Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
File: ea271f77-763d-42f8-a315-60081847d059.roa (raw, json)
Hash identifier: k+BKtwFc6w7f3Ukb/QPUswD7UEVCkDq5oBhr7AE17Ek=
Subject key identifier: 38:DE:26:5D:47:50:E9:0D:8F:87:5A:90:ED:2A:99:1D:AA:D2:B5:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 41D4025C39AD757D632259ED6E205E543C8F0B7A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
Signing time: Tue 05 Aug 2025 18:40:58 +0000
ROA not before: Tue 05 Aug 2025 18:40:58 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:d4:02:5c:39:ad:75:7d:63:22:59:ed:6e:20:5e:54:3c:8f:0b:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:40:58 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=a5d1fa174c0f6fb511f54f2e2411bb158fe1d8859848db3af91f6dffcaf09b77, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fb:f3:74:d9:ee:62:a6:e4:de:f0:1c:dc:87:
d4:dd:1d:f3:78:9d:b0:ac:13:de:16:c2:62:a6:25:
c7:43:5f:d8:57:57:d3:86:4f:33:70:71:e6:59:40:
6c:fe:e3:b1:cc:c0:66:51:5a:b2:19:9e:70:23:30:
46:46:2b:8d:50:71:83:e2:e3:42:c8:b6:52:c3:ff:
10:08:36:49:e6:bb:3d:a3:f6:85:bd:2a:18:84:03:
0b:e5:d5:2c:1c:2e:19:b4:99:63:d5:de:b0:16:f7:
51:c9:9a:b9:43:7e:9f:86:a1:5c:57:83:50:6f:2c:
46:84:c7:43:6c:c2:7d:8a:bb:6e:ef:a2:c8:11:ac:
ab:f4:65:b8:ee:06:b1:7d:2b:4e:7d:4e:23:fb:e7:
59:be:18:ab:86:37:ed:b9:58:e7:5b:b4:26:2d:a6:
22:02:c3:a2:be:a6:e0:f6:21:27:eb:09:a4:63:87:
10:75:d5:47:90:55:7a:26:ef:53:c5:56:17:e0:ae:
0e:c5:57:33:25:f8:97:58:7a:25:b5:cd:0c:05:de:
92:00:91:9c:8f:46:28:b1:38:98:4b:63:11:2c:62:
eb:54:ea:f9:57:ba:c2:0a:c2:0d:06:32:22:ee:8f:
ed:6e:32:57:78:13:ba:67:14:f8:ec:68:da:d7:6c:
a9:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:DE:26:5D:47:50:E9:0D:8F:87:5A:90:ED:2A:99:1D:AA:D2:B5:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e040::/48
Signature Algorithm: sha256WithRSAEncryption
1f:1e:12:e2:e1:84:3f:fa:51:61:32:9f:48:06:cc:a7:65:79:
40:9d:3d:26:13:f9:ad:17:05:e0:85:3a:1a:85:16:5f:10:f6:
0d:82:da:b5:4b:18:85:f5:8e:39:4e:d8:3a:c4:93:9b:eb:9a:
7a:5a:92:bb:cf:ed:4b:94:d4:e7:0d:5a:30:80:23:6a:87:4c:
08:c4:62:27:2c:31:f5:c8:03:e4:60:3a:50:96:e6:dd:e7:f9:
84:c3:a4:c8:22:28:2e:5e:56:9c:7f:96:eb:5c:2a:81:34:9a:
26:9c:fe:bb:85:f8:93:20:ae:36:b5:b4:02:8c:96:b0:78:58:
ba:aa:ff:7a:0b:2d:87:74:ef:75:b8:01:c8:48:da:9f:40:a6:
a0:82:dc:f5:4a:ac:a5:8a:d8:35:fd:e6:45:5a:4c:21:37:b1:
a4:e1:b5:28:8b:9c:7d:e4:ef:88:11:e4:6f:f5:a1:7a:fc:a1:
3f:59:f8:cb:9c:ec:6f:40:d8:5b:31:2a:d1:e9:4d:0c:9f:0e:
15:d7:46:00:a4:43:aa:5e:8d:c6:b3:d7:2c:9b:75:06:05:da:
31:07:77:fe:fe:b8:d8:1d:df:4b:1d:1c:d2:62:c3:6e:41:1d:
93:19:f2:77:1a:bb:57:2a:14:74:fd:24:eb:84:ae:87:8a:d7:
eb:47:1b:7c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQdQCXDmtdX1jIlntbiBeVDyPC3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQwNThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1ZDFmYTE3NGMwZjZmYjUxMWY1NGYyZTI0MTFiYjE1OGZlMWQ4ODU5ODQ4
ZGIzYWY5MWY2ZGZmY2FmMDliNzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/783TZ7mKm5N7wHNyH1N0d83idsKwT3hbCYqYlx0Nf2FdX04ZPM3Bx5llA
bP7jsczAZlFashmecCMwRkYrjVBxg+LjQsi2UsP/EAg2Sea7PaP2hb0qGIQDC+XV
LBwuGbSZY9XesBb3UcmauUN+n4ahXFeDUG8sRoTHQ2zCfYq7bu+iyBGsq/RluO4G
sX0rTn1OI/vnWb4Yq4Y37blY51u0Ji2mIgLDor6m4PYhJ+sJpGOHEHXVR5BVeibv
U8VWF+CuDsVXMyX4l1h6JbXNDAXekgCRnI9GKLE4mEtjESxi61Tq+Ve6wgrCDQYy
Iu6P7W4yV3gTumcU+Oxo2tdsqf0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ43iZd
R1DpDY+HWpDtKpkdqtK1AjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWEyNzFmNzctNzYzZC00MmY4LWEzMTUtNjAwODE4NDdkMDU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg
QDANBgkqhkiG9w0BAQsFAAOCAQEAHx4S4uGEP/pRYTKfSAbMp2V5QJ09JhP5rRcF
4IU6GoUWXxD2DYLatUsYhfWOOU7YOsSTm+uaelqSu8/tS5TU5w1aMIAjaodMCMRi
Jywx9cgD5GA6UJbm3ef5hMOkyCIoLl5WnH+W61wqgTSaJpz+u4X4kyCuNrW0AoyW
sHhYuqr/egsth3TvdbgByEjan0CmoILc9UqspYrYNf3mRVpMITexpOG1KIucfeTv
iBHkb/WhevyhP1n4y5zsb0DYWzEq0elNDJ8OFddGAKRDql6NxrPXLJt1BgXaMQd3
/v642B3fSx0c0mLDbkEdkxnydxq7VyoUdP0k64Suh4rX60cbfA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:09 2025 by rpki-client