Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
File: d6931f13-0c44-4edc-b1b7-89dc8e035321.roa (raw, json)
Hash identifier: TyvT8YQQzF+klaPJdVtKIiwxsBG6GbTsqwPHUHyLaVo=
Subject key identifier: 67:CC:6A:E7:8B:0F:85:EC:F2:84:21:4D:D5:52:AC:BF:14:68:00:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 475B03EA60DEE074458C1BC3724804EEFA1096EE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
Signing time: Tue 05 Aug 2025 20:01:25 +0000
ROA not before: Tue 05 Aug 2025 20:01:25 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:5b:03:ea:60:de:e0:74:45:8c:1b:c3:72:48:04:ee:fa:10:96:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:01:25 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=9632075738e383bfceac2946ef6371186ae7b0cf5f67ddfc5e279d62d9a1f031, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:77:4f:61:63:7d:8e:02:ba:d7:71:3f:cc:09:
45:30:46:ea:da:b5:7a:b4:55:5c:90:0f:76:56:d9:
bc:6a:11:b8:ff:12:99:2c:f3:e2:89:4d:61:21:71:
74:ae:61:2e:d5:21:b4:a1:3d:c3:af:fd:5d:5f:f0:
51:68:e9:59:8d:92:45:64:90:3e:eb:02:d0:e5:f0:
fa:3b:5e:fb:ec:eb:34:72:ef:be:44:51:2a:15:52:
75:f1:8b:d1:3e:be:a5:7e:36:e2:72:ad:de:db:b7:
a8:55:9f:78:2e:2f:2a:c8:27:6d:0b:e8:c1:1c:3d:
c1:bf:75:d1:5b:ac:fb:34:b8:cb:ee:59:46:00:be:
64:95:2d:eb:80:11:f3:42:c2:ec:81:27:02:0c:51:
bf:77:d8:16:24:53:68:23:c8:89:59:21:7d:f6:54:
03:72:f1:4b:58:a4:73:ac:6a:e8:b9:ec:c4:07:e7:
e3:7f:b3:dc:36:72:d5:3e:e3:95:41:0a:97:1d:b4:
b6:1e:ca:a7:3b:94:3f:14:88:35:c7:45:71:09:19:
c3:71:f5:f0:c4:8b:2c:4d:3d:bc:30:ab:b1:08:39:
5a:9a:75:d0:cd:d4:5e:28:fc:11:0b:05:34:74:d6:
b2:90:e3:f4:51:3a:86:5e:b7:1f:26:71:2d:ce:7d:
32:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:CC:6A:E7:8B:0F:85:EC:F2:84:21:4D:D5:52:AC:BF:14:68:00:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058::/32
Signature Algorithm: sha256WithRSAEncryption
82:ff:28:d6:7f:a2:27:00:2d:34:01:27:c1:f6:44:fe:cb:e2:
1d:8d:0f:07:0d:0e:5e:bc:d6:36:f4:62:93:79:2a:68:f7:e3:
fa:91:d8:8e:86:43:4c:9c:42:32:52:8b:19:4a:cd:8b:b8:b6:
34:54:9f:00:5b:71:bc:45:88:1a:82:d5:4d:e9:25:57:ec:0d:
9e:e5:a0:b4:12:6b:f8:af:14:dd:b5:26:be:26:58:71:d4:31:
57:f6:5c:bb:cd:2b:38:71:18:27:5c:78:39:ed:6e:88:fc:f4:
9f:2d:5d:59:42:03:c6:c7:91:8f:94:34:f1:bd:f7:fd:a4:cc:
fb:e1:81:47:3a:54:9a:5e:ca:c6:a5:65:89:a9:82:41:d3:2c:
06:48:a9:70:5e:33:41:6a:7d:69:e9:27:50:08:6d:21:82:ee:
b8:29:2f:c5:3e:97:9a:6c:5b:df:b1:4c:f1:74:55:2c:2e:63:
68:74:5b:f2:c1:3e:4d:9a:40:58:4d:74:69:18:dc:35:4b:66:
ee:56:85:8d:c9:30:63:c8:0f:90:67:04:ba:70:73:9c:19:92:
2d:ee:bf:6a:da:e3:51:cc:7e:6a:ef:c6:25:ec:7d:3d:1c:b6:
49:e5:71:88:eb:60:41:a2:44:4f:0d:55:ae:b5:13:8b:df:24:
f5:f5:fd:b4
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUR1sD6mDe4HRFjBvDckgE7voQlu4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAxMjVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2MzIwNzU3MzhlMzgzYmZjZWFjMjk0NmVmNjM3MTE4NmFlN2IwY2Y1ZjY3
ZGRmYzVlMjc5ZDYyZDlhMWYwMzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJt3T2FjfY4CutdxP8wJRTBG6tq1erRVXJAPdlbZvGoRuP8SmSzz4olNYSFx
dK5hLtUhtKE9w6/9XV/wUWjpWY2SRWSQPusC0OXw+jte++zrNHLvvkRRKhVSdfGL
0T6+pX424nKt3tu3qFWfeC4vKsgnbQvowRw9wb910Vus+zS4y+5ZRgC+ZJUt64AR
80LC7IEnAgxRv3fYFiRTaCPIiVkhffZUA3LxS1ikc6xq6LnsxAfn43+z3DZy1T7j
lUEKlx20th7KpzuUPxSINcdFcQkZw3H18MSLLE09vDCrsQg5Wpp10M3UXij8EQsF
NHTWspDj9FE6hl63HyZxLc59Mr8CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRnzGrn
iw+F7PKEIU3VUqy/FGgA4jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDY5MzFmMTMtMGM0NC00ZWRjLWIxYjctODlkYzhlMDM1MzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Fgw
DQYJKoZIhvcNAQELBQADggEBAIL/KNZ/oicALTQBJ8H2RP7L4h2NDwcNDl681jb0
YpN5Kmj34/qR2I6GQ0ycQjJSixlKzYu4tjRUnwBbcbxFiBqC1U3pJVfsDZ7loLQS
a/ivFN21Jr4mWHHUMVf2XLvNKzhxGCdceDntboj89J8tXVlCA8bHkY+UNPG99/2k
zPvhgUc6VJpeysalZYmpgkHTLAZIqXBeM0FqfWnpJ1AIbSGC7rgpL8U+l5psW9+x
TPF0VSwuY2h0W/LBPk2aQFhNdGkY3DVLZu5WhY3JMGPID5BnBLpwc5wZki3uv2ra
41HMfmrvxiXsfT0ctknlcYjrYEGiRE8NVa61E4vfJPX1/bQ=
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:41 2025 by rpki-client