Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8f6cab6f-44be-4f80-9040-c2f9ab0e0575.roa
File: 8f6cab6f-44be-4f80-9040-c2f9ab0e0575.roa (raw, json)
Hash identifier: h8hnqN0YxltpFU5z5ypOqBner5mOYnqsALfV99bDUsE=
Subject key identifier: 88:3C:D0:32:9F:AE:8A:89:AE:93:B9:6B:D6:10:C3:77:78:8A:9F:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6AB43E9A4C443D41F4F987FFA34B4715CBD3647B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8f6cab6f-44be-4f80-9040-c2f9ab0e0575.roa
Signing time: Fri 15 Aug 2025 15:50:57 +0000
ROA not before: Fri 15 Aug 2025 15:50:57 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:b4:3e:9a:4c:44:3d:41:f4:f9:87:ff:a3:4b:47:15:cb:d3:64:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:50:57 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=1c285703f46a0d52956e5cbb4010f212eb2f623ea093223f10fefada7480af1c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:05:ef:65:33:44:34:da:9e:96:c6:63:dc:6d:
ff:7c:28:da:03:9e:77:06:3e:b6:1e:df:eb:1e:ab:
0c:10:e9:7c:71:10:1e:41:b9:83:f0:cb:20:53:cc:
be:f4:4f:99:a8:40:a4:16:45:94:06:40:b8:c0:62:
e2:8a:87:0e:ec:1e:d1:75:61:eb:eb:7b:e5:2a:58:
f5:7c:42:5a:65:da:bb:ee:14:bb:18:11:d1:83:26:
3e:6b:2e:e0:cd:f5:aa:f2:fc:e0:98:b3:59:11:11:
ac:03:56:7c:97:c9:35:b3:76:16:2a:b5:fb:eb:f1:
7a:65:e5:6a:6a:9c:5c:6d:29:7f:e3:21:98:dd:f0:
6c:d1:91:cd:ef:f4:05:98:97:86:7b:ef:bc:b9:e2:
bd:53:38:47:85:c9:d3:62:12:ae:a4:a1:b9:7f:d4:
d2:10:b8:0e:5d:88:6e:48:9e:76:40:69:39:b5:44:
4a:6c:ce:2f:35:c7:05:dc:45:59:1b:63:e5:e3:1b:
ce:df:9e:5a:80:c8:fa:9b:61:2e:c2:2b:f0:f2:8f:
55:91:0c:7b:f1:e8:bc:87:6e:6a:9d:59:4a:59:f1:
18:7e:b3:39:ea:ac:4d:e9:ba:0c:1d:de:13:ef:9c:
d8:52:88:af:78:b2:e8:55:96:47:dd:23:20:31:f5:
25:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:3C:D0:32:9F:AE:8A:89:AE:93:B9:6B:D6:10:C3:77:78:8A:9F:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8f6cab6f-44be-4f80-9040-c2f9ab0e0575.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:8000::/40
Signature Algorithm: sha256WithRSAEncryption
30:05:2d:84:96:9e:30:ea:06:7e:d7:5c:18:69:a1:9f:ef:55:
9c:18:75:7e:0d:b2:1c:32:80:37:7f:59:53:fa:0d:0c:84:b3:
7a:e1:45:3f:2f:7a:04:d1:d2:37:17:4e:ab:a7:be:ad:44:93:
f7:ea:e7:28:20:de:03:6f:be:c1:af:ae:bc:f9:71:7f:68:45:
09:15:16:41:8f:64:b7:d5:6e:8f:79:37:c7:1e:78:7a:b8:fc:
22:6b:22:f7:50:3b:17:6f:e6:ca:62:67:27:df:6c:6e:e9:2f:
ae:b9:d9:73:17:b9:4d:ff:9c:e0:3a:f3:c0:43:81:58:79:74:
90:a4:31:f5:9b:d7:73:4f:bc:8f:b0:88:55:5d:f4:41:d7:ae:
39:75:ce:00:b6:c7:8b:c2:1c:e7:72:e5:65:9e:5c:f0:d2:08:
a3:94:dc:ee:a3:33:a4:ed:60:93:d8:e0:17:d9:11:1c:0f:e0:
85:ef:d2:65:47:8e:50:f6:61:c0:36:68:36:1c:76:57:dc:39:
de:60:f3:a2:1d:e1:02:28:8f:dd:93:5d:fe:de:09:48:8d:46:
a0:f0:23:dc:69:a9:e0:8c:c5:10:11:38:9f:d3:3b:95:96:f5:
54:d7:3f:b7:35:c3:62:8a:be:d5:29:4e:9d:0e:18:25:00:16:
40:c8:74:16
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUarQ+mkxEPUH0+Yf/o0tHFcvTZHswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTUwNTdaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjMjg1NzAzZjQ2YTBkNTI5NTZlNWNiYjQwMTBmMjEyZWIyZjYyM2VhMDkz
MjIzZjEwZmVmYWRhNzQ4MGFmMWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOcF72UzRDTanpbGY9xt/3wo2gOedwY+th7f6x6rDBDpfHEQHkG5g/DLIFPM
vvRPmahApBZFlAZAuMBi4oqHDuwe0XVh6+t75SpY9XxCWmXau+4UuxgR0YMmPmsu
4M31qvL84JizWRERrANWfJfJNbN2Fiq1++vxemXlamqcXG0pf+MhmN3wbNGRze/0
BZiXhnvvvLnivVM4R4XJ02ISrqShuX/U0hC4Dl2IbkiedkBpObVESmzOLzXHBdxF
WRtj5eMbzt+eWoDI+pthLsIr8PKPVZEMe/HovIduap1ZSlnxGH6zOeqsTem6DB3e
E++c2FKIr3iy6FWWR90jIDH1JR8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSIPNAy
n66Kia6TuWvWEMN3eIqf6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGY2Y2FiNmYtNDRiZS00ZjgwLTkwNDAtYzJmOWFiMGUwNTc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HOA
MA0GCSqGSIb3DQEBCwUAA4IBAQAwBS2Elp4w6gZ+11wYaaGf71WcGHV+DbIcMoA3
f1lT+g0MhLN64UU/L3oE0dI3F06rp76tRJP36ucoIN4Db77Br668+XF/aEUJFRZB
j2S31W6PeTfHHnh6uPwiayL3UDsXb+bKYmcn32xu6S+uudlzF7lN/5zgOvPAQ4FY
eXSQpDH1m9dzT7yPsIhVXfRB1645dc4AtseLwhzncuVlnlzw0gijlNzuozOk7WCT
2OAX2REcD+CF79JlR45Q9mHANmg2HHZX3DneYPOiHeECKI/dk13+3glIjUag8CPc
aangjMUQETif0zuVlvVU1z+3NcNiir7VKU6dDhglABZAyHQW
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:21 2025 by rpki-client