Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1bb27900-3531-4083-aef8-cc7656dba027.roa
File: 1bb27900-3531-4083-aef8-cc7656dba027.roa (raw, json)
Hash identifier: 2UR6oe+MmemhYvl+9h5A1IG/qZznk1kI6etMvC4sP2A=
Subject key identifier: 13:2D:30:83:C8:01:78:C4:A5:76:FC:47:FC:99:61:BD:8C:71:C7:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39403BC76CD733E3431E6877CBE9F3740A254182
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1bb27900-3531-4083-aef8-cc7656dba027.roa
Signing time: Fri 15 Aug 2025 15:50:56 +0000
ROA not before: Fri 15 Aug 2025 15:50:56 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:40:3b:c7:6c:d7:33:e3:43:1e:68:77:cb:e9:f3:74:0a:25:41:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:50:56 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=557d402099f90376db8706a77340e84ad086efb8f008d10ab794e3b9f27ebd47, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3a:5e:de:a4:26:60:6c:ff:80:76:fa:75:e8:
bc:80:2d:fa:32:10:2e:40:54:fb:ec:ea:da:20:bd:
69:5f:cc:39:20:1a:86:84:9b:1e:84:d0:04:f2:3c:
7e:6f:d2:60:25:a5:91:71:45:9a:b4:d1:4e:e4:73:
a6:f7:26:11:01:4f:64:9a:0b:1d:62:07:a5:bc:89:
21:7d:52:07:d0:c0:d8:ca:6d:30:56:c3:42:10:19:
dc:08:7d:0c:69:91:49:f0:30:2f:c5:50:1d:87:1b:
d0:6c:b1:f9:d0:72:72:8b:f0:3c:a5:15:f5:6a:66:
4e:dc:f6:5f:09:b2:4b:2c:1c:8e:6b:3e:94:57:bd:
5f:d3:51:a3:aa:4e:7f:5e:37:d4:43:2d:59:b7:8f:
16:68:81:be:7a:a9:7a:42:43:53:17:23:ca:60:51:
eb:02:ba:77:0a:df:89:c2:26:e0:4c:92:4b:44:11:
1c:50:b9:64:81:42:db:a8:ca:c2:9f:65:12:2a:73:
69:a4:8a:35:41:0e:b3:c7:82:49:09:33:bd:22:32:
5a:7b:e1:97:3c:2c:8e:8e:7a:d4:e2:f2:9c:98:2d:
a4:46:e6:d9:4b:8b:a4:a5:88:6a:ea:38:22:a5:77:
f0:a9:f7:2a:b7:fa:08:5f:10:8f:99:0f:32:70:e6:
3c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:2D:30:83:C8:01:78:C4:A5:76:FC:47:FC:99:61:BD:8C:71:C7:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1bb27900-3531-4083-aef8-cc7656dba027.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:b000::/40
Signature Algorithm: sha256WithRSAEncryption
11:c8:b3:54:b1:f2:bb:10:06:a5:de:b6:7f:1f:ea:4b:1f:31:
06:c1:ea:4c:80:ce:3f:3d:93:68:d7:89:37:7b:f9:e7:b9:bc:
3f:53:4a:0c:ff:c6:c6:b4:63:bb:a3:11:69:92:1e:8d:6b:a9:
3a:e1:04:67:5f:48:6b:97:05:85:fb:c2:e1:d1:31:2b:2a:cd:
64:00:20:5d:d6:d8:9e:df:9c:c6:84:a1:b7:a5:92:7c:9c:b6:
91:d4:03:23:82:45:bd:81:43:81:20:85:f3:bf:2c:6d:72:27:
2b:c9:fd:6f:8f:0e:b8:f9:36:7c:e0:7e:c8:0a:6c:8d:15:22:
e6:a8:7a:e2:31:fa:a4:bb:4e:16:fb:9c:49:27:bb:ae:67:8e:
30:a2:b5:78:b8:de:fd:c8:ba:cd:09:08:0c:61:e9:74:ed:91:
ee:b6:dd:d7:07:b3:57:2d:89:62:8f:f3:5b:3b:dd:3b:e9:83:
4f:94:a9:df:94:76:95:f2:39:e5:49:5d:5d:e5:e8:ae:0d:8f:
3f:df:b0:eb:59:43:26:ea:f8:f1:83:8b:c6:6f:2d:40:b5:00:
09:60:f8:47:8b:74:91:9b:65:6f:fb:84:4e:62:f8:f9:1f:48:
e0:58:d1:b4:a6:39:f8:ee:be:3e:aa:3f:d2:45:78:2f:48:53:
9c:bf:f4:f0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOUA7x2zXM+NDHmh3y+nzdAolQYIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTUwNTZaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1N2Q0MDIwOTlmOTAzNzZkYjg3MDZhNzczNDBlODRhZDA4NmVmYjhmMDA4
ZDEwYWI3OTRlM2I5ZjI3ZWJkNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOU6Xt6kJmBs/4B2+nXovIAt+jIQLkBU++zq2iC9aV/MOSAahoSbHoTQBPI8
fm/SYCWlkXFFmrTRTuRzpvcmEQFPZJoLHWIHpbyJIX1SB9DA2MptMFbDQhAZ3Ah9
DGmRSfAwL8VQHYcb0Gyx+dBycovwPKUV9WpmTtz2XwmySywcjms+lFe9X9NRo6pO
f1431EMtWbePFmiBvnqpekJDUxcjymBR6wK6dwrficIm4EySS0QRHFC5ZIFC26jK
wp9lEipzaaSKNUEOs8eCSQkzvSIyWnvhlzwsjo561OLynJgtpEbm2UuLpKWIauo4
IqV38Kn3Krf6CF8Qj5kPMnDmPAcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQTLTCD
yAF4xKV2/Ef8mWG9jHHHsDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWJiMjc5MDAtMzUzMS00MDgzLWFlZjgtY2M3NjU2ZGJhMDI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HOw
MA0GCSqGSIb3DQEBCwUAA4IBAQARyLNUsfK7EAal3rZ/H+pLHzEGwepMgM4/PZNo
14k3e/nnubw/U0oM/8bGtGO7oxFpkh6Na6k64QRnX0hrlwWF+8Lh0TErKs1kACBd
1tie35zGhKG3pZJ8nLaR1AMjgkW9gUOBIIXzvyxtcicryf1vjw64+TZ84H7ICmyN
FSLmqHriMfqku04W+5xJJ7uuZ44worV4uN79yLrNCQgMYel07ZHutt3XB7NXLYli
j/NbO9076YNPlKnflHaV8jnlSV1d5eiuDY8/37DrWUMm6vjxg4vGby1AtQAJYPhH
i3SRm2Vv+4ROYvj5H0jgWNG0pjn47r4+qj/SRXgvSFOcv/Tw
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:27 2025 by rpki-client