Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
File: e279c5e7-6144-440a-9f1d-2013fb96d06a.roa (raw, json)
Hash identifier: cE5k4BZhJO0+Bwl2vYKDoxWmKH5avgrihtRxp9qJ24M=
Subject key identifier: 72:8D:96:9D:F7:CF:2A:7A:55:E2:64:8B:38:9E:81:27:5E:E6:49:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35439C9C943362A21A7A8666C19B3B45DC4049A4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
Signing time: Tue 05 Aug 2025 19:40:43 +0000
ROA not before: Tue 05 Aug 2025 19:40:43 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:43:9c:9c:94:33:62:a2:1a:7a:86:66:c1:9b:3b:45:dc:40:49:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:40:43 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=0e6d84883fa452550ae8d2e7b6aa9232519afa833877b4170f7fe843ab4ef335, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:99:e4:7e:cb:04:85:db:65:4f:95:6d:0b:37:
4d:10:00:fc:3b:03:39:ab:b2:82:73:c0:0a:2b:5a:
91:10:45:b8:c7:fd:da:ce:82:2f:60:22:fd:29:47:
45:97:6f:d2:24:79:9d:16:21:bc:43:ee:e8:6d:6d:
ad:02:9d:64:32:65:d3:ad:e1:44:0f:78:7b:e3:d8:
ac:f1:a9:ed:9d:66:f2:8a:12:98:d8:9f:01:fd:1b:
d5:d6:43:f5:b2:70:97:93:d4:91:46:f2:d4:3c:66:
82:42:03:c3:51:b1:de:e6:c9:b2:49:c6:85:c5:30:
ad:e4:8b:68:b6:77:3d:65:2e:ab:31:03:14:6d:7e:
33:6d:93:0b:28:f3:59:d1:5b:98:34:3a:4c:fb:3d:
bf:a0:9e:26:df:e3:8d:f1:dd:60:9c:af:96:02:31:
ca:51:22:b5:23:63:80:09:a6:06:d0:8e:bc:bd:ea:
db:02:81:d6:1a:5e:0c:91:87:25:6a:1e:8f:0d:30:
01:2a:1c:99:76:40:01:22:89:d7:be:1a:31:5d:a6:
6c:49:b0:12:34:e8:6f:4d:d8:c6:c7:ac:70:68:4f:
21:6e:d9:de:0f:1a:c4:d6:78:e2:aa:a5:69:07:b8:
ce:20:08:fe:78:a8:53:d0:f8:d1:99:4e:00:29:f8:
f0:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:8D:96:9D:F7:CF:2A:7A:55:E2:64:8B:38:9E:81:27:5E:E6:49:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e279c5e7-6144-440a-9f1d-2013fb96d06a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:2000::/40
Signature Algorithm: sha256WithRSAEncryption
b3:05:1e:f1:59:ed:2a:6a:1f:d1:ec:e0:64:e5:cc:bc:bd:da:
bb:f6:e5:b1:b9:54:68:37:33:eb:a5:b4:31:6c:bd:91:15:33:
97:e2:49:3f:b1:e1:3d:92:bb:d8:f9:93:81:8b:08:5f:4d:ec:
00:1b:8c:7e:85:fd:76:1b:9c:9b:5a:9d:fc:a3:c4:81:14:56:
7d:3a:12:89:24:2c:4f:cf:a2:61:39:70:13:95:33:f6:56:c5:
be:72:4f:c6:34:da:ac:9d:37:d1:9a:6f:7a:f4:b3:4e:f6:92:
f3:13:1a:2e:45:3e:38:42:30:cf:32:b0:8f:04:b2:73:30:02:
2a:24:51:2e:5a:27:35:87:31:72:94:fa:4d:d4:a1:52:e6:8b:
16:65:cb:93:f4:f7:80:26:e1:34:cd:7f:71:28:22:17:63:45:
7d:5b:8b:a2:1c:71:f0:4c:a1:6c:bf:c0:61:b8:43:92:6d:ae:
68:a2:a7:e7:8c:d8:1c:42:48:e1:21:6d:93:4e:0b:b8:6d:93:
6d:44:b7:50:dd:bc:e0:08:a7:51:73:a9:1c:ca:10:35:66:93:
39:dc:78:aa:13:e8:bd:96:01:ed:26:f0:81:b1:c6:37:e9:69:
05:78:df:ce:c2:57:ed:94:1f:b0:f3:59:bc:5c:17:47:89:ae:
bf:6d:27:f9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNUOcnJQzYqIaeoZmwZs7RdxASaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQwNDNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlNmQ4NDg4M2ZhNDUyNTUwYWU4ZDJlN2I2YWE5MjMyNTE5YWZhODMzODc3
YjQxNzBmN2ZlODQzYWI0ZWYzMzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANeZ5H7LBIXbZU+VbQs3TRAA/DsDOauygnPACitakRBFuMf92s6CL2Ai/SlH
RZdv0iR5nRYhvEPu6G1trQKdZDJl063hRA94e+PYrPGp7Z1m8ooSmNifAf0b1dZD
9bJwl5PUkUby1DxmgkIDw1Gx3ubJsknGhcUwreSLaLZ3PWUuqzEDFG1+M22TCyjz
WdFbmDQ6TPs9v6CeJt/jjfHdYJyvlgIxylEitSNjgAmmBtCOvL3q2wKB1hpeDJGH
JWoejw0wASocmXZAASKJ174aMV2mbEmwEjTob03YxsescGhPIW7Z3g8axNZ44qql
aQe4ziAI/nioU9D40ZlOACn48E8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRyjZad
988qelXiZIs4noEnXuZJVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTI3OWM1ZTctNjE0NC00NDBhLTlmMWQtMjAxM2ZiOTZkMDZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIg
MA0GCSqGSIb3DQEBCwUAA4IBAQCzBR7xWe0qah/R7OBk5cy8vdq79uWxuVRoNzPr
pbQxbL2RFTOX4kk/seE9krvY+ZOBiwhfTewAG4x+hf12G5ybWp38o8SBFFZ9OhKJ
JCxPz6JhOXATlTP2VsW+ck/GNNqsnTfRmm969LNO9pLzExouRT44QjDPMrCPBLJz
MAIqJFEuWic1hzFylPpN1KFS5osWZcuT9PeAJuE0zX9xKCIXY0V9W4uiHHHwTKFs
v8BhuEOSba5ooqfnjNgcQkjhIW2TTgu4bZNtRLdQ3bzgCKdRc6kcyhA1ZpM53Hiq
E+i9lgHtJvCBscY36WkFeN/OwlftlB+w81m8XBdHia6/bSf5
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:34:19 2025 by rpki-client