Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa
File: ddbb8798-3423-4d98-a384-58621b010556.roa (raw, json)
Hash identifier: UGgU3BaBJE/r7AK9OF4e8T6LRq16i7UYPJ+e8/pAE7M=
Subject key identifier: 26:00:3B:9A:3D:B3:C3:1B:01:01:8D:DA:0C:4C:BB:28:8A:FC:18:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49339927BD1E1B095CCD1EF1CB93EC3942F7C19F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa
Signing time: Tue 05 Aug 2025 20:11:14 +0000
ROA not before: Tue 05 Aug 2025 20:11:14 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:33:99:27:bd:1e:1b:09:5c:cd:1e:f1:cb:93:ec:39:42:f7:c1:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:11:14 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=80e301062a53ff1e108c6011c859417ef070b754524a1a8f54d93b486e9e1496, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d4:b2:f2:0a:ca:08:c6:0a:c5:c1:fc:69:f1:
44:1e:43:99:38:de:52:45:e1:22:df:26:e2:87:08:
a8:92:fe:2e:e2:da:02:3d:57:b5:a7:c9:b7:22:d1:
05:05:77:87:44:f0:30:d1:9b:fd:fd:bb:80:e5:c3:
d8:e4:dc:7d:4e:fe:55:b2:88:e5:b8:a5:59:d5:62:
2b:76:70:7d:27:8d:7d:d4:a2:18:9f:e7:1c:e8:28:
c6:ce:4a:c3:9b:38:05:36:49:18:56:88:9d:3a:1e:
41:33:a4:eb:5e:10:1a:22:62:bf:7a:8f:d0:42:8a:
fd:59:1c:7c:4d:9d:c0:39:ae:d7:bb:72:8c:be:89:
13:cd:33:e1:06:40:73:b3:26:b7:c8:e5:30:21:df:
5f:03:43:70:cf:f6:a9:a2:65:65:65:9c:44:33:11:
39:d0:d7:97:ab:2a:69:5f:fb:59:d3:ac:6c:e3:43:
e3:fc:66:c9:df:d3:8b:f0:08:4a:0a:83:90:2b:72:
bc:8a:03:02:d4:bc:d4:d3:99:e3:02:7b:83:00:d7:
6e:db:cb:26:29:7e:35:4e:16:32:6e:05:5d:2d:f9:
0a:a2:3f:64:0d:e3:01:52:51:f8:4c:fb:d7:0d:fc:
b6:c4:8d:32:13:f5:66:cc:24:52:04:8c:16:48:2d:
8c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:00:3B:9A:3D:B3:C3:1B:01:01:8D:DA:0C:4C:BB:28:8A:FC:18:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ddbb8798-3423-4d98-a384-58621b010556.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019:c00::/38
Signature Algorithm: sha256WithRSAEncryption
38:a4:5b:a9:7e:fd:a4:1f:f0:08:35:8e:62:04:3a:eb:82:c9:
b6:81:7e:c6:68:1b:97:b1:32:1b:bb:56:70:50:7b:f0:3a:f4:
cd:8e:1f:81:4e:36:4b:b4:ce:af:03:f3:bf:ae:ba:25:07:e3:
8e:35:15:4c:8f:8e:dd:69:cd:ce:32:5c:2c:fd:76:c3:c9:02:
4c:27:5e:d3:6b:9d:e2:15:39:42:b6:f9:b2:d7:5b:15:b5:81:
50:41:30:fd:aa:ea:27:1c:c4:1c:67:ab:ef:36:7f:65:30:07:
43:a3:49:0b:90:5f:fd:61:6e:b7:ab:2a:15:c7:d0:55:e8:a9:
4a:bf:ec:e0:b4:c8:e5:fa:2d:dd:5d:11:db:92:99:95:d7:a0:
77:b9:9c:2b:cb:9e:5b:b6:59:68:b5:c1:89:cb:22:a2:ca:40:
c2:e5:34:4c:ab:64:65:30:83:06:22:b6:c8:56:d9:a2:56:41:
ed:1c:0e:a2:55:d6:cf:9a:1a:77:df:81:95:0a:65:7e:77:de:
17:3e:6f:2c:aa:9d:3e:02:c0:77:f0:ef:9b:b3:3c:69:82:6e:
e5:42:ee:a5:f7:a0:0e:50:63:54:0e:83:23:df:9d:46:4a:5b:
2c:c3:65:31:c6:d7:3b:72:7e:fc:c5:85:7f:40:4c:cc:8d:88:
82:1b:c9:5c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSTOZJ70eGwlczR7xy5PsOUL3wZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDExMTRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwZTMwMTA2MmE1M2ZmMWUxMDhjNjAxMWM4NTk0MTdlZjA3MGI3NTQ1MjRh
MWE4ZjU0ZDkzYjQ4NmU5ZTE0OTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTUsvIKygjGCsXB/GnxRB5DmTjeUkXhIt8m4ocIqJL+LuLaAj1XtafJtyLR
BQV3h0TwMNGb/f27gOXD2OTcfU7+VbKI5bilWdViK3ZwfSeNfdSiGJ/nHOgoxs5K
w5s4BTZJGFaInToeQTOk614QGiJiv3qP0EKK/VkcfE2dwDmu17tyjL6JE80z4QZA
c7Mmt8jlMCHfXwNDcM/2qaJlZWWcRDMROdDXl6sqaV/7WdOsbOND4/xmyd/Ti/AI
SgqDkCtyvIoDAtS81NOZ4wJ7gwDXbtvLJil+NU4WMm4FXS35CqI/ZA3jAVJR+Ez7
1w38tsSNMhP1ZswkUgSMFkgtjPMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQmADua
PbPDGwEBjdoMTLsoivwYuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGRiYjg3OTgtMzQyMy00ZDk4LWEzODQtNTg2MjFiMDEwNTU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkM
MA0GCSqGSIb3DQEBCwUAA4IBAQA4pFupfv2kH/AINY5iBDrrgsm2gX7GaBuXsTIb
u1ZwUHvwOvTNjh+BTjZLtM6vA/O/rrolB+OONRVMj47dac3OMlws/XbDyQJMJ17T
a53iFTlCtvmy11sVtYFQQTD9quonHMQcZ6vvNn9lMAdDo0kLkF/9YW63qyoVx9BV
6KlKv+zgtMjl+i3dXRHbkpmV16B3uZwry55btllotcGJyyKiykDC5TRMq2RlMIMG
IrbIVtmiVkHtHA6iVdbPmhp334GVCmV+d94XPm8sqp0+AsB38O+bszxpgm7lQu6l
96AOUGNUDoMj351GSlssw2Uxxtc7cn78xYV/QEzMjYiCG8lc
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:16:53 2025 by rpki-client