Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
File: dc148af9-68cc-4a7f-b7fd-6ac691016888.roa (raw, json)
Hash identifier: b8TbsRcaiqqv78SNl9XR5yF9eXx3NotWfTuP9bHgIpM=
Subject key identifier: FF:39:33:34:7B:C0:4F:23:CE:5F:3D:2A:CB:CC:64:FC:07:8B:5A:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1BCA0022408B69F9060A2CF74FD28644A3A5FC7A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
Signing time: Tue 05 Aug 2025 20:11:01 +0000
ROA not before: Tue 05 Aug 2025 20:11:01 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:ca:00:22:40:8b:69:f9:06:0a:2c:f7:4f:d2:86:44:a3:a5:fc:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:11:01 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=6849986b8561aff0dc03b824178b71ee7ca12a7bc2b9dd8bbd9dd0bc25c19182, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b1:2e:75:9d:e9:6a:de:57:8f:4a:21:d9:bb:
8b:1c:6c:6d:1b:77:21:ad:53:23:98:7a:e0:8f:08:
2c:08:8e:80:28:c4:ff:8c:cf:ab:d1:a9:aa:31:0b:
5d:f3:e4:94:53:6f:b3:9e:9a:7e:3f:97:e6:cb:7f:
1e:7a:91:13:ab:02:4b:2c:f0:ba:ca:0c:d1:d1:f8:
22:2d:3e:9d:39:44:d5:16:ab:e1:72:f9:4a:af:cb:
ce:38:e8:9f:1b:26:80:28:22:a7:5d:06:e4:1e:b5:
95:46:cd:4f:8d:ab:dd:95:c4:f1:12:cd:68:a1:a9:
d5:88:ec:1c:2d:16:a8:3c:b9:0f:78:d8:38:05:26:
5f:c6:38:4f:99:66:ba:bc:6f:61:95:f3:6d:b3:5d:
db:e1:48:44:c9:0c:7d:dd:76:3d:2c:15:db:f2:5a:
d6:ed:68:36:0c:db:ec:58:8c:14:ad:66:af:56:9f:
9c:51:53:69:39:6f:f3:cd:9f:15:9b:0c:ac:85:02:
dd:87:d7:83:96:fb:ad:1b:e1:9f:ce:c8:3b:27:3c:
f5:32:46:16:49:e0:e0:e8:08:94:32:1e:b5:0a:58:
e0:52:81:1e:3e:f9:94:b1:a2:dd:ed:2e:82:82:cd:
53:cc:76:df:a1:7a:92:ce:9f:45:ba:97:61:91:ae:
57:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:39:33:34:7B:C0:4F:23:CE:5F:3D:2A:CB:CC:64:FC:07:8B:5A:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025::/36
Signature Algorithm: sha256WithRSAEncryption
2a:fa:a0:4f:db:7a:3a:bb:82:26:cb:c7:23:d0:ff:62:c1:72:
dd:8a:81:ea:b7:08:74:2d:e5:36:c7:32:41:94:a3:a0:fb:e9:
b6:b2:e6:3c:fe:f5:6f:20:77:b7:42:50:d3:1b:94:9e:55:9d:
6e:23:38:e0:50:f4:bc:50:6e:e5:c8:ef:2f:40:e2:8c:e2:e0:
ba:5d:8b:6c:30:da:84:6c:ea:d9:18:ca:e9:8d:cd:2f:b6:03:
9a:ca:71:20:3d:ce:f7:13:55:33:3f:55:0f:6f:42:e2:b9:69:
7d:15:38:6c:0f:cf:b3:80:e7:e0:18:44:bb:b2:62:50:dd:96:
aa:b6:ce:90:c7:94:82:1d:bc:16:9d:f6:95:bd:9e:fa:40:df:
c6:28:ec:fa:4b:6c:7e:d0:04:49:3c:14:f2:c3:32:2d:20:f2:
2a:b5:2c:d2:7e:1d:11:19:ae:2e:cd:45:e5:dd:b1:06:7e:90:
8a:b8:87:ed:e0:f3:54:82:17:55:74:8a:99:d6:29:48:28:e3:
ee:c5:e2:ca:42:d2:24:b6:25:e2:c5:ec:ae:1e:e8:07:8a:e4:
bf:94:b8:35:04:75:99:b4:ad:cc:58:6b:19:3e:91:5b:27:e0:
f5:2c:86:49:0c:60:49:14:09:5d:d8:cd:1f:28:8a:f9:e9:14:
46:95:c3:28
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG8oAIkCLafkGCiz3T9KGRKOl/HowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDExMDFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4NDk5ODZiODU2MWFmZjBkYzAzYjgyNDE3OGI3MWVlN2NhMTJhN2JjMmI5
ZGQ4YmJkOWRkMGJjMjVjMTkxODIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGxLnWd6WreV49KIdm7ixxsbRt3Ia1TI5h64I8ILAiOgCjE/4zPq9GpqjEL
XfPklFNvs56afj+X5st/HnqRE6sCSyzwusoM0dH4Ii0+nTlE1Rar4XL5Sq/Lzjjo
nxsmgCgip10G5B61lUbNT42r3ZXE8RLNaKGp1YjsHC0WqDy5D3jYOAUmX8Y4T5lm
urxvYZXzbbNd2+FIRMkMfd12PSwV2/Ja1u1oNgzb7FiMFK1mr1afnFFTaTlv882f
FZsMrIUC3YfXg5b7rRvhn87IOyc89TJGFkng4OgIlDIetQpY4FKBHj75lLGi3e0u
goLNU8x236F6ks6fRbqXYZGuVxECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT/OTM0
e8BPI85fPSrLzGT8B4ta/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGMxNDhhZjktNjhjYy00YTdmLWI3ZmQtNmFjNjkxMDE2ODg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUA
MA0GCSqGSIb3DQEBCwUAA4IBAQAq+qBP23o6u4Imy8cj0P9iwXLdioHqtwh0LeU2
xzJBlKOg++m2suY8/vVvIHe3QlDTG5SeVZ1uIzjgUPS8UG7lyO8vQOKM4uC6XYts
MNqEbOrZGMrpjc0vtgOaynEgPc73E1UzP1UPb0LiuWl9FThsD8+zgOfgGES7smJQ
3Zaqts6Qx5SCHbwWnfaVvZ76QN/GKOz6S2x+0ARJPBTywzItIPIqtSzSfh0RGa4u
zUXl3bEGfpCKuIft4PNUghdVdIqZ1ilIKOPuxeLKQtIktiXixeyuHugHiuS/lLg1
BHWZtK3MWGsZPpFbJ+D1LIZJDGBJFAld2M0fKIr56RRGlcMo
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:03:51 2025 by rpki-client