Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa
File: ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa (raw, json)
Hash identifier: PNtWsTHMk91npzO/9FwJ9BLTyPQ57oRUzT8uj6GiPVQ=
Subject key identifier: 9A:A9:6E:40:F4:F1:19:F4:5E:4B:14:C9:C3:80:FF:39:00:FE:57:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 177FC2BA45A7AE5C25D0DB7DD5ADEB3A4CDDF34E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa
Signing time: Wed 06 Aug 2025 00:51:30 +0000
ROA not before: Wed 06 Aug 2025 00:51:30 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:7f:c2:ba:45:a7:ae:5c:25:d0:db:7d:d5:ad:eb:3a:4c:dd:f3:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:51:30 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=094c52fa254983c0b209b4dc67e03abaa353dfa1000dcf116a5b0e5c7d0cde6d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6f:82:10:ec:83:50:b4:b6:63:4f:06:35:03:
52:06:1f:68:81:12:b1:22:a3:e7:5e:26:a9:11:6b:
1e:a4:95:96:b1:e4:37:14:a5:94:a0:98:d1:b5:c0:
2a:1e:21:b4:eb:6e:fd:1d:1b:65:36:84:d6:c9:0e:
8a:a0:12:02:ad:a6:4d:7f:aa:21:c6:9b:02:e6:59:
4b:75:d8:0f:b3:c6:71:4d:0f:8b:26:8d:8b:20:e7:
8a:ba:3b:ac:7f:79:dd:5e:d2:e6:0c:88:4a:6e:15:
49:de:e7:98:54:9c:b6:25:a4:01:d4:d6:e1:15:9f:
28:86:33:7d:71:65:47:01:9f:58:63:19:3b:87:52:
84:b1:08:9c:cd:85:fb:28:aa:d1:bf:49:1a:a2:d3:
c7:f0:8a:88:6c:a8:1e:47:9c:e5:c4:03:64:3f:b5:
3e:51:48:b3:1e:54:88:e4:ad:ae:a1:3d:ed:0c:3d:
d0:9e:69:0a:c2:d1:fd:9d:c7:b7:42:0f:6a:6a:d5:
3d:41:00:95:dd:31:11:9d:20:2c:c5:2e:3d:71:2e:
c4:02:50:d6:ff:84:24:35:86:53:bb:3b:29:ae:60:
1f:f4:49:16:ef:f1:8d:4b:39:40:67:9e:7e:4e:02:
a7:82:e6:7e:e7:b5:82:ee:47:da:e7:97:a8:0d:27:
49:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:A9:6E:40:F4:F1:19:F4:5E:4B:14:C9:C3:80:FF:39:00:FE:57:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
a6:43:23:d3:4a:26:6a:9d:3b:df:b0:6e:7b:28:32:b0:63:c8:
70:7e:f0:9c:8f:ec:a6:2b:7e:a9:5a:53:f4:d5:05:b6:2a:c9:
31:7c:9c:9e:29:39:7f:25:97:2f:e2:ee:69:15:18:20:0f:e4:
86:91:27:b6:ac:e6:6f:00:b2:00:5f:26:24:46:a6:e3:b4:c9:
e8:e3:9b:65:9d:2b:45:31:e1:12:e6:fa:74:c4:1d:86:b8:53:
90:3b:88:f1:bd:6a:b7:eb:f7:f9:32:57:5c:c9:30:68:8c:fc:
2a:58:50:87:44:cc:8f:ce:c2:ca:eb:47:2b:c0:ca:37:e7:5d:
ca:4a:42:2c:c4:37:82:a2:6d:5c:f7:61:2c:ff:59:b3:45:7a:
a6:86:6a:26:38:44:9c:15:79:31:c3:42:ec:a0:49:2b:1c:59:
37:49:3f:bd:15:b0:87:c6:71:21:58:1f:dc:13:1b:b8:2e:ef:
0a:78:2b:c1:81:72:15:8a:1f:69:46:30:15:f0:8b:b6:db:dd:
3e:e1:25:0f:06:fe:87:df:54:3b:f2:b0:28:9d:ba:60:f0:7a:
a3:65:e2:7c:ec:39:34:ca:1d:94:3c:4c:19:91:67:f7:ee:50:
e1:fb:d6:3a:6d:c3:c0:c5:3b:46:62:2f:12:de:2d:02:c1:f5:
bd:53:f5:58
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF3/CukWnrlwl0Nt91a3rOkzd804wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUxMzBaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5NGM1MmZhMjU0OTgzYzBiMjA5YjRkYzY3ZTAzYWJhYTM1M2RmYTEwMDBk
Y2YxMTZhNWIwZTVjN2QwY2RlNmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAItvghDsg1C0tmNPBjUDUgYfaIESsSKj514mqRFrHqSVlrHkNxSllKCY0bXA
Kh4htOtu/R0bZTaE1skOiqASAq2mTX+qIcabAuZZS3XYD7PGcU0PiyaNiyDniro7
rH953V7S5gyISm4VSd7nmFSctiWkAdTW4RWfKIYzfXFlRwGfWGMZO4dShLEInM2F
+yiq0b9JGqLTx/CKiGyoHkec5cQDZD+1PlFIsx5UiOStrqE97Qw90J5pCsLR/Z3H
t0IPamrVPUEAld0xEZ0gLMUuPXEuxAJQ1v+EJDWGU7s7Ka5gH/RJFu/xjUs5QGee
fk4Cp4Lmfue1gu5H2ueXqA0nSckCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSaqW5A
9PEZ9F5LFMnDgP85AP5XtjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmZkYzNkYTEtMmVjNy00MTFlLTk1NTAtYjdjOTU2ZmI0NmRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9A
MA0GCSqGSIb3DQEBCwUAA4IBAQCmQyPTSiZqnTvfsG57KDKwY8hwfvCcj+ymK36p
WlP01QW2KskxfJyeKTl/JZcv4u5pFRggD+SGkSe2rOZvALIAXyYkRqbjtMno45tl
nStFMeES5vp0xB2GuFOQO4jxvWq36/f5MldcyTBojPwqWFCHRMyPzsLK60crwMo3
513KSkIsxDeCom1c92Es/1mzRXqmhmomOEScFXkxw0LsoEkrHFk3ST+9FbCHxnEh
WB/cExu4Lu8KeCvBgXIVih9pRjAV8Iu2290+4SUPBv6H31Q78rAonbpg8HqjZeJ8
7Dk0yh2UPEwZkWf37lDh+9Y6bcPAxTtGYi8S3i0CwfW9U/VY
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:08 2025 by rpki-client