Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
File: 97700b94-3ec6-472c-97f5-b54fb1f56f76.roa (raw, json)
Hash identifier: LWtRgyfylIJ4Uhj/YPdVRUsXsktCHR1ijL9DWM5E66s=
Subject key identifier: 91:DE:6A:B6:3A:CF:1E:7E:33:EE:5E:EB:46:12:4B:61:D9:D2:BF:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 137378D427AEE9AD56A814D0EA03657DCE98BA2F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
Signing time: Fri 15 Aug 2025 15:51:01 +0000
ROA not before: Fri 15 Aug 2025 15:51:01 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:2040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:73:78:d4:27:ae:e9:ad:56:a8:14:d0:ea:03:65:7d:ce:98:ba:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:51:01 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=51e122e62655fc356751279ff0b0b1e4a23783d6d80ba9393e4f0f840010635b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:35:fc:43:81:86:b6:17:02:cf:b9:81:1a:e5:
e2:5f:3f:67:c2:e6:c6:6a:16:01:60:1f:aa:d4:7b:
45:78:29:bb:08:20:7a:65:e1:78:92:ce:66:ad:00:
87:a8:c8:a0:07:a1:42:c8:db:48:77:7f:fb:1a:12:
55:f0:ee:fe:98:96:26:d6:87:50:f4:43:66:f6:cc:
28:a8:4a:a8:df:cd:27:13:2f:4c:90:e0:fe:27:98:
6e:15:f7:0e:23:21:17:9c:65:fa:d9:c0:35:3c:43:
6c:dd:e1:88:eb:08:fe:b1:cf:28:e6:63:9b:ba:2d:
f0:4f:13:aa:ac:91:1f:53:11:46:21:b6:a3:3f:90:
b7:09:23:8f:d0:0c:b4:92:d5:6b:e8:8b:68:7c:ff:
75:c5:9f:d4:88:04:89:46:6c:50:19:c4:97:e9:f4:
f7:cc:a1:14:fb:e0:a2:92:5e:01:f7:b0:5a:13:fe:
35:1f:5d:3d:11:11:2c:c7:f3:0f:b0:fd:82:f1:e1:
4b:79:ad:27:33:a3:4c:36:55:a3:7a:97:d2:7a:cf:
57:7f:2d:4d:25:83:bd:2c:b9:99:5e:91:a9:17:92:
00:d0:dd:0c:9e:05:75:98:47:e0:be:75:fc:75:31:
41:c3:c1:c1:53:d3:8c:6d:63:f2:73:37:0f:60:6d:
bf:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:DE:6A:B6:3A:CF:1E:7E:33:EE:5E:EB:46:12:4B:61:D9:D2:BF:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97700b94-3ec6-472c-97f5-b54fb1f56f76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:2040::/46
Signature Algorithm: sha256WithRSAEncryption
34:5d:9c:25:5c:76:f4:f5:fd:70:37:89:f0:db:53:ec:54:ef:
9d:02:81:35:0c:b3:89:09:d8:6f:d8:a3:58:02:56:a8:13:9d:
b9:25:77:6f:6b:ac:af:c7:10:ee:1a:a1:90:88:1d:9d:1e:87:
77:49:fb:55:a0:48:49:03:2a:e7:8d:3a:15:08:1b:cd:1a:c4:
0c:c9:25:29:ca:f5:a7:8f:28:ec:39:7e:29:d1:c5:3e:35:23:
dd:49:23:41:ae:1e:06:da:68:62:a2:1d:47:3d:d3:1a:0b:87:
21:9f:7a:a2:de:27:f8:84:41:30:45:58:6e:58:fe:df:93:84:
85:ac:bb:bd:ed:55:56:a4:20:fd:e7:ec:f5:7b:10:fd:ca:bd:
56:b2:6a:fb:b9:85:df:36:14:f1:16:39:00:d0:b3:cd:d6:75:
80:24:4d:35:e9:d4:78:28:ba:b2:67:19:10:b7:9d:ec:b2:07:
c5:81:9e:63:70:d7:21:49:91:38:23:e8:0b:27:5a:21:75:ad:
21:4d:63:5d:0d:70:4a:cd:21:04:80:a5:c4:db:bf:5d:b2:c2:
5a:88:38:d4:2e:f9:15:24:03:7b:3e:d5:71:62:61:ea:01:f5:
00:3f:cd:51:b8:3f:eb:46:fd:9f:bc:75:ff:7b:37:9c:7e:17:
ed:56:c7:35
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUE3N41Ceu6a1WqBTQ6gNlfc6Yui8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTUxMDFaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxZTEyMmU2MjY1NWZjMzU2NzUxMjc5ZmYwYjBiMWU0YTIzNzgzZDZkODBi
YTkzOTNlNGYwZjg0MDAxMDYzNWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPI1/EOBhrYXAs+5gRrl4l8/Z8LmxmoWAWAfqtR7RXgpuwggemXheJLOZq0A
h6jIoAehQsjbSHd/+xoSVfDu/piWJtaHUPRDZvbMKKhKqN/NJxMvTJDg/ieYbhX3
DiMhF5xl+tnANTxDbN3hiOsI/rHPKOZjm7ot8E8TqqyRH1MRRiG2oz+Qtwkjj9AM
tJLVa+iLaHz/dcWf1IgEiUZsUBnEl+n098yhFPvgopJeAfewWhP+NR9dPRERLMfz
D7D9gvHhS3mtJzOjTDZVo3qX0nrPV38tTSWDvSy5mV6RqReSANDdDJ4FdZhH4L51
/HUxQcPBwVPTjG1j8nM3D2Btv4UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSR3mq2
Os8efjPuXutGEkth2dK/wDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc3MDBiOTQtM2VjNi00NzJjLTk3ZjUtYjU0ZmIxZjU2Zjc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMg
QDANBgkqhkiG9w0BAQsFAAOCAQEANF2cJVx29PX9cDeJ8NtT7FTvnQKBNQyziQnY
b9ijWAJWqBOduSV3b2usr8cQ7hqhkIgdnR6Hd0n7VaBISQMq5406FQgbzRrEDMkl
Kcr1p48o7Dl+KdHFPjUj3UkjQa4eBtpoYqIdRz3TGguHIZ96ot4n+IRBMEVYblj+
35OEhay7ve1VVqQg/efs9XsQ/cq9VrJq+7mF3zYU8RY5ANCzzdZ1gCRNNenUeCi6
smcZELed7LIHxYGeY3DXIUmROCPoCydaIXWtIU1jXQ1wSs0hBIClxNu/XbLCWog4
1C75FSQDez7VcWJh6gH1AD/NUbg/60b9n7x1/3s3nH4X7VbHNQ==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:42 2025 by rpki-client