Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
File: f7a46ea9-b416-4218-a790-28cf84d702ce.roa (raw, json)
Hash identifier: zE3G2hD7i4WcHyVjk+SZdn4NmgP3pc6+qyLgB1t2I1g=
Subject key identifier: A8:07:44:04:AE:40:A3:EA:7B:32:69:E3:39:FA:B5:4E:41:89:AF:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F2651E084E71095DE92ECDB94C9DD1605154B6B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
Signing time: Tue 05 Aug 2025 20:20:04 +0000
ROA not before: Tue 05 Aug 2025 20:20:04 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d026::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:26:51:e0:84:e7:10:95:de:92:ec:db:94:c9:dd:16:05:15:4b:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:20:04 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=9bd72bf36c0a98b80faf478901864fab291cdf2aa8d41b7169e448ca6c85bd67, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c1:69:82:36:a6:5e:c0:c6:49:8f:10:62:35:
b0:63:e1:79:38:aa:91:35:05:9e:25:a7:dd:36:9e:
87:50:9d:1a:42:60:d1:67:d8:3c:48:09:40:5c:a6:
0c:a0:95:99:38:a1:55:2e:cc:75:9c:4b:89:56:0d:
da:ec:32:8e:de:51:00:69:a2:f0:2d:8f:86:b5:10:
1a:b2:6e:03:55:e5:1e:16:13:d9:fd:ae:d8:ea:23:
0b:86:08:a8:38:16:33:c0:d2:00:c8:8f:9b:f5:95:
af:f7:60:d6:00:ea:5b:c1:ce:89:b4:a4:e3:6d:11:
03:c7:87:35:99:f3:83:bc:51:9a:31:70:32:73:d0:
92:26:3c:68:85:5a:00:cf:fa:9b:d1:b9:05:c5:45:
4f:15:ef:24:74:04:47:b5:33:33:a9:b3:7b:a5:40:
b6:1e:89:3c:81:78:60:62:c7:65:19:6e:31:21:bb:
78:fc:52:26:a4:49:c2:a1:12:49:54:f4:14:77:45:
b2:90:1e:7a:2e:aa:46:90:ba:52:7e:fd:a7:cc:87:
15:8b:9f:e2:4b:49:2b:fb:63:9d:4b:87:d9:ff:bb:
8a:af:11:3c:33:29:16:9b:21:ff:19:73:2b:04:cc:
21:d3:a1:ef:7d:50:3d:58:02:8d:03:f6:04:f0:ae:
e4:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:07:44:04:AE:40:A3:EA:7B:32:69:E3:39:FA:B5:4E:41:89:AF:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d026::/36
Signature Algorithm: sha256WithRSAEncryption
9d:ee:30:73:06:ed:96:43:eb:f5:af:6f:ac:82:bd:9f:36:ba:
5a:10:21:3b:d9:3f:9c:fb:2f:bc:5c:9c:df:7e:7a:ac:8b:23:
33:14:8a:de:7c:3f:83:94:81:38:60:ff:47:e7:b4:ac:a5:01:
83:7d:32:2e:ae:5c:83:d7:20:ff:66:c5:45:d2:c6:2a:fb:9d:
8c:e7:1c:8f:be:e1:fd:ba:80:e5:99:ab:e2:1e:15:d6:26:76:
26:6d:14:1d:50:24:c9:fe:7a:48:f0:a8:80:e2:bf:cb:00:ed:
56:51:25:fa:a1:ba:6d:35:c7:43:2f:ca:b2:4c:9c:9d:ea:7c:
d4:b1:a4:b9:a0:e6:b1:df:37:fe:8d:c2:fa:bb:af:a8:94:b1:
ae:53:1b:50:18:a9:01:d6:1b:28:24:3e:7b:bb:76:b8:1c:00:
b7:42:30:fe:2e:ca:91:c2:4f:59:5c:e2:5d:58:43:91:cf:cd:
c3:3f:0c:d8:71:ff:3d:11:b8:fd:5b:0f:f6:c1:04:ba:7f:56:
ec:84:b2:63:cd:dd:73:05:b9:0e:f0:d8:00:39:47:fb:31:3e:
d5:35:9e:d8:77:9b:48:18:01:a1:d9:4b:b0:03:d3:c0:93:73:
3a:be:57:ae:5f:c1:30:49:cd:65:aa:b8:2a:ed:9d:e3:37:46:
0c:a8:06:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULyZR4ITnEJXekuzblMndFgUVS2swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDIwMDRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDliZDcyYmYzNmMwYTk4YjgwZmFmNDc4OTAxODY0ZmFiMjkxY2RmMmFhOGQ0
MWI3MTY5ZTQ0OGNhNmM4NWJkNjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7BaYI2pl7AxkmPEGI1sGPheTiqkTUFniWn3Taeh1CdGkJg0WfYPEgJQFym
DKCVmTihVS7MdZxLiVYN2uwyjt5RAGmi8C2PhrUQGrJuA1XlHhYT2f2u2OojC4YI
qDgWM8DSAMiPm/WVr/dg1gDqW8HOibSk420RA8eHNZnzg7xRmjFwMnPQkiY8aIVa
AM/6m9G5BcVFTxXvJHQER7UzM6mze6VAth6JPIF4YGLHZRluMSG7ePxSJqRJwqES
SVT0FHdFspAeei6qRpC6Un79p8yHFYuf4ktJK/tjnUuH2f+7iq8RPDMpFpsh/xlz
KwTMIdOh731QPVgCjQP2BPCu5LkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSoB0QE
rkCj6nsyaeM5+rVOQYmvGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdhNDZlYTktYjQxNi00MjE4LWE3OTAtMjhjZjg0ZDcwMmNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CYA
MA0GCSqGSIb3DQEBCwUAA4IBAQCd7jBzBu2WQ+v1r2+sgr2fNrpaECE72T+c+y+8
XJzffnqsiyMzFIrefD+DlIE4YP9H57SspQGDfTIurlyD1yD/ZsVF0sYq+52M5xyP
vuH9uoDlmaviHhXWJnYmbRQdUCTJ/npI8KiA4r/LAO1WUSX6obptNcdDL8qyTJyd
6nzUsaS5oOax3zf+jcL6u6+olLGuUxtQGKkB1hsoJD57u3a4HAC3QjD+LsqRwk9Z
XOJdWEORz83DPwzYcf89Ebj9Ww/2wQS6f1bshLJjzd1zBbkO8NgAOUf7MT7VNZ7Y
d5tIGAGh2UuwA9PAk3M6vleuX8EwSc1lqrgq7Z3jN0YMqAaO
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:57 2025 by rpki-client