Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36c4d3f7-0d57-499b-aea0-8244810d5897.roa
File: 36c4d3f7-0d57-499b-aea0-8244810d5897.roa (raw, json)
Hash identifier: dwM7U0Ak6e9GN6usjzGbEkH8yvOifatMeCyuygBToSY=
Subject key identifier: B8:82:EF:41:40:10:0C:13:CB:42:0F:87:59:63:E8:C4:1E:D9:B7:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 26709B2A1868FE333B3E72097A34C9D9DC55FB7D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36c4d3f7-0d57-499b-aea0-8244810d5897.roa
Signing time: Fri 15 Aug 2025 15:41:34 +0000
ROA not before: Fri 15 Aug 2025 15:41:34 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:70:9b:2a:18:68:fe:33:3b:3e:72:09:7a:34:c9:d9:dc:55:fb:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:41:34 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=5822f93e9df2f9a1341364d1e4ab6d7775c517cc24e1ee05a761a2413ca9a367, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3f:f2:45:ea:ad:9c:5c:fd:6e:c4:a2:9d:30:
e5:46:24:e8:ad:4e:12:3d:98:e1:64:0b:1a:c6:c6:
91:dc:c0:7f:8a:b3:e2:dd:c8:a1:03:f4:87:a2:ed:
48:c3:89:aa:a8:96:45:1b:a7:0e:5c:c4:77:4d:1e:
e4:b2:70:05:d9:c3:d8:0a:83:35:4d:3e:23:bb:53:
05:c8:98:a7:ed:78:e2:c8:45:7d:9a:c2:a5:dc:37:
3a:a2:7e:6b:55:da:79:ea:5a:d2:4e:f3:5f:de:81:
8a:bc:b6:48:c5:bb:3b:72:b2:e4:10:1e:0f:fa:fb:
3f:c0:7f:93:98:98:6a:1a:19:5b:9d:e8:51:36:64:
57:42:a3:32:0f:bb:c8:f4:da:e2:5b:20:32:61:97:
4a:2c:38:65:75:74:7d:45:00:78:82:07:4f:7d:33:
e6:b4:d6:fe:aa:8c:4a:b4:b3:46:f5:01:b4:e1:9a:
e5:d9:b5:f5:6e:6d:83:d5:16:8e:df:f0:d2:4c:2a:
6a:4f:56:e5:c6:61:87:4f:df:68:ee:11:d3:63:5f:
be:ef:67:27:7a:9f:de:23:b6:88:08:8b:0d:6e:d9:
a9:3d:fb:ff:c8:17:8e:36:20:a4:75:30:b0:fc:da:
83:19:48:29:89:5a:d5:cc:5f:23:b0:98:63:eb:fc:
a5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:82:EF:41:40:10:0C:13:CB:42:0F:87:59:63:E8:C4:1E:D9:B7:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36c4d3f7-0d57-499b-aea0-8244810d5897.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:800::/40
Signature Algorithm: sha256WithRSAEncryption
3d:9c:a9:af:fb:a4:30:21:c3:a8:04:8b:e6:d5:48:b7:d2:f0:
b9:8d:a1:75:58:79:5e:be:94:85:9e:85:c4:f9:bc:1c:73:97:
09:f5:f3:3a:d9:da:d5:ee:81:2c:7e:dd:6d:7f:e7:44:7a:64:
11:93:ed:4f:6b:39:f3:e7:a2:ff:36:09:26:0d:5c:01:da:2b:
9b:ee:ee:98:be:32:30:44:0a:00:76:a8:81:96:b0:dd:b3:98:
fa:0a:5d:21:1e:6d:0d:53:be:61:91:45:0b:f2:7b:99:fb:98:
07:17:f3:c8:93:7f:83:8b:1b:cb:08:bf:d3:e9:22:9d:fa:b3:
6b:75:60:7f:48:7a:a9:06:7d:d2:b3:59:e2:75:1c:01:fc:9b:
98:f7:d3:a6:ed:76:93:87:0f:0f:08:8f:f8:78:ed:a7:56:4a:
40:a8:1d:d9:7d:69:1f:b5:26:e9:5d:7d:8a:a4:da:48:fa:34:
f6:2b:8d:cf:21:5a:3a:4a:fe:a3:f0:8e:f6:23:7a:d4:d1:1a:
d5:4f:04:5e:21:ca:22:d6:0b:71:72:17:38:ed:94:4c:fa:a9:
21:67:27:ba:29:ea:bb:54:8a:53:c6:f8:e9:e5:0b:2c:ad:d7:
74:6f:f8:bd:ad:60:78:9a:c2:e6:8d:f6:86:9d:2b:35:e9:3e:
21:fb:45:21
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJnCbKhho/jM7PnIJejTJ2dxV+30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTQxMzRaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4MjJmOTNlOWRmMmY5YTEzNDEzNjRkMWU0YWI2ZDc3NzVjNTE3Y2MyNGUx
ZWUwNWE3NjFhMjQxM2NhOWEzNjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0/8kXqrZxc/W7Eop0w5UYk6K1OEj2Y4WQLGsbGkdzAf4qz4t3IoQP0h6Lt
SMOJqqiWRRunDlzEd00e5LJwBdnD2AqDNU0+I7tTBciYp+144shFfZrCpdw3OqJ+
a1Xaeepa0k7zX96Biry2SMW7O3Ky5BAeD/r7P8B/k5iYahoZW53oUTZkV0KjMg+7
yPTa4lsgMmGXSiw4ZXV0fUUAeIIHT30z5rTW/qqMSrSzRvUBtOGa5dm19W5tg9UW
jt/w0kwqak9W5cZhh0/faO4R02Nfvu9nJ3qf3iO2iAiLDW7ZqT37/8gXjjYgpHUw
sPzagxlIKYla1cxfI7CYY+v8pQkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS4gu9B
QBAME8tCD4dZY+jEHtm3FDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzZjNGQzZjctMGQ1Ny00OTliLWFlYTAtODI0NDgxMGQ1ODk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HMI
MA0GCSqGSIb3DQEBCwUAA4IBAQA9nKmv+6QwIcOoBIvm1Ui30vC5jaF1WHlevpSF
noXE+bwcc5cJ9fM62drV7oEsft1tf+dEemQRk+1Paznz56L/NgkmDVwB2iub7u6Y
vjIwRAoAdqiBlrDds5j6Cl0hHm0NU75hkUUL8nuZ+5gHF/PIk3+DixvLCL/T6SKd
+rNrdWB/SHqpBn3Ss1nidRwB/JuY99Om7XaThw8PCI/4eO2nVkpAqB3ZfWkftSbp
XX2KpNpI+jT2K43PIVo6Sv6j8I72I3rU0RrVTwReIcoi1gtxchc47ZRM+qkhZye6
Keq7VIpTxvjp5Qssrdd0b/i9rWB4msLmjfaGnSs16T4h+0Uh
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:15 2025 by rpki-client