Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6d93bd5-1d52-4263-8712-a4d5b929470f.roa
File: d6d93bd5-1d52-4263-8712-a4d5b929470f.roa (raw, json)
Hash identifier: vc8+nCHj0tyJn/roIDbX3kz14sQ2A67qBpuldBAyoLE=
Subject key identifier: 0B:90:52:AB:4D:3D:FE:67:CC:A3:AA:92:92:20:D3:1B:88:38:A5:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52EFCB9F31AE46B440A21F7E0CBCC2F2C9012514
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6d93bd5-1d52-4263-8712-a4d5b929470f.roa
Signing time: Fri 22 Aug 2025 15:11:11 +0000
ROA not before: Fri 22 Aug 2025 15:11:11 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:ef:cb:9f:31:ae:46:b4:40:a2:1f:7e:0c:bc:c2:f2:c9:01:25:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:11:11 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=19d6c968e17504b49b9e4178672b3fe1a232b9bd11bdb0bc82ee73a924b5a0eb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e2:4e:62:da:40:b9:f9:a0:9c:62:39:aa:fc:
72:79:ec:08:4d:6f:88:04:8a:8a:a4:c9:90:cd:da:
90:e7:fc:63:20:28:da:d8:87:3c:bc:2e:66:31:ef:
64:98:eb:00:7a:f0:45:37:ef:3c:cd:3b:38:87:23:
5d:d7:48:2c:0a:0c:9c:e7:78:f4:a9:53:b3:73:54:
dd:a4:cc:8b:bb:49:70:82:c7:a1:aa:0b:41:19:80:
51:4f:32:8f:30:9a:ec:b6:49:b8:51:db:0f:1b:99:
1c:1c:b6:1a:95:64:dd:dd:f2:93:75:87:5c:21:ca:
45:0d:21:a5:ca:cb:35:90:7e:1a:02:c2:fe:18:3b:
4c:4f:b1:e9:d4:5f:00:68:1b:a4:9f:62:53:3b:d0:
76:a0:fd:ef:74:ba:e3:8d:9f:78:e5:cf:8b:9e:b9:
86:de:3a:37:96:1f:fc:ae:fb:80:2a:2a:a7:34:86:
a9:5b:2e:01:34:b2:17:79:d7:7d:76:a1:8d:02:e3:
53:3e:47:6c:3f:6f:fa:ad:ca:dd:21:e8:37:55:c1:
53:75:89:ad:2a:70:9a:dc:bb:95:40:f5:26:49:82:
64:1d:e8:65:74:d3:a8:bd:fd:a1:d1:da:fb:df:ce:
be:b8:64:cd:7e:18:34:48:f6:2f:9f:8b:11:25:b7:
09:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:90:52:AB:4D:3D:FE:67:CC:A3:AA:92:92:20:D3:1B:88:38:A5:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6d93bd5-1d52-4263-8712-a4d5b929470f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:4000::/40
Signature Algorithm: sha256WithRSAEncryption
bb:b9:cc:97:61:c9:01:e4:fe:b5:ae:5c:b3:88:04:28:28:0f:
1c:ee:27:d1:43:08:f5:0d:b6:c0:df:ba:91:d4:cc:75:e0:94:
4f:f4:a3:b2:eb:aa:e6:3c:c1:7d:8e:32:bc:0f:29:41:a8:1d:
d9:be:24:86:89:cb:dd:39:6c:6c:f8:b3:7e:8e:05:e7:ef:88:
b7:a1:05:b9:9a:2f:7f:90:a3:21:f6:ab:a8:d9:95:6b:9c:94:
bb:f1:5a:81:8f:0f:b9:b2:31:e2:07:22:9a:8b:e8:04:33:d5:
ba:b5:eb:90:d6:0d:f3:29:d1:94:09:2e:c3:a8:e7:50:bb:b2:
06:d0:57:90:a4:d1:17:f3:29:1e:d6:1e:73:57:27:93:5e:c3:
20:e1:16:40:7e:f1:6b:d5:f6:1a:eb:b2:c8:a8:0a:2a:52:e5:
82:cd:f1:e4:53:ef:41:62:00:01:8a:85:e2:4a:0d:bc:81:a9:
fe:a5:c5:5a:cf:e8:a9:7f:f3:9b:33:ce:fc:24:4a:9b:fc:a9:
84:e0:df:88:99:22:f3:85:76:87:6a:cd:46:ad:01:42:07:4a:
07:24:58:d6:42:56:bd:a1:92:a2:57:d8:a0:6f:2a:f0:4b:21:
ef:83:ff:cf:31:68:20:41:9a:cc:c2:f6:29:f0:13:e0:47:39:
30:ac:d3:be
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUu/LnzGuRrRAoh9+DLzC8skBJRQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTExMTFaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5ZDZjOTY4ZTE3NTA0YjQ5YjllNDE3ODY3MmIzZmUxYTIzMmI5YmQxMWJk
YjBiYzgyZWU3M2E5MjRiNWEwZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbiTmLaQLn5oJxiOar8cnnsCE1viASKiqTJkM3akOf8YyAo2tiHPLwuZjHv
ZJjrAHrwRTfvPM07OIcjXddILAoMnOd49KlTs3NU3aTMi7tJcILHoaoLQRmAUU8y
jzCa7LZJuFHbDxuZHBy2GpVk3d3yk3WHXCHKRQ0hpcrLNZB+GgLC/hg7TE+x6dRf
AGgbpJ9iUzvQdqD973S6442feOXPi565ht46N5Yf/K77gCoqpzSGqVsuATSyF3nX
fXahjQLjUz5HbD9v+q3K3SHoN1XBU3WJrSpwmty7lUD1JkmCZB3oZXTTqL39odHa
+9/OvrhkzX4YNEj2L5+LESW3CQECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQLkFKr
TT3+Z8yjqpKSINMbiDilmjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDZkOTNiZDUtMWQ1Mi00MjYzLTg3MTItYTRkNWI5Mjk0NzBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRA
MA0GCSqGSIb3DQEBCwUAA4IBAQC7ucyXYckB5P61rlyziAQoKA8c7ifRQwj1DbbA
37qR1Mx14JRP9KOy66rmPMF9jjK8DylBqB3ZviSGicvdOWxs+LN+jgXn74i3oQW5
mi9/kKMh9quo2ZVrnJS78VqBjw+5sjHiByKai+gEM9W6teuQ1g3zKdGUCS7DqOdQ
u7IG0FeQpNEX8yke1h5zVyeTXsMg4RZAfvFr1fYa67LIqAoqUuWCzfHkU+9BYgAB
ioXiSg28gan+pcVaz+ipf/ObM878JEqb/KmE4N+ImSLzhXaHas1GrQFCB0oHJFjW
Qla9oZKiV9igbyrwSyHvg//PMWggQZrMwvYp8BPgRzkwrNO+
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:08 2025 by rpki-client