Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa
File: d62aaac2-f54a-4bc2-8155-22367e855165.roa (raw, json)
Hash identifier: McCt9C4fcjyvHFnporNlArKUMm9bCk2e45pALGCofSA=
Subject key identifier: FC:8A:8C:14:84:53:E3:21:BF:FD:F0:B4:D6:61:C2:1D:AE:64:32:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22899F1B1E2273AB0A8F2FBF24BD2ABBBC73AF2E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa
Signing time: Tue 05 Aug 2025 19:51:21 +0000
ROA not before: Tue 05 Aug 2025 19:51:21 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:89:9f:1b:1e:22:73:ab:0a:8f:2f:bf:24:bd:2a:bb:bc:73:af:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:51:21 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=78ada7fe82e103c8ab5acb0fdf1b5f318d633a27ad83dd3032abde0582b4aaa3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8a:11:8a:4b:51:bf:53:7e:40:5f:b8:c3:96:
ce:c6:f8:5d:54:03:73:38:2e:9e:d4:6d:84:31:06:
97:c8:36:f4:17:00:94:2c:22:78:1f:3c:64:24:2d:
2f:01:cc:32:e4:79:34:9b:65:57:17:21:18:72:70:
11:cf:9a:00:08:a1:22:97:77:90:a4:c6:72:34:7e:
b3:65:2e:01:ba:b0:ac:f2:6b:1e:85:d5:b1:d8:4c:
3d:dc:8a:fe:69:ca:61:74:ab:92:31:ff:c5:cf:bb:
b2:f1:33:5c:74:97:42:85:04:19:73:11:88:48:32:
c7:30:50:4f:74:1e:6a:8e:ff:79:88:65:f0:01:4f:
e1:1a:02:49:aa:a3:bb:91:55:47:b8:3e:0a:86:42:
96:47:4f:e3:19:09:3e:6d:17:aa:45:2c:58:3c:f9:
98:c6:dc:a3:4b:64:0d:fb:3d:42:87:c8:98:df:cd:
e5:69:13:b0:0c:9d:23:d2:60:dc:be:ca:c4:7c:c5:
f3:a2:21:51:8d:57:ff:46:7b:9e:88:dd:73:04:78:
5a:9c:c3:33:9c:bf:df:9b:49:af:ce:c0:0e:f2:15:
4a:63:6d:b8:3e:9c:8a:00:51:68:40:08:e5:33:80:
92:03:3e:3a:73:7d:b9:14:c2:c8:c5:01:12:66:fe:
9e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:8A:8C:14:84:53:E3:21:BF:FD:F0:B4:D6:61:C2:1D:AE:64:32:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d62aaac2-f54a-4bc2-8155-22367e855165.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:b000::/40
Signature Algorithm: sha256WithRSAEncryption
77:b6:34:72:8e:e5:06:a2:0a:4b:32:48:d5:75:0a:ef:a8:12:
84:ab:14:10:9e:0f:c4:14:4c:ad:86:88:86:70:aa:d1:44:99:
29:6f:b9:22:b8:19:e9:f6:a7:02:a5:cb:d2:a0:a6:0b:a5:fc:
b6:6d:4a:9c:23:c6:1e:d0:34:7e:f6:9b:75:63:d7:07:fb:c8:
08:c5:10:63:ff:fa:4e:90:8a:a7:fe:07:2f:a4:6e:c9:2c:98:
c5:34:60:8f:52:5e:b7:bc:16:15:35:63:09:3b:43:1d:b0:a8:
14:42:74:cf:de:8e:7f:51:5e:64:f2:e0:de:4c:ed:cc:62:1c:
f3:88:fd:68:90:0a:c2:7a:b0:a6:4e:0d:dc:37:fc:68:ca:5b:
59:b4:47:d6:2d:ef:fa:54:82:92:81:53:55:07:b2:a1:3a:4f:
1f:a7:35:57:aa:2c:f7:f6:76:15:2f:59:01:3a:00:f7:52:e9:
82:3a:db:68:dd:1e:eb:77:6a:e7:77:03:10:2c:e8:fb:e5:93:
d5:73:b9:62:79:59:f9:e0:1c:ce:07:33:c6:b1:79:4c:46:83:
f2:81:33:e4:95:ee:8b:3c:0b:44:b1:0b:db:10:93:ff:ac:f0:
79:94:b6:c7:50:3c:62:e6:d6:f3:c2:06:2c:fa:dc:31:88:ec:
8c:40:15:13
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIomfGx4ic6sKjy+/JL0qu7xzry4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUxMjFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4YWRhN2ZlODJlMTAzYzhhYjVhY2IwZmRmMWI1ZjMxOGQ2MzNhMjdhZDgz
ZGQzMDMyYWJkZTA1ODJiNGFhYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6KEYpLUb9TfkBfuMOWzsb4XVQDczguntRthDEGl8g29BcAlCwieB88ZCQt
LwHMMuR5NJtlVxchGHJwEc+aAAihIpd3kKTGcjR+s2UuAbqwrPJrHoXVsdhMPdyK
/mnKYXSrkjH/xc+7svEzXHSXQoUEGXMRiEgyxzBQT3Qeao7/eYhl8AFP4RoCSaqj
u5FVR7g+CoZClkdP4xkJPm0XqkUsWDz5mMbco0tkDfs9QofImN/N5WkTsAydI9Jg
3L7KxHzF86IhUY1X/0Z7nojdcwR4WpzDM5y/35tJr87ADvIVSmNtuD6cigBRaEAI
5TOAkgM+OnN9uRTCyMUBEmb+ngECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT8iowU
hFPjIb/98LTWYcIdrmQytDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDYyYWFhYzItZjU0YS00YmMyLTgxNTUtMjIzNjdlODU1MTY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKw
MA0GCSqGSIb3DQEBCwUAA4IBAQB3tjRyjuUGogpLMkjVdQrvqBKEqxQQng/EFEyt
hoiGcKrRRJkpb7kiuBnp9qcCpcvSoKYLpfy2bUqcI8Ye0DR+9pt1Y9cH+8gIxRBj
//pOkIqn/gcvpG7JLJjFNGCPUl63vBYVNWMJO0MdsKgUQnTP3o5/UV5k8uDeTO3M
YhzziP1okArCerCmTg3cN/xoyltZtEfWLe/6VIKSgVNVB7KhOk8fpzVXqiz39nYV
L1kBOgD3UumCOtto3R7rd2rndwMQLOj75ZPVc7lieVn54BzOBzPGsXlMRoPygTPk
le6LPAtEsQvbEJP/rPB5lLbHUDxi5tbzwgYs+twxiOyMQBUT
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:56 2025 by rpki-client