Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
File: 99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa (raw, json)
Hash identifier: iYw54j6XkdOKHrmwCV/3O2+OfS/k/62uzc+Ch1e8SOA=
Subject key identifier: 2F:15:54:07:5C:86:8C:E1:10:75:69:5E:78:02:C9:65:FC:A7:1F:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 05E889228959CAB3A2CB048BDD6E2C523B77B85B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
Signing time: Mon 14 Jul 2025 15:30:11 +0000
ROA not before: Mon 14 Jul 2025 15:30:11 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:e8:89:22:89:59:ca:b3:a2:cb:04:8b:dd:6e:2c:52:3b:77:b8:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 14 15:30:11 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=9d00f828d447258cbde8e778ab261a9e80206efd1c59c4b89c452eb03e151335, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a6:23:43:28:50:ae:0c:e6:8c:c8:b3:f0:08:
93:c8:6f:15:0a:3f:5c:45:b6:5a:81:4f:a0:dc:3b:
23:20:97:75:cd:10:9b:d2:47:7b:db:6f:49:02:4c:
1b:62:0f:e1:88:e6:2a:b3:08:d1:c0:e7:bb:7e:51:
32:b6:1b:77:72:c9:45:21:a9:21:a2:7e:e9:5c:07:
bb:d5:45:66:67:19:37:8c:35:27:8d:ac:a4:1c:af:
65:2b:28:91:69:f5:97:71:8b:1f:5e:b0:5e:6d:43:
47:2d:24:38:ff:bb:4c:98:47:31:d3:e3:33:67:9e:
c9:f5:4f:0b:32:c7:42:31:6e:b3:ca:60:24:c1:8b:
6b:11:ae:37:36:3a:dd:4f:94:7e:ec:a9:bb:27:a6:
f6:15:f5:d2:d8:4f:c7:21:73:14:9e:12:de:a7:b0:
48:24:4e:de:8c:1e:4c:07:c5:39:21:fd:26:d7:6b:
73:45:45:b0:0e:09:d3:6e:45:50:9c:a7:ec:24:b6:
86:58:46:c4:e6:cc:9b:84:b9:03:58:65:d8:30:17:
1d:88:e3:48:dd:a8:e6:50:ac:eb:78:02:77:ea:98:
24:8d:19:96:39:d8:44:3e:09:54:08:91:64:df:3b:
c1:61:61:7c:3b:c8:c1:27:da:dc:c5:56:f1:45:4d:
7c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:15:54:07:5C:86:8C:E1:10:75:69:5E:78:02:C9:65:FC:A7:1F:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1000::/38
Signature Algorithm: sha256WithRSAEncryption
8a:cd:61:4b:a2:d1:66:8f:46:8f:09:a2:f4:5d:eb:e4:cf:76:
8d:77:2f:69:58:ef:db:97:09:50:7f:51:e9:fa:d2:1f:54:72:
65:6f:88:4c:be:6f:b6:61:46:32:94:e8:fa:d7:20:fa:ca:b8:
43:13:ac:ff:5b:76:91:b0:38:8c:6b:c3:e6:67:61:5c:15:d3:
26:60:ed:53:82:ec:b4:07:ff:aa:84:f5:ce:09:56:7f:90:e1:
d9:c2:2d:b8:b2:b0:a3:66:74:8e:53:28:2a:69:70:0b:8e:5a:
17:f4:00:e8:5c:4b:56:c9:e4:dd:b5:b7:69:58:2f:23:97:0c:
0f:ba:ac:9c:05:b9:6e:ee:75:4f:bd:c3:dc:db:50:1b:b8:04:
f0:7b:d4:94:fc:7d:af:b6:4e:c0:23:f5:23:de:8e:ba:53:53:
39:b6:a1:ec:3a:2b:51:ad:2a:8e:49:93:00:06:b0:4d:f4:a4:
02:59:f6:49:fd:3d:a1:19:0f:3f:7b:d0:94:20:57:0a:24:33:
9c:3c:37:db:c0:6e:54:12:73:81:96:62:9e:1d:3c:2f:4f:13:
f3:8b:77:b2:af:eb:eb:b4:ad:2c:12:61:9c:65:a8:39:7d:b8:
d9:44:d6:9f:d3:f5:7f:85:ae:ab:84:f0:d8:8a:7f:ef:56:e5:
d7:4b:11:1f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBeiJIolZyrOiywSL3W4sUjt3uFswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTQxNTMwMTFaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkMDBmODI4ZDQ0NzI1OGNiZGU4ZTc3OGFiMjYxYTllODAyMDZlZmQxYzU5
YzRiODljNDUyZWIwM2UxNTEzMzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSmI0MoUK4M5ozIs/AIk8hvFQo/XEW2WoFPoNw7IyCXdc0Qm9JHe9tvSQJM
G2IP4YjmKrMI0cDnu35RMrYbd3LJRSGpIaJ+6VwHu9VFZmcZN4w1J42spByvZSso
kWn1l3GLH16wXm1DRy0kOP+7TJhHMdPjM2eeyfVPCzLHQjFus8pgJMGLaxGuNzY6
3U+Ufuypuyem9hX10thPxyFzFJ4S3qewSCRO3oweTAfFOSH9Jtdrc0VFsA4J025F
UJyn7CS2hlhGxObMm4S5A1hl2DAXHYjjSN2o5lCs63gCd+qYJI0ZljnYRD4JVAiR
ZN87wWFhfDvIwSfa3MVW8UVNfBMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQvFVQH
XIaM4RB1aV54Asll/KcfkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTliYzUyZjMtYjRmNS00NGViLTlhNTMtYzc0ZGEzZTk3MTNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCKzWFLotFmj0aPCaL0Xevkz3aNdy9pWO/blwlQ
f1Hp+tIfVHJlb4hMvm+2YUYylOj61yD6yrhDE6z/W3aRsDiMa8PmZ2FcFdMmYO1T
guy0B/+qhPXOCVZ/kOHZwi24srCjZnSOUygqaXALjloX9ADoXEtWyeTdtbdpWC8j
lwwPuqycBblu7nVPvcPc21AbuATwe9SU/H2vtk7AI/Uj3o66U1M5tqHsOitRrSqO
SZMABrBN9KQCWfZJ/T2hGQ8/e9CUIFcKJDOcPDfbwG5UEnOBlmKeHTwvTxPzi3ey
r+vrtK0sEmGcZag5fbjZRNaf0/V/ha6rhPDYin/vVuXXSxEf
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:37:00 2025 by rpki-client