Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
File: da8369e9-0146-44b6-865e-0064a4d1ed72.roa (raw, json)
Hash identifier: sBzhShy8MuPOmyHOcmghyYW3jF++cwJ1WTnHLjmhLyQ=
Subject key identifier: 6B:1D:00:A3:57:FC:4F:9F:B2:2D:78:7D:0D:3F:1A:BC:E5:D6:55:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39EC7677E09D04D33CA6B7D8299129A5F2AF7B61
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
Signing time: Tue 05 Aug 2025 19:21:54 +0000
ROA not before: Tue 05 Aug 2025 19:21:54 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:ec:76:77:e0:9d:04:d3:3c:a6:b7:d8:29:91:29:a5:f2:af:7b:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:21:54 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=235138dd21bbe09ff24f45114f55d535bcd756c875b9cdccf9f64440f9043bb4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e1:4f:56:10:23:5f:a6:da:a2:20:a4:32:5e:
dc:97:8c:79:cd:91:e4:50:91:6d:b6:85:7c:e8:9f:
a2:1a:43:f4:17:1a:81:fe:df:1b:89:dd:37:b7:c2:
b2:6e:28:e6:1a:1b:1c:2b:5c:1a:c8:59:1a:fe:5a:
ea:84:24:b8:da:be:33:f4:72:29:9c:03:02:32:96:
89:4d:17:06:36:fa:bf:c0:e9:13:6d:95:b4:2b:d6:
9d:1a:49:2a:8b:c2:83:ae:65:61:57:f1:46:6e:af:
40:28:f1:24:ee:c8:ca:92:0e:92:58:0e:e9:e2:ec:
f4:9d:4d:c5:17:43:5d:91:8b:3a:41:69:f2:d0:b0:
47:c5:81:7a:38:c7:6a:cc:f6:18:f4:e8:56:2a:33:
27:c1:1a:71:5f:8a:9c:3e:cd:5c:98:5d:28:71:03:
aa:d6:34:2a:c6:7c:9f:20:d5:07:aa:c9:df:d9:12:
74:38:60:f0:bb:05:a9:d9:12:5f:40:9a:42:b2:a6:
9d:ed:19:3b:77:6e:b8:3c:12:ea:88:05:bd:36:e1:
26:4e:49:d3:7d:f1:17:9f:eb:63:8d:01:1b:a6:45:
36:fd:1a:4d:01:da:51:41:d7:25:d9:b4:30:39:21:
ef:00:5d:1d:1b:90:fc:13:18:ca:2d:a9:8b:6e:cb:
de:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:1D:00:A3:57:FC:4F:9F:B2:2D:78:7D:0D:3F:1A:BC:E5:D6:55:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da8369e9-0146-44b6-865e-0064a4d1ed72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6000::/40
Signature Algorithm: sha256WithRSAEncryption
91:76:05:95:d9:5e:30:47:73:37:cb:41:1b:79:2e:74:84:9a:
bd:48:0c:82:7e:dd:ef:b2:cd:ac:82:ab:25:11:66:00:f1:e9:
ea:4c:b4:e4:0b:dc:cf:86:a2:a7:56:82:48:be:7e:82:3a:1c:
1d:35:60:28:11:36:36:08:4b:62:ef:55:b9:d7:44:5f:4e:67:
cb:28:5b:91:a7:e6:58:7a:81:12:c1:9f:04:67:cd:f7:ee:49:
ae:02:a7:31:02:3c:71:af:e5:cb:22:22:9b:7f:96:4a:c9:c3:
75:45:3b:85:e3:fa:2c:69:b5:46:d3:42:34:83:fc:a2:ba:8b:
e1:51:fc:69:ef:7f:59:fe:11:a2:08:ce:40:c8:8f:7d:6e:81:
7a:5d:f3:3c:64:c6:fc:6b:fa:fb:52:0d:54:c9:f5:6d:83:29:
a8:57:20:c9:28:c1:5d:2b:dd:91:db:5f:7a:69:db:e2:0f:4d:
7d:2b:53:3c:11:4f:b6:6f:a3:8d:b9:80:19:76:38:9b:7c:70:
e3:9c:7f:d8:56:04:48:88:97:00:d2:af:32:ee:68:e6:d6:53:
53:9f:22:da:9a:bf:36:9d:5a:a8:77:c5:9f:5f:c9:86:c1:80:
fe:b7:32:36:cc:b7:97:4f:f6:35:b3:6f:5b:e1:54:79:72:27:
b1:a6:25:d3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOex2d+CdBNM8prfYKZEppfKve2EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIxNTRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzNTEzOGRkMjFiYmUwOWZmMjRmNDUxMTRmNTVkNTM1YmNkNzU2Yzg3NWI5
Y2RjY2Y5ZjY0NDQwZjkwNDNiYjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvhT1YQI1+m2qIgpDJe3JeMec2R5FCRbbaFfOifohpD9Bcagf7fG4ndN7fC
sm4o5hobHCtcGshZGv5a6oQkuNq+M/RyKZwDAjKWiU0XBjb6v8DpE22VtCvWnRpJ
KovCg65lYVfxRm6vQCjxJO7IypIOklgO6eLs9J1NxRdDXZGLOkFp8tCwR8WBejjH
asz2GPToViozJ8EacV+KnD7NXJhdKHEDqtY0KsZ8nyDVB6rJ39kSdDhg8LsFqdkS
X0CaQrKmne0ZO3duuDwS6ogFvTbhJk5J033xF5/rY40BG6ZFNv0aTQHaUUHXJdm0
MDkh7wBdHRuQ/BMYyi2pi27L3hECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRrHQCj
V/xPn7IteH0NPxq85dZVWDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGE4MzY5ZTktMDE0Ni00NGI2LTg2NWUtMDA2NGE0ZDFlZDcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFg
MA0GCSqGSIb3DQEBCwUAA4IBAQCRdgWV2V4wR3M3y0EbeS50hJq9SAyCft3vss2s
gqslEWYA8enqTLTkC9zPhqKnVoJIvn6COhwdNWAoETY2CEti71W510RfTmfLKFuR
p+ZYeoESwZ8EZ8337kmuAqcxAjxxr+XLIiKbf5ZKycN1RTuF4/osabVG00I0g/yi
uovhUfxp739Z/hGiCM5AyI99boF6XfM8ZMb8a/r7Ug1UyfVtgymoVyDJKMFdK92R
2196adviD019K1M8EU+2b6ONuYAZdjibfHDjnH/YVgRIiJcA0q8y7mjm1lNTnyLa
mr82nVqod8WfX8mGwYD+tzI2zLeXT/Y1s29b4VR5ciexpiXT
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:35:18 2025 by rpki-client