:89:a0:e9:0a:
2a:95:c7:4d:db:d7:94:12:f5:80:89:31:44:16:a0:62:d0:2e:
bc:9a:7a:ab
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFnTvEyXyPGzy8G6GIIpVHTSs09EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDkwMDIwMDdaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2MTNhZTVhMTI3MzY5N2ZhNDhmZGRmNWZlMTUwMDNhZWE1ZDFlM2JhMDcw
ZWQ5NDJmMmFiMDAxOWM0NDk4NzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEAay7kNDcIanfBmN9wLVeuTa/7tSYROIVZNKbB3mp5TtAEnrABLC+d3X88
3gC7D6OXLRuWj0GM65J2vRoGl6NVQ9J96E6st9Xced/aiZKefAxGVcq0auoNUpE2
ILycUiwR0rpcv3CZa4Jvs/qEqXZGJEsBMxH6woNr4VpKicq7RfLfG2F9mURLEAcv
mVV9z6vvLXuqlx6eebrfMjgyzd7La02syyGEn17AN5XKrzGSQjP32TuSvciT8eIh
2ELlhGchDg4+NIFgo2i9o+PVw/dyWARzVAcwtk7Vwx+WFJD+24vkiu4oZarvlxTs
JeF0gVB6f0sqQrnPS/F160n138MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSNl+ik
RfvHJuKChpC0BrPsRN7OXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDJlNWNkMTEtZTMzYi00MDgwLTkxZDUtZjU1MGYxZDdhMGI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B8A
MA0GCSqGSIb3DQEBCwUAA4IBAQB4khWBn7wJwIXBc3Z/IjZcx6+DHCEBDOpajcqi
SMmC272j/d5T+JyVFrwEhTYJX2HNBDSxIAkEcqk2jpN1sQ50GWv3d4AmGYqo2zV3
CXQGuHBEQ3ybwLFNrUNbL5WUPWxKCmNIKIPJgVW6gdsDeZI9DjFKOk5rOrwcxp1V
m/rKWRCEZyAOoIxp5tv047FiynG9mSwINzfvtONtbWQvXeL/aq1AAyEb29ODykUy
eDGuBC9xmJw4yGzY/bv0v4sSIZrBjU2o5NR0wahIqG1aqy5KPq1SStunFU4zLvIH
UIoVSJ7e77Sa8omg6QoqlcdN29eUEvWAiTFEFqBi0C68mnqr
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:17 2025 by rpki-client