Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dec4a7df-5727-45ab-92fb-7078e26fd54d.roa
File: dec4a7df-5727-45ab-92fb-7078e26fd54d.roa (raw, json)
Hash identifier: Lcmu1zjgSMTxRkE6fFTtUgjfznzorkwooHzHToCFUwA=
Subject key identifier: BE:51:61:55:37:14:BE:73:02:34:CA:17:CA:58:22:41:A4:83:95:76
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4FAFA49FBB5210D353061DF3A0F299358FCD98B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dec4a7df-5727-45ab-92fb-7078e26fd54d.roa
Signing time: Fri 22 Aug 2025 15:11:03 +0000
ROA not before: Fri 22 Aug 2025 15:11:03 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:af:a4:9f:bb:52:10:d3:53:06:1d:f3:a0:f2:99:35:8f:cd:98:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:11:03 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=b2719c2060e6c0d846e4d9a1fd81861dffa160e530dade7666b76287f1f1805f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a3:86:57:fb:97:e7:60:81:31:d0:d7:6f:e2:
26:13:bd:70:93:1d:16:76:53:84:76:a6:b8:48:a8:
7f:17:9e:62:18:b4:30:34:1c:db:f2:b9:0e:07:53:
64:ec:8a:03:c6:b6:7b:9f:e6:95:e5:00:56:7d:9b:
a9:f8:3d:23:55:db:d5:f8:27:7c:dc:f3:38:42:8d:
c9:9b:1e:f5:c9:29:b5:ff:a7:09:5c:08:60:0f:d7:
f1:c4:7e:73:bf:db:64:cd:e1:0e:9d:8f:c1:08:4d:
43:1c:09:b2:54:0f:3a:3c:c9:30:8b:b8:9e:d2:58:
a0:2d:e6:82:fd:d4:bb:02:fc:05:71:2b:72:51:d4:
56:80:a4:09:d5:fb:34:55:4b:17:41:6b:ce:d2:ed:
cf:5d:3f:bb:71:08:3f:20:7a:6f:58:5b:3c:05:83:
b3:28:5c:dd:e4:fa:d5:bf:b9:cb:d3:20:72:08:02:
62:eb:51:9c:e2:fd:fd:56:a0:49:dc:c2:ef:9c:43:
af:4c:1f:49:16:22:d5:d2:e8:5c:fa:61:57:36:a4:
d8:13:f9:3b:fd:8c:1f:d8:9c:3e:4b:8e:99:61:69:
5b:e9:8b:26:6b:f4:cc:9c:b2:ee:60:75:a5:30:70:
84:95:42:eb:81:6e:55:d5:e1:0c:31:62:6c:f0:7c:
c9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:51:61:55:37:14:BE:73:02:34:CA:17:CA:58:22:41:A4:83:95:76
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dec4a7df-5727-45ab-92fb-7078e26fd54d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076::/32
Signature Algorithm: sha256WithRSAEncryption
9d:cf:c9:72:84:84:a4:75:e1:6c:a2:98:1c:32:8e:d4:d0:5d:
22:8d:a0:b2:a1:b5:4d:d5:f2:6c:66:fa:c8:24:b9:19:8e:d3:
6f:29:54:04:34:b6:45:f2:ea:5a:3f:db:a4:98:12:cf:30:09:
c6:29:31:54:a1:78:e9:d4:4d:33:ee:d8:d5:1c:63:2e:c2:23:
4f:99:a3:1f:2c:f7:fe:2e:2f:5f:79:fd:c6:14:ab:52:7c:f5:
89:94:1d:73:c8:4f:c3:7c:c2:ef:4e:44:e1:da:8d:ee:36:4e:
53:c5:5f:70:d9:c4:21:bb:2a:19:57:e0:0e:72:71:46:38:e7:
5e:41:c7:b9:eb:92:07:90:c9:ee:7f:d5:d2:b2:d7:97:eb:6b:
2c:62:2f:db:91:8f:2f:c6:68:a0:ea:86:61:9c:49:cc:c2:9e:
ee:78:1f:3a:6f:57:a3:15:47:b2:e0:fb:81:7d:9b:62:9d:9e:
be:a3:70:f1:dc:e1:d4:80:4d:37:05:fd:42:50:0b:69:85:f8:
8e:d0:b4:99:d1:1b:a0:33:71:2d:52:2f:62:f7:db:63:c5:62:
0b:e4:f4:c0:ba:3c:07:63:30:47:16:51:66:7b:b5:81:df:3f:
3f:f6:87:f2:1c:9f:05:a4:49:be:c6:27:8d:4d:92:55:07:26:
94:24:a5:27
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUT6+kn7tSENNTBh3zoPKZNY/NmLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTExMDNaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyNzE5YzIwNjBlNmMwZDg0NmU0ZDlhMWZkODE4NjFkZmZhMTYwZTUzMGRh
ZGU3NjY2Yjc2Mjg3ZjFmMTgwNWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOWjhlf7l+dggTHQ12/iJhO9cJMdFnZThHamuEiofxeeYhi0MDQc2/K5DgdT
ZOyKA8a2e5/mleUAVn2bqfg9I1Xb1fgnfNzzOEKNyZse9ckptf+nCVwIYA/X8cR+
c7/bZM3hDp2PwQhNQxwJslQPOjzJMIu4ntJYoC3mgv3UuwL8BXErclHUVoCkCdX7
NFVLF0FrztLtz10/u3EIPyB6b1hbPAWDsyhc3eT61b+5y9MgcggCYutRnOL9/Vag
SdzC75xDr0wfSRYi1dLoXPphVzak2BP5O/2MH9icPkuOmWFpW+mLJmv0zJyy7mB1
pTBwhJVC64FuVdXhDDFibPB8yfsCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBS+UWFV
NxS+cwI0yhfKWCJBpIOVdjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGVjNGE3ZGYtNTcyNy00NWFiLTkyZmItNzA3OGUyNmZkNTRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HYw
DQYJKoZIhvcNAQELBQADggEBAJ3PyXKEhKR14WyimBwyjtTQXSKNoLKhtU3V8mxm
+sgkuRmO028pVAQ0tkXy6lo/26SYEs8wCcYpMVSheOnUTTPu2NUcYy7CI0+Zox8s
9/4uL195/cYUq1J89YmUHXPIT8N8wu9OROHaje42TlPFX3DZxCG7KhlX4A5ycUY4
515Bx7nrkgeQye5/1dKy15frayxiL9uRjy/GaKDqhmGcSczCnu54HzpvV6MVR7Lg
+4F9m2Kdnr6jcPHc4dSATTcF/UJQC2mF+I7QtJnRG6AzcS1SL2L322PFYgvk9MC6
PAdjMEcWUWZ7tYHfPz/2h/IcnwWkSb7GJ41NklUHJpQkpSc=
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:54 2025 by rpki-client