Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ebe232e9-8f0a-4125-b83c-7989e39fdd99.roa
File: ebe232e9-8f0a-4125-b83c-7989e39fdd99.roa (raw, json)
Hash identifier: 28aFMoZV0jus66ZEnkM8FNgY5ctU7gtNSG/FyJ1ShXE=
Subject key identifier: 39:9B:F4:BF:4E:C4:0F:66:11:17:80:F3:07:E1:9D:B2:4F:36:5B:C9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B105EB1AE6F375F746546EF6849D8E7D3D9F136
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ebe232e9-8f0a-4125-b83c-7989e39fdd99.roa
Signing time: Tue 05 Aug 2025 19:51:27 +0000
ROA not before: Tue 05 Aug 2025 19:51:27 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:10:5e:b1:ae:6f:37:5f:74:65:46:ef:68:49:d8:e7:d3:d9:f1:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:51:27 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=e15930c615b44cef182abde5cfb6cd18dda9b32ad0ae3469b78395a615853c28, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9a:2a:d8:be:53:53:e6:70:14:7e:92:05:0f:
0b:cd:50:aa:af:91:7f:80:2c:c9:0b:1c:5b:f0:ac:
10:61:1c:78:0a:a9:3a:01:aa:d4:d3:96:aa:87:aa:
1b:dc:29:93:56:a2:44:87:f8:37:f1:8d:79:14:6b:
50:ad:32:6a:4f:cc:22:c3:fd:c8:88:ec:4b:32:66:
4c:c3:a0:74:fe:d5:b9:f4:72:b1:ea:44:d1:b2:d0:
52:0d:03:1e:e2:f0:da:8a:0c:85:07:aa:6e:72:c7:
e0:51:57:80:79:ce:98:cc:68:bb:d5:c8:8b:d0:4b:
b4:47:9c:57:4f:79:69:37:a0:26:13:3a:64:37:ba:
71:93:c3:6c:50:f5:44:95:5d:39:13:b8:b6:9b:96:
1b:aa:56:1c:d0:3d:50:88:4b:f2:84:b7:5f:b6:d1:
2c:b4:74:d9:78:33:e0:b7:7d:e5:b6:ab:3f:10:e4:
13:92:64:f9:af:a5:51:1b:aa:da:a2:d7:f1:40:c5:
80:6b:2d:4d:8f:cf:7e:4f:b7:dd:ec:e8:d7:5b:bb:
d9:e9:a9:e3:43:8a:5b:e6:bc:82:38:40:57:40:5f:
8d:63:bd:63:74:b6:64:56:ff:a1:96:4f:cb:96:1f:
da:5e:a3:e3:a7:84:ac:d6:46:3c:88:3b:70:82:99:
fc:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:9B:F4:BF:4E:C4:0F:66:11:17:80:F3:07:E1:9D:B2:4F:36:5B:C9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ebe232e9-8f0a-4125-b83c-7989e39fdd99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:b000::/40
Signature Algorithm: sha256WithRSAEncryption
5a:52:3a:14:5e:6f:ef:0e:2e:f4:f2:03:7c:15:66:8d:97:19:
c0:8d:9b:07:1a:19:9d:0e:d5:3f:ee:bb:f8:4a:4e:8d:72:3c:
ef:a2:3c:19:0f:99:33:bc:bb:6b:c8:b8:a9:17:ce:81:e0:5a:
c0:6d:e6:eb:75:d8:a9:2a:53:85:85:6a:be:f4:3d:dc:b0:9c:
40:ae:d9:f6:80:31:a0:d6:70:fc:1a:23:b3:be:89:e8:9f:e4:
c6:9e:e8:ca:4c:89:39:42:43:a5:f1:85:7e:f1:f6:d9:c0:01:
5c:ee:fb:8f:7e:81:01:9f:a9:5a:07:09:9d:5f:d6:0a:d8:0b:
f3:9c:90:dd:d5:8f:55:bf:85:3d:9d:3d:89:0e:8b:4f:c2:ef:
05:5c:57:4b:07:e8:01:e7:6f:e9:48:eb:e3:c3:27:3e:e6:d3:
5f:58:2f:28:c7:91:5c:dc:86:5c:8b:73:0b:87:97:07:5f:e6:
90:1e:9e:f1:82:d5:59:5e:c3:d8:b7:c3:b4:b7:33:38:c5:70:
b2:2f:46:a7:2d:53:d6:ed:c8:e7:c5:98:ba:7c:e2:9c:67:ad:
8a:92:5a:12:f3:73:c6:be:6a:da:87:b7:2c:c9:38:34:eb:0f:
29:0f:4c:ed:5d:e1:3e:dd:e4:9d:10:5e:82:3a:04:88:6a:fe:
e9:4c:32:61
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKxBesa5vN190ZUbvaEnY59PZ8TYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUxMjdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxNTkzMGM2MTViNDRjZWYxODJhYmRlNWNmYjZjZDE4ZGRhOWIzMmFkMGFl
MzQ2OWI3ODM5NWE2MTU4NTNjMjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmaKti+U1PmcBR+kgUPC81Qqq+Rf4AsyQscW/CsEGEceAqpOgGq1NOWqoeq
G9wpk1aiRIf4N/GNeRRrUK0yak/MIsP9yIjsSzJmTMOgdP7VufRysepE0bLQUg0D
HuLw2ooMhQeqbnLH4FFXgHnOmMxou9XIi9BLtEecV095aTegJhM6ZDe6cZPDbFD1
RJVdORO4tpuWG6pWHNA9UIhL8oS3X7bRLLR02Xgz4Ld95barPxDkE5Jk+a+lURuq
2qLX8UDFgGstTY/Pfk+33ezo11u72emp40OKW+a8gjhAV0BfjWO9Y3S2ZFb/oZZP
y5Yf2l6j46eErNZGPIg7cIKZ/JECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ5m/S/
TsQPZhEXgPMH4Z2yTzZbyTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWJlMjMyZTktOGYwYS00MTI1LWI4M2MtNzk4OWUzOWZkZDk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2w
MA0GCSqGSIb3DQEBCwUAA4IBAQBaUjoUXm/vDi708gN8FWaNlxnAjZsHGhmdDtU/
7rv4Sk6NcjzvojwZD5kzvLtryLipF86B4FrAbebrddipKlOFhWq+9D3csJxArtn2
gDGg1nD8GiOzvonon+TGnujKTIk5QkOl8YV+8fbZwAFc7vuPfoEBn6laBwmdX9YK
2AvznJDd1Y9Vv4U9nT2JDotPwu8FXFdLB+gB52/pSOvjwyc+5tNfWC8ox5Fc3IZc
i3MLh5cHX+aQHp7xgtVZXsPYt8O0tzM4xXCyL0anLVPW7cjnxZi6fOKcZ62KkloS
83PGvmrah7csyTg06w8pD0ztXeE+3eSdEF6COgSIav7pTDJh
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:18 2025 by rpki-client