Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
File: f9753974-947c-42c4-885b-aa94c43c56a0.roa (raw, json)
Hash identifier: IiOtO5g8xE3AKX00B9Z0a2YkIEilkT1UKKa0DEDnH9A=
Subject key identifier: AB:5D:58:67:9D:75:45:54:F3:92:10:DD:80:BB:4C:87:04:97:32:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3613F9CF7972C5ADAAAE6FA4FAE2EE61D321597D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
Signing time: Tue 05 Aug 2025 18:40:46 +0000
ROA not before: Tue 05 Aug 2025 18:40:46 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:13:f9:cf:79:72:c5:ad:aa:ae:6f:a4:fa:e2:ee:61:d3:21:59:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:40:46 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=4e9a73fdd3be958ef66aacc014ccb1ce2a2174b2033ecd8ce3f45012e39c62e4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3f:fa:be:11:84:0a:8f:e6:87:24:84:57:81:
f1:1d:21:c7:9b:46:eb:1b:8a:67:c9:f1:28:ad:1c:
43:28:3c:03:87:b3:ab:b7:fe:2f:6e:0e:63:5c:a7:
2f:b7:34:b8:a1:38:40:28:0c:05:d2:a6:39:0d:bb:
9f:96:8e:3b:d5:7d:9f:9d:2c:34:e2:43:9b:21:13:
56:cd:c5:ff:71:4d:6a:0a:08:a4:eb:a9:fe:91:a0:
10:51:a3:a1:4d:39:6d:46:b6:47:41:fa:aa:37:3b:
3b:c9:20:34:43:48:25:eb:89:af:d8:d6:26:21:53:
1f:8d:63:08:ad:bb:1e:15:35:92:df:f9:7c:38:7e:
fb:17:38:e6:5e:63:58:95:7f:49:a4:e5:aa:e4:0e:
da:3e:df:5c:26:33:0a:b7:83:e2:1a:99:06:a3:45:
22:27:e3:f9:9e:f6:07:d8:5c:40:1d:47:d5:cb:ca:
61:70:79:90:d4:f8:93:7c:1e:06:c2:9d:90:2c:11:
a0:e6:f2:3d:2b:55:66:52:54:69:68:e0:df:63:81:
4b:00:39:2b:5a:94:a3:02:85:e7:87:68:c9:7e:d4:
24:6f:73:e6:e8:a7:47:e5:ff:c1:bc:d3:59:2f:1c:
cd:2e:37:f7:13:9a:e9:de:94:c8:40:45:af:a8:f5:
9e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:5D:58:67:9D:75:45:54:F3:92:10:DD:80:BB:4C:87:04:97:32:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
a2:e9:f5:f6:3a:44:14:1b:dc:71:30:78:8c:27:d4:80:c3:93:
b0:72:52:26:b2:f0:e7:d0:7a:71:e3:6d:71:a9:dc:5d:cd:a1:
c1:41:1b:17:cb:c0:08:61:0b:6b:70:23:3c:82:8b:37:22:a9:
8b:78:81:01:b8:ed:48:7b:be:f6:46:fb:f4:db:f0:7c:0c:a5:
d1:a1:7e:44:98:b4:98:ee:23:54:4b:ef:eb:fc:6a:bb:52:de:
0a:9c:8b:ad:89:52:ce:2f:93:5c:3f:1c:6f:6c:0d:ef:a7:20:
5b:40:b3:e6:44:36:28:c3:b4:26:e3:70:bd:24:51:81:ef:96:
72:34:c4:c2:2a:37:6d:84:04:d4:92:07:09:80:f9:fa:6e:47:
2d:18:90:49:f8:44:a2:36:ed:2a:66:c9:09:fe:df:fd:9b:20:
c8:e8:9e:aa:39:17:a8:1e:30:cb:2d:ac:56:8a:b4:7e:80:08:
93:20:84:72:fe:3a:9b:12:d5:7f:02:92:74:fe:c2:90:87:66:
9f:54:b4:b3:5d:2b:2b:15:57:f5:61:3d:50:e8:dd:b4:b6:60:
74:d0:32:e8:60:a7:56:bb:32:a2:0c:30:ce:71:64:a5:40:62:
fc:57:46:56:f2:5a:9c:a9:7a:4c:3f:7d:84:f4:43:58:4b:59:
b7:10:24:26
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNhP5z3lyxa2qrm+k+uLuYdMhWX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQwNDZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlOWE3M2ZkZDNiZTk1OGVmNjZhYWNjMDE0Y2NiMWNlMmEyMTc0YjIwMzNl
Y2Q4Y2UzZjQ1MDEyZTM5YzYyZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKY/+r4RhAqP5ockhFeB8R0hx5tG6xuKZ8nxKK0cQyg8A4ezq7f+L24OY1yn
L7c0uKE4QCgMBdKmOQ27n5aOO9V9n50sNOJDmyETVs3F/3FNagoIpOup/pGgEFGj
oU05bUa2R0H6qjc7O8kgNENIJeuJr9jWJiFTH41jCK27HhU1kt/5fDh++xc45l5j
WJV/SaTlquQO2j7fXCYzCreD4hqZBqNFIifj+Z72B9hcQB1H1cvKYXB5kNT4k3we
BsKdkCwRoObyPStVZlJUaWjg32OBSwA5K1qUowKF54doyX7UJG9z5uinR+X/wbzT
WS8czS439xOa6d6UyEBFr6j1noUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSrXVhn
nXVFVPOSEN2Au0yHBJcy6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Zjk3NTM5NzQtOTQ3Yy00MmM0LTg4NWItYWE5NGM0M2M1NmEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
wDANBgkqhkiG9w0BAQsFAAOCAQEAoun19jpEFBvccTB4jCfUgMOTsHJSJrLw59B6
ceNtcancXc2hwUEbF8vACGELa3AjPIKLNyKpi3iBAbjtSHu+9kb79NvwfAyl0aF+
RJi0mO4jVEvv6/xqu1LeCpyLrYlSzi+TXD8cb2wN76cgW0Cz5kQ2KMO0JuNwvSRR
ge+WcjTEwio3bYQE1JIHCYD5+m5HLRiQSfhEojbtKmbJCf7f/ZsgyOieqjkXqB4w
yy2sVoq0foAIkyCEcv46mxLVfwKSdP7CkIdmn1S0s10rKxVX9WE9UOjdtLZgdNAy
6GCnVrsyogwwznFkpUBi/FdGVvJanKl6TD99hPRDWEtZtxAkJg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:19 2025 by rpki-client