Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
File: d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa (raw, json)
Hash identifier: Yw3MwMkCPzNB6OI/NRKSEwt/++wFBFJtYOvtUSJ6mNg=
Subject key identifier: EC:78:46:CC:EF:74:D9:B8:85:6E:1F:6C:1D:06:01:A2:FE:68:AF:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71436970244427EB5D406DED4D880DD366462A18
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
Signing time: Tue 05 Aug 2025 20:20:10 +0000
ROA not before: Tue 05 Aug 2025 20:20:10 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d024::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:43:69:70:24:44:27:eb:5d:40:6d:ed:4d:88:0d:d3:66:46:2a:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:20:10 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=ea7e74d2b072f678809736d2e85c95832eeae0547931412a4dc0dd752268a2a4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e3:1c:a0:93:ca:c4:98:a4:0e:8d:dd:83:1a:
39:7c:94:e3:30:db:9d:47:2f:a1:e0:f8:bb:48:86:
40:0c:9a:37:e5:74:0e:ef:38:a5:0d:10:13:cc:f4:
bb:7a:f1:87:13:9e:3a:84:7f:25:1b:72:d3:40:84:
56:87:3d:a6:c4:27:21:86:89:84:1a:4c:c6:a0:67:
8b:ff:91:e8:b2:13:54:6b:10:24:95:f8:99:9a:c0:
fc:2a:84:32:28:64:4a:31:6b:c6:62:2b:10:0f:f2:
ea:2e:96:71:f9:d6:cb:51:e0:12:58:a9:c9:60:64:
65:d3:2f:fe:cf:e2:29:0b:4a:13:e4:14:a9:77:d1:
48:46:d0:16:11:de:67:6a:ab:83:7f:eb:6f:3a:53:
19:ab:e3:2e:43:c0:ea:d5:12:f0:f4:1c:e0:d7:91:
0f:80:82:71:6c:bd:06:e9:81:48:df:31:22:dd:37:
0f:c8:e2:9b:db:78:7c:86:a2:b1:f9:21:f3:be:7a:
4b:76:73:aa:64:67:04:fd:0e:00:80:d1:b5:9f:a4:
32:6c:fb:2c:0f:a7:8d:30:14:07:4b:f1:0b:ad:01:
ad:f4:a3:27:8a:f7:f9:0c:c0:dc:77:34:7b:64:f8:
75:e3:6b:33:b8:92:eb:1b:35:2a:7c:c3:3a:bb:80:
a5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:78:46:CC:EF:74:D9:B8:85:6E:1F:6C:1D:06:01:A2:FE:68:AF:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d024::/36
Signature Algorithm: sha256WithRSAEncryption
47:00:36:d7:a1:6b:72:a3:2c:14:d0:49:60:de:91:08:b5:e2:
de:72:fc:82:5e:23:b0:bf:d3:3e:61:9b:71:f1:40:ea:67:ca:
8d:c2:c6:91:cf:43:b7:28:c6:ed:c8:ec:8e:a2:31:f0:f3:81:
d0:7b:10:d0:7a:d6:36:bf:2e:45:63:86:0a:5b:bb:82:d9:03:
a1:8d:90:ef:a7:32:0b:d6:a5:78:57:72:57:b5:f4:eb:2e:7b:
14:c8:f3:6c:90:2d:36:e6:ce:44:ae:87:82:b2:be:c8:a0:27:
a8:f4:04:96:54:e5:10:3d:95:2f:de:37:11:78:cd:4a:30:4d:
d0:3b:ac:fd:d8:30:e8:7e:5d:01:aa:5a:05:9d:7e:25:9d:e7:
49:4c:1b:14:f9:14:78:af:73:bd:5d:fb:cc:cb:ac:70:e8:20:
06:bd:67:37:45:0b:bb:4d:a6:40:00:dd:7e:24:9e:0d:a1:c3:
a6:72:59:25:b9:8b:51:08:d1:07:1c:08:b0:5b:34:08:ea:b5:
4b:93:b5:ad:dc:45:91:0d:ef:00:f1:10:2c:52:11:74:26:c2:
91:57:cc:b2:9b:6b:79:85:e6:b0:46:40:31:61:d3:02:50:71:
7e:03:ef:22:77:bb:42:19:2a:ba:c6:b1:4b:a1:51:0e:6d:3c:
e4:dc:e7:9d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcUNpcCREJ+tdQG3tTYgN02ZGKhgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDIwMTBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhN2U3NGQyYjA3MmY2Nzg4MDk3MzZkMmU4NWM5NTgzMmVlYWUwNTQ3OTMx
NDEyYTRkYzBkZDc1MjI2OGEyYTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDjHKCTysSYpA6N3YMaOXyU4zDbnUcvoeD4u0iGQAyaN+V0Du84pQ0QE8z0
u3rxhxOeOoR/JRty00CEVoc9psQnIYaJhBpMxqBni/+R6LITVGsQJJX4mZrA/CqE
MihkSjFrxmIrEA/y6i6WcfnWy1HgElipyWBkZdMv/s/iKQtKE+QUqXfRSEbQFhHe
Z2qrg3/rbzpTGavjLkPA6tUS8PQc4NeRD4CCcWy9BumBSN8xIt03D8jim9t4fIai
sfkh8756S3ZzqmRnBP0OAIDRtZ+kMmz7LA+njTAUB0vxC60BrfSjJ4r3+QzA3Hc0
e2T4deNrM7iS6xs1KnzDOruApWsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTseEbM
73TZuIVuH2wdBgGi/mivnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDhmZjcwMTMtMDhiNi00ZTM2LWFiODgtYzRmOGJkM2U3YTA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CQA
MA0GCSqGSIb3DQEBCwUAA4IBAQBHADbXoWtyoywU0Elg3pEIteLecvyCXiOwv9M+
YZtx8UDqZ8qNwsaRz0O3KMbtyOyOojHw84HQexDQetY2vy5FY4YKW7uC2QOhjZDv
pzIL1qV4V3JXtfTrLnsUyPNskC025s5EroeCsr7IoCeo9ASWVOUQPZUv3jcReM1K
ME3QO6z92DDofl0BqloFnX4lnedJTBsU+RR4r3O9XfvMy6xw6CAGvWc3RQu7TaZA
AN1+JJ4NocOmclkluYtRCNEHHAiwWzQI6rVLk7Wt3EWRDe8A8RAsUhF0JsKRV8yy
m2t5heawRkAxYdMCUHF+A+8id7tCGSq6xrFLoVEObTzk3Oed
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:58 2025 by rpki-client