Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
File: 28181159-5695-4944-b901-f84b836b4d8f.roa (raw, json)
Hash identifier: MVomLfPhakV8+KUuSRj5yuhhbL2S1m1NJ0Phr/gWRZY=
Subject key identifier: 88:4A:1E:E2:27:33:12:FF:F4:68:2F:7B:3E:34:CE:C4:C0:29:5F:9D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2992EC37AAC9867C1FDF56E3BA3F8F9725A69D06
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
Signing time: Mon 25 Aug 2025 19:00:07 +0000
ROA not before: Mon 25 Aug 2025 19:00:07 +0000
ROA not after: Mon 29 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:92:ec:37:aa:c9:86:7c:1f:df:56:e3:ba:3f:8f:97:25:a6:9d:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 25 19:00:07 2025 GMT
Not After : Sep 29 23:59:59 2025 GMT
Subject: serialNumber=f725bc33d5340f1428c9be2cdec8787167e9585799364d1043364a34877a7958, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:51:6d:d4:ca:d0:13:66:e8:12:85:6e:dd:8c:
2b:be:06:c8:87:18:5b:a7:ae:7d:ee:fc:97:8f:83:
69:80:88:5d:bc:0e:e7:40:44:40:3f:43:39:b5:a6:
f9:ac:10:41:e9:cc:a7:24:08:94:11:23:09:cb:ab:
1a:e2:64:84:7d:d7:c9:34:55:17:60:e2:28:cf:be:
e1:16:49:c0:54:34:35:46:e0:83:1b:8f:4c:d7:69:
7d:2e:8f:c7:95:f1:a1:1f:e0:07:88:d8:4f:d5:f9:
48:4a:1b:97:7e:36:0a:77:fa:6b:33:67:d7:c5:24:
37:53:22:83:b4:7f:df:4a:b2:d3:d8:08:d8:5b:3e:
da:07:c1:e9:b0:64:20:74:d1:32:a1:e1:9a:7e:c9:
9a:fa:f2:5b:2a:88:f7:17:ae:a5:99:8d:ed:9e:4a:
a6:d9:0b:df:ef:15:a4:dd:3f:2e:ae:90:3b:69:0f:
08:67:82:7c:cc:31:a3:f6:c5:c6:6d:53:26:12:78:
7e:e2:7c:23:3a:53:98:44:d5:b4:98:c3:41:f9:85:
f1:f8:cb:5c:79:5a:b6:45:7f:cd:30:47:54:e0:3f:
d9:35:bf:6c:f4:14:5b:f9:68:4d:6e:99:53:e4:d8:
fe:e0:c1:62:de:55:f3:28:39:41:be:d7:b6:62:24:
11:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:4A:1E:E2:27:33:12:FF:F4:68:2F:7B:3E:34:CE:C4:C0:29:5F:9D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:9000::/40
Signature Algorithm: sha256WithRSAEncryption
1b:65:66:8a:60:49:7f:1e:bf:8f:a5:e1:c8:a1:54:72:b7:4f:
4b:1e:51:41:6e:11:28:a8:56:88:68:00:cf:01:56:aa:cc:26:
28:b9:85:df:6a:75:90:ab:40:97:a3:28:7d:03:5b:f2:1f:dc:
a2:8a:94:df:de:62:32:6e:62:73:7b:ae:ee:f6:24:e8:dd:87:
ce:be:a6:fe:db:af:41:16:53:a9:20:fb:a6:a6:0a:2d:38:28:
1c:8d:71:05:77:27:2c:91:9c:75:74:e5:33:f9:25:72:93:fc:
41:43:2e:c7:d6:90:64:16:60:d6:2a:1d:7f:99:61:b3:08:14:
28:2a:64:9d:94:d1:46:5a:b3:3f:f7:2f:d2:ad:28:ae:8a:e8:
9b:99:e4:fe:5d:8e:e7:7e:bc:e4:c4:ce:77:71:e1:f1:5e:50:
2b:b2:70:b9:e8:0f:11:3d:44:b8:95:b4:4f:5c:81:b8:af:45:
11:9e:a6:cd:51:e4:c5:d9:d5:0c:09:93:e4:a6:bd:33:74:9f:
e9:21:05:e2:d3:4e:41:d5:b4:4e:47:81:8e:93:b6:36:de:57:
23:90:99:c7:e9:02:27:1b:dc:4a:3d:c4:ca:40:d3:d0:01:ac:
9c:e0:62:5b:88:7d:d8:ba:da:bf:b5:98:40:93:a4:bc:c2:4f:
77:12:72:a7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKZLsN6rJhnwf31bjuj+PlyWmnQYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjUxOTAwMDdaFw0yNTA5MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3MjViYzMzZDUzNDBmMTQyOGM5YmUyY2RlYzg3ODcxNjdlOTU4NTc5OTM2
NGQxMDQzMzY0YTM0ODc3YTc5NTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9RbdTK0BNm6BKFbt2MK74GyIcYW6eufe78l4+DaYCIXbwO50BEQD9DObWm
+awQQenMpyQIlBEjCcurGuJkhH3XyTRVF2DiKM++4RZJwFQ0NUbggxuPTNdpfS6P
x5XxoR/gB4jYT9X5SEobl342Cnf6azNn18UkN1Mig7R/30qy09gI2Fs+2gfB6bBk
IHTRMqHhmn7JmvryWyqI9xeupZmN7Z5KptkL3+8VpN0/Lq6QO2kPCGeCfMwxo/bF
xm1TJhJ4fuJ8IzpTmETVtJjDQfmF8fjLXHlatkV/zTBHVOA/2TW/bPQUW/loTW6Z
U+TY/uDBYt5V8yg5Qb7XtmIkETMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSISh7i
JzMS//RoL3s+NM7EwClfnTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjgxODExNTktNTY5NS00OTQ0LWI5MDEtZjg0YjgzNmI0ZDhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAbZWaKYEl/Hr+PpeHIoVRyt09LHlFBbhEoqFaI
aADPAVaqzCYouYXfanWQq0CXoyh9A1vyH9yiipTf3mIybmJze67u9iTo3YfOvqb+
269BFlOpIPumpgotOCgcjXEFdycskZx1dOUz+SVyk/xBQy7H1pBkFmDWKh1/mWGz
CBQoKmSdlNFGWrM/9y/SrSiuiuibmeT+XY7nfrzkxM53ceHxXlArsnC56A8RPUS4
lbRPXIG4r0URnqbNUeTF2dUMCZPkpr0zdJ/pIQXi005B1bROR4GOk7Y23lcjkJnH
6QInG9xKPcTKQNPQAayc4GJbiH3Yutq/tZhAk6S8wk93EnKn
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:10:23 2025 by rpki-client