Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e20afb98-f3fb-45c2-9398-65129b8874f0.roa
File: e20afb98-f3fb-45c2-9398-65129b8874f0.roa (raw, json)
Hash identifier: /YcRZ0gkkEiVamhgnbnw7aSAOZzISQbde4gLCNHvqEk=
Subject key identifier: 16:0B:23:DD:AA:6A:59:C7:EA:85:0A:A4:DC:30:09:49:8B:C1:53:DA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F4DBF7222FC8E7C2C3F5DB23C79F6E8832191EC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e20afb98-f3fb-45c2-9398-65129b8874f0.roa
Signing time: Tue 05 Aug 2025 18:51:24 +0000
ROA not before: Tue 05 Aug 2025 18:51:24 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:4d:bf:72:22:fc:8e:7c:2c:3f:5d:b2:3c:79:f6:e8:83:21:91:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:51:24 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=ce490adbfe73a93e0c29e6347282dca87e2ebfae9c6802fc92a340b055703e35, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a4:ce:18:9c:ec:07:ed:2f:ca:71:1d:0b:f6:
83:58:90:8b:40:4e:13:76:d2:5d:08:6f:f6:c7:45:
26:88:9a:a7:24:93:28:80:ff:1f:7c:ba:72:78:8e:
a3:27:49:76:59:36:83:2a:ba:2c:60:93:16:57:26:
5e:49:93:fb:40:6e:39:57:d7:b6:5e:0c:44:7b:76:
be:99:99:90:73:fc:f0:89:ad:a2:d4:34:7b:29:53:
73:4c:82:4d:d8:b5:09:da:3d:52:31:49:8a:e7:b0:
d0:b2:83:89:7b:b3:6c:bc:1b:43:0d:8e:23:70:14:
7e:36:49:d1:04:f1:be:7e:9b:73:9e:0d:4b:ab:81:
9c:40:e3:9f:44:60:f1:68:a4:a7:44:5b:ba:c7:3a:
2e:09:d3:07:d4:db:3c:52:07:42:67:ab:de:aa:9f:
5e:df:d2:e9:2d:a0:4d:79:da:b3:ad:dd:2e:b6:e2:
0a:6b:b3:40:39:1e:f1:cb:b3:ad:fd:58:1f:50:8d:
9b:77:5a:85:6d:ba:0a:ad:f7:ad:0b:12:16:c5:c0:
36:39:c1:a5:89:41:94:65:5a:b7:8f:fb:15:7f:a6:
dc:89:1e:40:8f:24:0a:c4:90:33:03:d7:f0:02:1c:
d4:b7:3e:3a:f0:e8:0e:93:01:5f:0e:ca:d6:ac:20:
ac:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:0B:23:DD:AA:6A:59:C7:EA:85:0A:A4:DC:30:09:49:8B:C1:53:DA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e20afb98-f3fb-45c2-9398-65129b8874f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
7d:db:5e:58:42:67:d1:82:c9:f3:33:03:da:a8:5a:78:c9:a8:
16:b6:86:1e:25:5f:21:6f:9c:1b:20:db:01:fa:9c:ac:cc:bc:
d8:6d:a2:3f:4f:68:af:f0:23:6a:2e:1f:64:8a:95:81:d9:cb:
8e:10:07:c7:34:4e:a9:8d:88:3c:24:67:d4:6c:d9:5d:30:18:
e4:78:ec:60:9d:5c:2d:7e:1d:6b:e3:13:82:68:1b:32:26:f4:
a2:15:2a:4e:86:83:64:4a:80:ca:79:9d:e5:6f:a6:a3:6f:86:
0e:53:d0:ca:11:be:34:40:fc:ac:af:35:e5:83:b1:2a:95:69:
3c:47:84:ca:ba:84:27:dd:6d:5c:bf:dc:21:fc:84:e4:5f:60:
ef:b5:95:b3:cc:b2:83:cd:b3:e6:d9:d5:70:40:60:aa:25:d1:
12:b2:d6:09:40:96:36:67:55:70:9f:32:f4:da:ff:80:98:0d:
a0:a3:b7:f9:b6:55:b1:b3:e4:30:af:f6:9f:96:2d:ee:b0:ea:
00:14:96:9d:c8:26:09:6d:93:91:25:e6:d5:90:cf:f4:ea:81:
78:b9:22:e0:d6:4f:98:52:08:1c:f9:17:ba:3a:7f:a2:7a:2d:
37:50:73:f4:42:c7:93:0e:49:07:c9:35:7a:27:81:b4:3a:11:
a4:c2:f7:6d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUH02/ciL8jnwsP12yPHn26IMhkewwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODUxMjRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlNDkwYWRiZmU3M2E5M2UwYzI5ZTYzNDcyODJkY2E4N2UyZWJmYWU5YzY4
MDJmYzkyYTM0MGIwNTU3MDNlMzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWkzhic7AftL8pxHQv2g1iQi0BOE3bSXQhv9sdFJoiapySTKID/H3y6cniO
oydJdlk2gyq6LGCTFlcmXkmT+0BuOVfXtl4MRHt2vpmZkHP88ImtotQ0eylTc0yC
Tdi1Cdo9UjFJiuew0LKDiXuzbLwbQw2OI3AUfjZJ0QTxvn6bc54NS6uBnEDjn0Rg
8Wikp0Rbusc6LgnTB9TbPFIHQmer3qqfXt/S6S2gTXnas63dLrbiCmuzQDke8cuz
rf1YH1CNm3dahW26Cq33rQsSFsXANjnBpYlBlGVat4/7FX+m3IkeQI8kCsSQMwPX
8AIc1Lc+OvDoDpMBXw7K1qwgrEECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQWCyPd
qmpZx+qFCqTcMAlJi8FT2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTIwYWZiOTgtZjNmYi00NWMyLTkzOTgtNjUxMjliODg3NGYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg
wDANBgkqhkiG9w0BAQsFAAOCAQEAfdteWEJn0YLJ8zMD2qhaeMmoFraGHiVfIW+c
GyDbAfqcrMy82G2iP09or/Ajai4fZIqVgdnLjhAHxzROqY2IPCRn1GzZXTAY5Hjs
YJ1cLX4da+MTgmgbMib0ohUqToaDZEqAynmd5W+mo2+GDlPQyhG+NED8rK815YOx
KpVpPEeEyrqEJ91tXL/cIfyE5F9g77WVs8yyg82z5tnVcEBgqiXRErLWCUCWNmdV
cJ8y9Nr/gJgNoKO3+bZVsbPkMK/2n5Yt7rDqABSWncgmCW2TkSXm1ZDP9OqBeLki
4NZPmFIIHPkXujp/onotN1Bz9ELHkw5JB8k1eieBtDoRpML3bQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:23 2025 by rpki-client