Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
File: e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa (raw, json)
Hash identifier: 5dq7hdd4HSkQk1Ini0iY9BgTTx54xcL24SugsSLpRYk=
Subject key identifier: C5:0F:43:42:BD:71:B3:BF:71:D9:64:57:FE:60:A0:6F:7C:B7:6F:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 696EDADB95AE3105EA97691065EF3EF3E61712C6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
Signing time: Tue 05 Aug 2025 18:41:43 +0000
ROA not before: Tue 05 Aug 2025 18:41:43 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:6e:da:db:95:ae:31:05:ea:97:69:10:65:ef:3e:f3:e6:17:12:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:41:43 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=bd41fde75493514e77d0e0c513628c5e13ab284df61bb23bd8891a2fc5916f4f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:17:f2:1e:aa:1e:5e:14:ac:30:57:4c:eb:aa:
cc:4d:df:b8:c3:7b:63:42:79:ba:17:04:9a:a3:ba:
33:3d:15:32:76:0d:db:2c:29:45:2c:b1:93:4a:6c:
71:9b:ee:d9:53:9c:14:1e:f8:1a:7d:24:ba:26:17:
4c:96:b9:a1:d2:ba:2a:25:8e:33:75:10:f9:58:29:
b9:45:55:d7:50:53:c4:35:9f:29:4b:6d:28:0f:d8:
15:8c:88:48:75:47:00:62:9f:95:fc:67:7a:24:55:
12:a3:a8:95:8c:e4:b6:4a:e5:74:ba:d4:d9:d8:6e:
df:4d:fe:9f:0d:35:97:7c:c4:33:58:27:34:4a:d5:
7a:71:d9:26:46:7b:16:44:34:b1:3e:b2:15:6d:00:
98:67:ff:7b:90:4b:a1:db:3a:04:69:2d:97:5c:da:
bb:25:56:35:bd:88:7d:a8:a1:fa:10:55:fa:f5:dd:
bb:32:f3:36:00:75:04:a2:d7:d2:5b:72:0d:31:3a:
b7:c0:59:7c:d9:1a:9e:ff:d4:b3:29:20:96:97:b3:
22:e7:4e:63:35:a8:5e:d1:8c:91:65:24:98:df:5c:
07:9d:01:a3:c8:c0:5e:b0:b3:d6:81:a9:2a:a0:0c:
00:d6:27:a7:c8:92:85:0a:0c:7b:7b:f2:ee:65:dd:
ae:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:0F:43:42:BD:71:B3:BF:71:D9:64:57:FE:60:A0:6F:7C:B7:6F:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
5c:c0:66:ad:40:04:10:9a:ff:08:5c:97:d6:28:27:f6:1d:1b:
bc:83:66:cc:68:75:3c:29:de:2a:b5:13:07:7f:ef:0e:71:87:
4f:32:9f:b0:35:47:09:cc:a1:e9:78:d6:ab:96:e7:86:21:ed:
44:35:0b:d5:9d:1a:e9:06:d6:6a:3e:29:67:6a:38:2b:de:cf:
6d:02:c4:37:4e:13:35:df:f4:c6:f2:a3:a3:e2:05:8e:0d:4a:
fd:0f:00:b7:ce:88:a1:d1:f7:b9:b5:c8:60:87:8a:62:f9:1f:
84:6a:df:60:da:0b:b9:c1:75:7b:fd:be:53:08:ba:2e:8b:49:
94:56:3c:20:08:3b:9e:d3:de:62:b6:4e:a8:e2:51:8d:33:ec:
97:a4:7e:86:db:02:9a:81:56:ac:2a:34:89:e3:e3:3f:55:5b:
49:71:05:86:61:e8:9b:03:70:c0:ce:75:27:85:84:f2:b1:82:
4d:a1:b6:fb:d5:81:0b:a3:b8:32:6b:8b:6e:da:83:39:1e:44:
ac:d6:e7:71:71:11:b9:4d:23:20:a2:9d:6b:29:93:a6:f3:b8:
48:a9:97:02:c5:6e:de:cb:e0:68:15:dd:8e:2a:40:fe:c3:ff:
11:2e:67:35:dd:fa:d3:80:8a:b8:ad:69:21:c2:de:6d:31:da:
db:40:89:d7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaW7a25WuMQXql2kQZe8+8+YXEsYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQxNDNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkNDFmZGU3NTQ5MzUxNGU3N2QwZTBjNTEzNjI4YzVlMTNhYjI4NGRmNjFi
YjIzYmQ4ODkxYTJmYzU5MTZmNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO4X8h6qHl4UrDBXTOuqzE3fuMN7Y0J5uhcEmqO6Mz0VMnYN2ywpRSyxk0ps
cZvu2VOcFB74Gn0kuiYXTJa5odK6KiWOM3UQ+VgpuUVV11BTxDWfKUttKA/YFYyI
SHVHAGKflfxneiRVEqOolYzktkrldLrU2dhu303+nw01l3zEM1gnNErVenHZJkZ7
FkQ0sT6yFW0AmGf/e5BLods6BGktl1zauyVWNb2Ifaih+hBV+vXduzLzNgB1BKLX
0ltyDTE6t8BZfNkanv/UsykglpezIudOYzWoXtGMkWUkmN9cB50Bo8jAXrCz1oGp
KqAMANYnp8iShQoMe3vy7mXdrgcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTFD0NC
vXGzv3HZZFf+YKBvfLdvGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg3YTk3MWMtOWJhZC00NGQ0LWJhNjMtOWMwOWYwMjk5ZmEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLg
wDANBgkqhkiG9w0BAQsFAAOCAQEAXMBmrUAEEJr/CFyX1ign9h0bvINmzGh1PCne
KrUTB3/vDnGHTzKfsDVHCcyh6XjWq5bnhiHtRDUL1Z0a6QbWaj4pZ2o4K97PbQLE
N04TNd/0xvKjo+IFjg1K/Q8At86IodH3ubXIYIeKYvkfhGrfYNoLucF1e/2+Uwi6
LotJlFY8IAg7ntPeYrZOqOJRjTPsl6R+htsCmoFWrCo0iePjP1VbSXEFhmHomwNw
wM51J4WE8rGCTaG2+9WBC6O4MmuLbtqDOR5ErNbncXERuU0jIKKdaymTpvO4SKmX
AsVu3svgaBXdjipA/sP/ES5nNd3604CKuK1pIcLebTHa20CJ1w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:54:06 2025 by rpki-client