Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
File: ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa (raw, json)
Hash identifier: UrysWt76Db1ahDPVgsNTo6jMw4Xw71P4gVI1Py580TM=
Subject key identifier: B8:76:C9:1F:4B:04:66:BB:D4:B6:10:2E:3A:E7:B4:2F:B6:1B:4E:34
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22E6C7E6140A52C0E5A8F74472520E2499CAC4E0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
Signing time: Fri 15 Aug 2025 15:51:03 +0000
ROA not before: Fri 15 Aug 2025 15:51:03 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:e6:c7:e6:14:0a:52:c0:e5:a8:f7:44:72:52:0e:24:99:ca:c4:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:51:03 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=91935868bae7c22d03ba9414cb437ed44b19766af0844da910ed09880a48e8ba, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c3:9f:c4:7c:71:18:02:37:43:15:01:5d:f3:
c9:f2:c6:2d:f6:2f:57:0f:06:dc:34:06:0c:bf:e5:
db:e6:b6:ec:d1:ec:29:32:01:02:92:66:0e:39:55:
40:05:fb:4c:ce:09:61:36:03:04:3f:7c:47:ed:11:
0a:bf:b0:6f:3b:80:d9:81:d3:c6:05:d3:80:b5:68:
99:67:dc:60:62:58:36:da:65:d7:fa:62:ad:69:11:
2a:a5:53:bb:17:28:f6:4d:da:9c:7c:1a:1e:10:b9:
c4:25:9a:1c:60:cb:03:c7:96:f5:7d:1d:5a:88:c3:
41:9e:4e:28:44:d6:db:3a:b8:21:60:a6:5b:fb:23:
a2:b8:a8:96:be:91:cd:56:56:9d:24:ad:94:e1:d6:
dc:53:a0:70:98:a5:1b:2e:7a:12:f5:9f:a5:4b:82:
9f:41:15:d1:2e:3c:d0:be:93:df:6f:8b:6f:96:5c:
3e:f7:95:f9:a1:1a:44:8b:d8:80:ae:7a:b9:b1:c5:
29:19:62:2b:3c:7e:2b:64:97:32:0f:96:20:95:7b:
0b:a1:2d:5d:56:4b:a0:1c:03:58:ff:71:cc:df:40:
66:2f:04:37:de:01:a4:04:52:9e:ef:8d:bf:5f:02:
c6:13:b5:fb:38:5f:e4:61:bc:4e:cb:27:de:bb:26:
19:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:76:C9:1F:4B:04:66:BB:D4:B6:10:2E:3A:E7:B4:2F:B6:1B:4E:34
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ede5200e-55c8-4a89-9ccf-cf465c6ddb50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:4000::/40
Signature Algorithm: sha256WithRSAEncryption
81:54:05:79:e3:9e:19:d4:73:f9:47:3d:80:7f:24:b3:1b:3d:
51:37:be:8b:b3:ff:d3:e0:9c:cc:54:d3:8a:c6:a4:1d:1e:77:
73:b6:7d:e2:3b:ab:06:b6:bd:c2:4c:ca:ee:14:2a:a1:86:c4:
5d:ff:50:0d:ea:41:08:d1:d9:fe:a8:16:fd:38:5c:4d:e1:71:
c4:97:6b:73:93:78:e9:1b:dc:1b:30:56:d2:df:38:5a:ce:94:
24:14:a7:a5:ab:1f:52:ee:0f:7f:d5:83:1e:8d:48:e9:20:90:
04:3b:61:e4:a6:88:b7:a2:f0:10:93:73:e3:3d:fd:98:f9:2c:
be:19:d0:71:39:63:76:31:a2:7d:6c:29:39:0a:3a:d1:26:34:
17:53:17:54:ba:b9:54:08:79:3e:ad:9a:3e:cd:a3:52:a0:48:
b8:2b:0a:bb:ae:05:49:90:9e:96:2e:bf:35:58:da:e3:53:4c:
14:93:70:4d:3a:eb:14:1c:61:e0:0d:7b:c3:6e:8b:aa:f9:77:
16:d3:79:5a:85:13:72:4b:d1:9e:a7:ac:8a:1c:f5:bc:2a:17:
bd:ac:00:63:56:5d:c5:c9:a1:ff:84:ea:36:ea:cc:2e:66:99:
9c:e9:b2:52:d4:0d:ea:e4:c0:41:1d:08:0a:2e:a8:ad:48:ea:
9f:fc:1f:db
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIubH5hQKUsDlqPdEclIOJJnKxOAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTUxMDNaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxOTM1ODY4YmFlN2MyMmQwM2JhOTQxNGNiNDM3ZWQ0NGIxOTc2NmFmMDg0
NGRhOTEwZWQwOTg4MGE0OGU4YmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHDn8R8cRgCN0MVAV3zyfLGLfYvVw8G3DQGDL/l2+a27NHsKTIBApJmDjlV
QAX7TM4JYTYDBD98R+0RCr+wbzuA2YHTxgXTgLVomWfcYGJYNtpl1/pirWkRKqVT
uxco9k3anHwaHhC5xCWaHGDLA8eW9X0dWojDQZ5OKETW2zq4IWCmW/sjoriolr6R
zVZWnSStlOHW3FOgcJilGy56EvWfpUuCn0EV0S480L6T32+Lb5ZcPveV+aEaRIvY
gK56ubHFKRliKzx+K2SXMg+WIJV7C6EtXVZLoBwDWP9xzN9AZi8EN94BpARSnu+N
v18CxhO1+zhf5GG8Tssn3rsmGV0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS4dskf
SwRmu9S2EC4657QvthtONDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWRlNTIwMGUtNTVjOC00YTg5LTljY2YtY2Y0NjVjNmRkYjUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJA
MA0GCSqGSIb3DQEBCwUAA4IBAQCBVAV5454Z1HP5Rz2AfySzGz1RN76Ls//T4JzM
VNOKxqQdHndztn3iO6sGtr3CTMruFCqhhsRd/1AN6kEI0dn+qBb9OFxN4XHEl2tz
k3jpG9wbMFbS3zhazpQkFKelqx9S7g9/1YMejUjpIJAEO2Hkpoi3ovAQk3PjPf2Y
+Sy+GdBxOWN2MaJ9bCk5CjrRJjQXUxdUurlUCHk+rZo+zaNSoEi4Kwq7rgVJkJ6W
Lr81WNrjU0wUk3BNOusUHGHgDXvDbouq+XcW03lahRNyS9Gep6yKHPW8Khe9rABj
Vl3FyaH/hOo26swuZpmc6bJS1A3q5MBBHQgKLqitSOqf/B/b
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:48:22 2025 by rpki-client