Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
File: e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa (raw, json)
Hash identifier: N11MP6QYF2hOGCU94EX+MEuaWvxvqlwim+LkwZihTGI=
Subject key identifier: 1A:B0:61:56:70:01:1B:16:43:A5:16:35:36:1F:0E:21:CB:7C:91:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B2F10CF56CDB228C4B514E31F5F9908E1C8BAFD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
Signing time: Tue 05 Aug 2025 19:40:51 +0000
ROA not before: Tue 05 Aug 2025 19:40:51 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:2f:10:cf:56:cd:b2:28:c4:b5:14:e3:1f:5f:99:08:e1:c8:ba:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:40:51 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=35957a4aa7fb462efa9199a083dba5f0908ee3ed3c8c8321d859ba863064e214, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fc:c1:e2:af:8e:37:8f:45:ea:a4:63:fe:16:
09:f7:3f:c4:7d:82:dd:95:44:11:00:20:01:ee:6d:
db:b6:2f:5c:58:12:a1:52:0f:07:7b:f6:3f:92:c4:
e5:65:70:ea:65:f6:6b:9c:26:ce:17:b3:3f:1e:bc:
df:ac:4c:1c:87:58:64:be:62:15:60:55:74:ac:d6:
0f:fa:17:03:1e:b1:bc:9f:27:d7:c6:04:66:28:69:
03:56:f7:57:b2:56:92:37:37:38:c2:08:74:f9:40:
72:fa:24:34:83:47:d6:df:82:4b:fc:e3:aa:a9:a6:
05:14:8b:70:c7:89:a1:6a:f2:9a:fe:05:d1:9b:d3:
c5:d8:85:9a:cd:0b:54:1a:28:ce:3b:16:20:b1:94:
8d:0d:22:2b:db:51:4d:29:8a:4c:d8:4a:5e:73:c9:
d1:e0:3b:27:cd:22:04:f2:3d:d7:35:0f:b0:6b:59:
6b:db:de:2b:af:b5:a5:0e:f1:c9:01:a7:a9:9a:51:
10:a2:c9:3d:a2:31:fa:80:d8:48:b7:67:f4:da:a0:
43:7e:2b:5b:41:1d:a1:d9:be:0a:fa:25:5a:fa:b1:
97:3b:3f:8e:7b:6c:d4:ce:df:f4:3f:d8:6e:00:29:
b5:eb:c7:2d:ea:e9:86:53:25:37:ae:39:1f:23:7f:
87:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B0:61:56:70:01:1B:16:43:A5:16:35:36:1F:0E:21:CB:7C:91:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e7efd861-8dc6-40c5-8713-0bcfdbed7c2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
39:62:8f:5d:ea:35:cf:f8:06:9d:f3:4d:ff:e1:9f:53:b5:c3:
07:62:69:70:d5:13:ee:e0:5f:f4:ce:19:f0:b1:31:08:3e:bd:
00:b2:3f:e7:00:60:a5:2e:3b:9f:47:f6:a7:13:1d:d8:30:f8:
ca:68:56:49:47:eb:14:2b:ea:6c:40:a1:21:cb:66:c5:7e:fc:
0c:e5:ad:ea:3e:2b:3f:73:94:df:eb:95:11:1c:5f:24:b7:1c:
60:7d:4b:f0:ae:a4:d2:48:62:4b:2c:09:69:6a:f3:14:93:79:
a8:3d:73:8d:dd:6b:0e:f6:c6:4a:1c:e9:13:bd:6c:14:5f:1d:
06:31:e9:33:e7:b7:dc:98:e5:4c:79:96:12:b3:39:34:29:4f:
f7:ff:10:88:c0:5c:2e:4e:9d:9a:d6:7e:6f:f8:ae:a2:62:c7:
4e:4a:d8:35:ea:49:84:70:1c:10:19:2d:07:58:fe:10:f5:29:
bc:5a:b6:80:b1:5e:89:1a:db:6f:81:ee:8e:6a:24:d8:45:9c:
4f:15:af:ad:1e:dc:ea:ad:6a:41:6a:41:ca:cb:de:07:83:6a:
a1:45:e9:87:c9:21:00:3d:b4:e4:30:df:b6:76:b6:ad:03:9e:
ae:4b:2e:ba:f8:04:b9:85:97:04:5a:57:dc:c0:52:4d:fe:b2:
cd:4c:80:fe
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKy8Qz1bNsijEtRTjH1+ZCOHIuv0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQwNTFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1OTU3YTRhYTdmYjQ2MmVmYTkxOTlhMDgzZGJhNWYwOTA4ZWUzZWQzYzhj
ODMyMWQ4NTliYTg2MzA2NGUyMTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMD8weKvjjePReqkY/4WCfc/xH2C3ZVEEQAgAe5t27YvXFgSoVIPB3v2P5LE
5WVw6mX2a5wmzhezPx6836xMHIdYZL5iFWBVdKzWD/oXAx6xvJ8n18YEZihpA1b3
V7JWkjc3OMIIdPlAcvokNINH1t+CS/zjqqmmBRSLcMeJoWrymv4F0ZvTxdiFms0L
VBoozjsWILGUjQ0iK9tRTSmKTNhKXnPJ0eA7J80iBPI91zUPsGtZa9veK6+1pQ7x
yQGnqZpREKLJPaIx+oDYSLdn9NqgQ34rW0Edodm+CvolWvqxlzs/jnts1M7f9D/Y
bgAptevHLerphlMlN645HyN/hyMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQasGFW
cAEbFkOlFjU2Hw4hy3yRrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTdlZmQ4NjEtOGRjNi00MGM1LTg3MTMtMGJjZmRiZWQ3YzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DqA
MA0GCSqGSIb3DQEBCwUAA4IBAQA5Yo9d6jXP+Aad803/4Z9TtcMHYmlw1RPu4F/0
zhnwsTEIPr0Asj/nAGClLjufR/anEx3YMPjKaFZJR+sUK+psQKEhy2bFfvwM5a3q
Pis/c5Tf65URHF8ktxxgfUvwrqTSSGJLLAlpavMUk3moPXON3WsO9sZKHOkTvWwU
Xx0GMekz57fcmOVMeZYSszk0KU/3/xCIwFwuTp2a1n5v+K6iYsdOStg16kmEcBwQ
GS0HWP4Q9Sm8WraAsV6JGttvge6OaiTYRZxPFa+tHtzqrWpBakHKy94Hg2qhRemH
ySEAPbTkMN+2dratA56uSy66+AS5hZcEWlfcwFJN/rLNTID+
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:55 2025 by rpki-client