Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d995c3a1-2858-4090-a096-1bf6aeccd5f2.roa
File: d995c3a1-2858-4090-a096-1bf6aeccd5f2.roa (raw, json)
Hash identifier: xW/MhegysWCaNowTm1GpAcCqIqri6d7lAJvam5dtSjc=
Subject key identifier: C7:12:7F:72:3D:7E:10:2A:E5:98:28:EA:60:0C:5A:4C:B9:2A:95:82
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B6D740DA0BAFCA9A5CFF2E11A2EFE76C9D2ECFE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d995c3a1-2858-4090-a096-1bf6aeccd5f2.roa
Signing time: Fri 08 Aug 2025 00:31:04 +0000
ROA not before: Fri 08 Aug 2025 00:31:04 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:6d:74:0d:a0:ba:fc:a9:a5:cf:f2:e1:1a:2e:fe:76:c9:d2:ec:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 8 00:31:04 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=7de95f71e420e358f97c202222bad0e94eac504503b773dc9f62649473d6b4e9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:24:4e:91:9c:5b:f7:d3:31:fb:d8:52:ca:8d:
d8:96:7c:08:7a:ac:5d:b5:fd:49:cd:a8:9c:b1:f1:
5d:2e:65:ef:58:2f:f5:1f:66:42:38:fb:89:ad:59:
44:bb:da:62:c3:4f:d8:6a:2d:b3:9c:58:f2:cb:e0:
e5:2d:47:31:a7:20:cf:8a:6e:5e:1e:8e:81:ca:d1:
57:f7:bd:59:7b:a5:98:dd:41:4b:1b:22:24:48:95:
90:ed:35:a0:10:47:4c:c6:4a:da:65:94:44:c7:e9:
cb:fe:d9:a9:21:37:a9:33:4d:8b:44:fb:3c:4a:bc:
6a:eb:b9:79:fa:68:47:0a:28:ae:78:de:ca:18:8e:
de:04:96:22:a3:e7:b7:8f:85:dd:c6:f2:a6:23:b8:
cd:a8:49:d3:b8:55:48:bb:9d:c0:af:bb:a0:76:d6:
38:e3:08:4f:f1:46:d4:9d:c4:96:db:07:df:60:f3:
78:c5:18:b9:d0:7e:02:b4:08:63:34:21:d6:06:db:
9e:1b:38:e0:19:ba:93:2d:b3:17:be:cc:7d:26:5f:
fe:82:2b:08:f1:36:92:fa:e7:d9:39:04:49:5b:7d:
5a:ff:13:53:e5:28:16:dc:24:e9:a1:b3:43:d3:ef:
6e:e5:0f:c2:94:8f:62:b2:63:8a:8c:04:dd:cf:a0:
c9:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:12:7F:72:3D:7E:10:2A:E5:98:28:EA:60:0C:5A:4C:B9:2A:95:82
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d995c3a1-2858-4090-a096-1bf6aeccd5f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1800::/38
Signature Algorithm: sha256WithRSAEncryption
19:e3:2e:09:a5:97:a9:2c:dd:98:94:5e:88:31:ad:92:4d:85:
b2:e6:c2:4e:f8:b9:38:9f:4e:b5:31:52:93:2f:d8:7d:61:31:
24:34:4b:47:34:0e:ce:8c:6e:5f:ee:9c:6d:9f:9d:fa:1e:e6:
d5:d6:59:af:b1:aa:b4:14:7e:7a:dc:f9:80:87:3f:39:83:51:
83:6c:ac:ec:69:cf:b7:e5:c8:1b:10:96:2a:9b:ac:54:1f:20:
40:d2:da:5d:9d:6b:50:af:5a:96:6e:af:ce:1d:85:75:19:b9:
70:fd:de:20:c8:56:55:da:3e:ed:ae:bb:e0:79:d9:df:a1:82:
4c:01:40:36:63:8a:53:94:1f:3d:2f:60:52:ba:f3:35:90:08:
04:66:4d:5f:5d:2d:2a:71:b3:56:43:11:bb:00:d1:37:d4:41:
8c:cb:71:48:f3:fb:ed:86:87:12:fe:5f:c5:dd:cc:38:3f:0d:
9b:33:6c:35:b8:f1:7b:7c:aa:3b:4e:77:cc:7d:63:f5:83:71:
a0:52:c9:2f:d9:db:95:b8:5b:7e:dd:8f:59:4b:06:fa:97:64:
b9:84:5e:a8:0f:38:f1:1c:47:6b:d9:c7:a0:bf:aa:7b:37:9b:
6f:00:df:ab:a1:f9:2e:be:c9:b6:4b:ad:02:8e:81:cc:e8:b5:
0b:82:c9:d3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG210DaC6/Kmlz/LhGi7+dsnS7P4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDgwMDMxMDRaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkZTk1ZjcxZTQyMGUzNThmOTdjMjAyMjIyYmFkMGU5NGVhYzUwNDUwM2I3
NzNkYzlmNjI2NDk0NzNkNmI0ZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKokTpGcW/fTMfvYUsqN2JZ8CHqsXbX9Sc2onLHxXS5l71gv9R9mQjj7ia1Z
RLvaYsNP2Gots5xY8svg5S1HMacgz4puXh6OgcrRV/e9WXulmN1BSxsiJEiVkO01
oBBHTMZK2mWURMfpy/7ZqSE3qTNNi0T7PEq8auu5efpoRwoornjeyhiO3gSWIqPn
t4+F3cbypiO4zahJ07hVSLudwK+7oHbWOOMIT/FG1J3EltsH32DzeMUYudB+ArQI
YzQh1gbbnhs44Bm6ky2zF77MfSZf/oIrCPE2kvrn2TkESVt9Wv8TU+UoFtwk6aGz
Q9PvbuUPwpSPYrJjiowE3c+gyVECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTHEn9y
PX4QKuWYKOpgDFpMuSqVgjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDk5NWMzYTEtMjg1OC00MDkwLWEwOTYtMWJmNmFlY2NkNWYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQY
MA0GCSqGSIb3DQEBCwUAA4IBAQAZ4y4JpZepLN2YlF6IMa2STYWy5sJO+Lk4n061
MVKTL9h9YTEkNEtHNA7OjG5f7pxtn536HubV1lmvsaq0FH563PmAhz85g1GDbKzs
ac+35cgbEJYqm6xUHyBA0tpdnWtQr1qWbq/OHYV1Gblw/d4gyFZV2j7trrvgednf
oYJMAUA2Y4pTlB89L2BSuvM1kAgEZk1fXS0qcbNWQxG7ANE31EGMy3FI8/vthocS
/l/F3cw4Pw2bM2w1uPF7fKo7TnfMfWP1g3GgUskv2duVuFt+3Y9ZSwb6l2S5hF6o
DzjxHEdr2cegv6p7N5tvAN+rofkuvsm2S60CjoHM6LULgsnT
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:55 2025 by rpki-client