Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
File: 2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa (raw, json)
Hash identifier: bz8G6XVGil9J8AHfLA1OPJzsymie008YmRSKQ0Zp3pk=
Subject key identifier: E7:8D:9D:64:10:F5:59:E6:13:4C:F5:8B:29:9C:E9:3B:02:31:B4:2F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7138305E42AF76679113876B341BFEDCBE8AD14E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
Signing time: Tue 02 Sep 2025 00:40:29 +0000
ROA not before: Tue 02 Sep 2025 00:40:29 +0000
ROA not after: Tue 07 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:38:30:5e:42:af:76:67:91:13:87:6b:34:1b:fe:dc:be:8a:d1:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 2 00:40:29 2025 GMT
Not After : Oct 7 23:59:59 2025 GMT
Subject: serialNumber=e78f019007b8d2d747211ac28e4655474658670b9f5d2594342ff1f47f09b063, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6e:f2:50:c0:a0:af:db:65:b9:83:f1:eb:e6:
29:34:f8:c4:ea:2e:74:ef:aa:5d:b7:34:af:29:08:
22:a8:e6:83:f7:7b:e6:f5:49:61:4e:5a:7e:b9:d8:
81:18:68:e4:79:10:70:5f:51:aa:64:59:db:9a:41:
06:2c:1c:dc:0f:a3:75:de:a8:c9:ff:50:b9:90:75:
20:d3:38:cf:dc:88:68:e6:17:8c:78:c5:15:f2:13:
b5:88:a8:80:20:0c:de:79:ca:f4:6a:1c:29:57:8c:
35:fa:ec:d9:cf:09:0f:96:a8:7c:5d:47:90:ef:83:
20:a8:d7:50:0a:ae:61:75:d5:b7:ef:d9:7f:b9:06:
b0:c0:6b:e2:ae:c6:d9:b2:a0:49:d8:fb:ee:38:39:
da:69:fe:b4:32:c0:f5:85:68:bf:00:23:9f:01:d2:
0d:b4:ee:33:31:b6:ad:95:72:9d:ea:2c:58:0e:26:
e7:7c:82:d4:fc:23:eb:88:e8:b1:f1:b6:a4:d1:62:
1b:a7:6a:cf:dc:7e:1b:73:f5:dc:a5:88:28:5f:3c:
16:c8:e1:39:42:fd:64:d9:11:17:f3:2a:81:ea:7d:
a7:0d:11:05:47:04:0e:94:12:ed:2b:fa:8f:4f:2a:
fd:38:dc:6b:15:c9:97:22:d7:cc:97:69:62:e1:dc:
f0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:8D:9D:64:10:F5:59:E6:13:4C:F5:8B:29:9C:E9:3B:02:31:B4:2F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014::/35
Signature Algorithm: sha256WithRSAEncryption
41:15:03:f4:a0:ad:68:7e:18:73:c6:62:b1:18:64:ec:1a:fd:
fc:b9:e2:2e:43:e3:b8:8a:d4:a3:e6:5f:de:31:5b:dd:85:be:
51:09:e3:0c:a4:84:e5:09:17:9f:84:7b:19:1c:98:c8:09:bb:
1a:4d:c1:89:b4:24:8c:2e:36:2e:3b:8e:0e:a5:f7:36:6f:c1:
a6:6a:7d:e0:e3:35:4f:3c:44:fd:8c:54:49:2e:d2:10:98:15:
2d:76:ac:07:1c:85:b6:5d:c0:d9:f3:39:57:28:47:19:88:fa:
9c:e9:be:e9:89:21:b3:02:4f:7e:cb:ab:ea:8c:14:13:e8:f0:
66:8c:6d:18:db:06:bb:50:7a:61:3d:e3:c3:92:7f:de:53:4f:
86:4a:97:65:5f:b8:24:a3:f5:7a:1e:48:93:2c:73:e7:28:24:
71:32:25:9c:3c:25:ae:d8:7d:0d:45:9d:da:dc:66:f6:14:78:
93:3b:19:3b:3b:f6:41:76:0b:d4:52:fc:36:54:d7:af:b2:4b:
0e:94:fe:8c:16:bf:5e:3c:ba:ab:1f:c8:71:cc:c4:e0:81:27:
8a:38:a4:9e:0d:a0:99:a0:c4:e4:af:c1:31:4b:cc:b5:7b:b5:
81:75:99:76:5e:91:70:a6:f8:29:db:d2:ed:d2:f4:a0:88:16:
2b:7a:35:35
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcTgwXkKvdmeRE4drNBv+3L6K0U4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDIwMDQwMjlaFw0yNTEwMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3OGYwMTkwMDdiOGQyZDc0NzIxMWFjMjhlNDY1NTQ3NDY1ODY3MGI5ZjVk
MjU5NDM0MmZmMWY0N2YwOWIwNjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9u8lDAoK/bZbmD8evmKTT4xOoudO+qXbc0rykIIqjmg/d75vVJYU5afrnY
gRho5HkQcF9RqmRZ25pBBiwc3A+jdd6oyf9QuZB1INM4z9yIaOYXjHjFFfITtYio
gCAM3nnK9GocKVeMNfrs2c8JD5aofF1HkO+DIKjXUAquYXXVt+/Zf7kGsMBr4q7G
2bKgSdj77jg52mn+tDLA9YVovwAjnwHSDbTuMzG2rZVyneosWA4m53yC1Pwj64jo
sfG2pNFiG6dqz9x+G3P13KWIKF88FsjhOUL9ZNkRF/Mqgep9pw0RBUcEDpQS7Sv6
j08q/TjcaxXJlyLXzJdpYuHc8A0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTnjZ1k
EPVZ5hNM9YspnOk7AjG0LzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmM1YmE2NzMtNmQ5YS00ZWYyLWI4YTAtMTFkMGRkYmYzMDJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSoF0BQA
MA0GCSqGSIb3DQEBCwUAA4IBAQBBFQP0oK1ofhhzxmKxGGTsGv38ueIuQ+O4itSj
5l/eMVvdhb5RCeMMpITlCRefhHsZHJjICbsaTcGJtCSMLjYuO44Opfc2b8Gman3g
4zVPPET9jFRJLtIQmBUtdqwHHIW2XcDZ8zlXKEcZiPqc6b7piSGzAk9+y6vqjBQT
6PBmjG0Y2wa7UHphPePDkn/eU0+GSpdlX7gko/V6HkiTLHPnKCRxMiWcPCWu2H0N
RZ3a3Gb2FHiTOxk7O/ZBdgvUUvw2VNevsksOlP6MFr9ePLqrH8hxzMTggSeKOKSe
DaCZoMTkr8ExS8y1e7WBdZl2XpFwpvgp29Lt0vSgiBYrejU1
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:02 2025 by rpki-client