Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
File: eb69b216-60d5-4f56-b2b8-3401f331f31e.roa (raw, json)
Hash identifier: uMCIp9uzwVJYtMO5va4H7rhz9Xam3JI1gMXdg6ZcuJ4=
Subject key identifier: 33:28:25:14:9A:84:54:B9:6B:84:D2:59:C2:5D:82:28:D2:71:B8:15
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37DDED0C8B151858B664022546F7F6BC4148268A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
Signing time: Tue 05 Aug 2025 19:51:00 +0000
ROA not before: Tue 05 Aug 2025 19:51:00 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:dd:ed:0c:8b:15:18:58:b6:64:02:25:46:f7:f6:bc:41:48:26:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:51:00 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=afdc675ade6743f6c216579e87e124dbf511d060fe92f7c2238a468d0d6949b0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:d4:69:08:62:9e:76:c4:7c:cb:3a:32:94:a8:
3d:90:c4:b2:b1:cf:bc:1b:5a:cf:82:48:fb:34:6c:
d5:7a:c4:21:cb:f4:55:0c:58:58:76:66:72:84:b0:
5c:8f:d3:79:0b:1f:45:e7:21:51:00:53:6a:01:44:
ad:0f:c0:6b:8b:f2:09:05:08:e7:38:04:2c:bc:e6:
03:c1:82:eb:3a:0b:15:90:7e:42:f0:56:01:22:39:
47:b7:f2:63:ff:84:bf:d4:0a:de:36:f1:df:fc:ec:
38:0b:cd:c5:3c:e5:34:70:a4:63:c0:b1:f5:ce:3e:
4b:d6:91:7e:0a:98:66:31:6a:e4:0f:5b:30:96:47:
8c:7c:70:f8:df:5d:3f:63:e4:df:b8:2e:a6:62:37:
9b:54:cb:3b:6f:0c:1e:ae:1a:dc:fa:d5:c7:a0:bf:
62:56:1b:5d:6c:53:a6:28:4a:87:00:4b:e5:b0:36:
a3:99:dc:ed:fd:f0:3a:8d:d5:cc:01:69:50:d2:0c:
75:c5:5c:0c:69:84:b9:86:62:e3:de:d5:bb:03:8e:
36:7e:52:7b:73:8b:79:35:b7:41:09:80:fc:cb:4f:
1a:08:c3:af:97:3f:5a:30:9f:5a:4d:f4:57:7b:c2:
6d:74:6d:75:c2:3a:87:47:aa:ad:07:03:c7:2e:37:
e9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:28:25:14:9A:84:54:B9:6B:84:D2:59:C2:5D:82:28:D2:71:B8:15
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
70:a3:f7:5a:6d:7a:cb:2c:27:ea:43:b8:31:34:07:5d:45:20:
28:f7:6f:2c:9f:c9:e0:ac:13:bd:25:96:c9:8b:c0:6a:99:8d:
0a:e0:0f:2c:15:3c:6a:49:98:e7:8d:e1:76:b8:5f:56:ba:d4:
0f:1e:92:21:88:b8:39:ff:d9:21:be:4d:61:84:c1:08:56:58:
cc:ae:ea:13:7d:dc:e1:65:4d:8e:e6:a7:c6:12:fd:bb:94:a9:
5c:17:21:bf:77:37:db:c3:b3:3c:04:9a:ea:76:04:f3:34:3d:
36:a9:d2:98:fd:99:52:cf:3d:c0:fc:36:14:d0:21:87:23:c5:
6a:24:8f:91:8a:77:3d:0a:e6:31:5d:ec:9a:59:46:25:4f:db:
d4:38:40:d6:68:b3:c2:2b:ca:85:ee:91:5b:26:4a:0e:03:58:
9c:8b:61:57:1d:6a:e2:5c:3c:1f:a8:4b:76:0f:f6:f6:d9:6f:
c7:ff:76:8b:10:05:1a:e5:66:13:d4:c9:8b:cf:ea:54:30:05:
37:1d:00:10:42:aa:75:4c:90:2b:f4:4c:dd:91:a7:02:15:1c:
ee:62:28:44:f1:bb:f1:4c:de:00:95:66:85:21:4b:7f:96:9c:
2b:d6:50:97:41:96:8c:3c:b8:bb:27:c7:33:66:f7:8e:5c:ed:
a3:cd:6e:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN93tDIsVGFi2ZAIlRvf2vEFIJoowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUxMDBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmZGM2NzVhZGU2NzQzZjZjMjE2NTc5ZTg3ZTEyNGRiZjUxMWQwNjBmZTky
ZjdjMjIzOGE0NjhkMGQ2OTQ5YjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOvUaQhinnbEfMs6MpSoPZDEsrHPvBtaz4JI+zRs1XrEIcv0VQxYWHZmcoSw
XI/TeQsfRechUQBTagFErQ/Aa4vyCQUI5zgELLzmA8GC6zoLFZB+QvBWASI5R7fy
Y/+Ev9QK3jbx3/zsOAvNxTzlNHCkY8Cx9c4+S9aRfgqYZjFq5A9bMJZHjHxw+N9d
P2Pk37gupmI3m1TLO28MHq4a3PrVx6C/YlYbXWxTpihKhwBL5bA2o5nc7f3wOo3V
zAFpUNIMdcVcDGmEuYZi497VuwOONn5Se3OLeTW3QQmA/MtPGgjDr5c/WjCfWk30
V3vCbXRtdcI6h0eqrQcDxy436VkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQzKCUU
moRUuWuE0lnCXYIo0nG4FTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWI2OWIyMTYtNjBkNS00ZjU2LWIyYjgtMzQwMWYzMzFmMzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HpA
MA0GCSqGSIb3DQEBCwUAA4IBAQBwo/dabXrLLCfqQ7gxNAddRSAo928sn8ngrBO9
JZbJi8BqmY0K4A8sFTxqSZjnjeF2uF9WutQPHpIhiLg5/9khvk1hhMEIVljMruoT
fdzhZU2O5qfGEv27lKlcFyG/dzfbw7M8BJrqdgTzND02qdKY/ZlSzz3A/DYU0CGH
I8VqJI+Rinc9CuYxXeyaWUYlT9vUOEDWaLPCK8qF7pFbJkoOA1ici2FXHWriXDwf
qEt2D/b22W/H/3aLEAUa5WYT1MmLz+pUMAU3HQAQQqp1TJAr9EzdkacCFRzuYihE
8bvxTN4AlWaFIUt/lpwr1lCXQZaMPLi7J8czZveOXO2jzW5Q
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:35:04 2025 by rpki-client