Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa
File: 9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa (raw, json)
Hash identifier: PdeRA3pxgcxdhgiRwF/LyglR9B5QEX/KbS7LSNX3o/o=
Subject key identifier: 74:27:FE:01:FB:FC:C5:B4:00:5B:43:39:EC:01:45:0F:93:54:63:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 563D38774EB00638A8E97E92CB6A708D7FC91F99
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa
Signing time: Fri 15 Aug 2025 15:41:02 +0000
ROA not before: Fri 15 Aug 2025 15:41:02 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:90c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:3d:38:77:4e:b0:06:38:a8:e9:7e:92:cb:6a:70:8d:7f:c9:1f:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:41:02 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=6e22fb82b1fe9d7f06ab2d919ecc17de8a6320c47d69b247c038c6beed151530, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c2:6b:8d:fb:38:b7:9e:88:43:2e:df:7b:60:
ec:37:98:a7:b8:aa:fd:8e:61:1e:8a:18:53:55:46:
0a:a8:ea:65:22:98:65:16:a8:90:e3:84:64:61:f2:
64:9c:a2:e1:35:0c:3f:d2:16:3d:51:38:2d:41:9b:
81:0b:c0:9d:e6:e7:b6:5e:a3:b4:7a:ed:06:d6:3e:
78:7c:d2:60:59:8d:3f:1d:ed:51:0d:bd:f1:3c:7e:
be:44:c4:28:db:25:4e:c8:6e:ea:31:60:75:06:98:
96:fa:d3:07:e9:37:86:6b:99:46:c3:7f:e9:48:d3:
36:f2:f7:b2:8c:c2:de:30:40:f1:90:d0:0f:b1:12:
c4:23:df:44:96:2e:3b:5a:08:2b:e1:8a:68:b9:b9:
c4:22:28:3e:f2:1f:f7:37:fc:4c:7d:b1:b5:81:30:
88:88:22:20:9f:07:b3:ef:91:1f:39:83:be:d3:45:
51:37:4f:0a:4c:3c:7d:4e:fa:22:f7:ab:af:ba:7e:
ed:b4:4e:e1:71:16:15:34:81:da:54:a8:67:ed:2b:
fb:32:94:b9:a5:f0:1c:0e:18:43:8e:f3:dd:fa:83:
d6:7c:66:00:67:c6:7a:e9:d5:00:5f:9e:aa:d3:41:
60:b9:7d:2d:33:72:f5:95:71:c6:81:a9:c5:64:d0:
23:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:27:FE:01:FB:FC:C5:B4:00:5B:43:39:EC:01:45:0F:93:54:63:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:90c0::/46
Signature Algorithm: sha256WithRSAEncryption
36:75:bc:df:4a:5f:2d:bd:80:97:a9:1f:6e:93:4e:07:91:7e:
7b:d1:7d:32:ca:8a:e5:fd:25:d9:83:91:59:74:80:16:04:bf:
05:9d:92:49:93:5f:50:90:cc:aa:4d:4b:3d:31:ec:13:8e:1d:
59:6e:73:a9:17:a7:dc:37:6d:a2:90:e1:d1:f4:8c:39:4b:cd:
dc:42:d2:18:80:97:18:78:db:37:25:db:1b:9c:a5:4e:fd:ae:
05:32:e6:95:a0:c0:5c:14:52:df:ab:cd:b4:dc:8b:78:f2:57:
7f:a7:39:fd:42:00:5b:c4:89:3e:b6:d5:0a:0d:f1:80:94:da:
35:f6:bf:a8:9a:55:a4:07:62:ee:0d:6d:43:6c:41:55:63:23:
73:a9:40:ff:cf:71:a0:c9:bc:eb:e4:f9:9e:6b:93:57:94:29:
90:a3:24:a3:40:4b:ed:73:65:8c:36:43:04:6d:3f:59:6b:14:
1a:f2:76:bd:39:72:b2:03:0e:0b:03:be:88:01:92:cf:e0:5d:
c9:2e:b8:76:38:95:bb:af:a1:12:c8:e8:59:af:75:68:f2:46:
0c:8f:8a:a9:67:ca:50:1e:7a:7a:37:2e:b3:60:a4:1e:2e:0d:
ae:31:cc:24:ed:04:20:3f:ed:65:79:92:31:2b:b3:6e:d2:8b:
a0:cb:87:7b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVj04d06wBjio6X6Sy2pwjX/JH5kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTQxMDJaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlMjJmYjgyYjFmZTlkN2YwNmFiMmQ5MTllY2MxN2RlOGE2MzIwYzQ3ZDY5
YjI0N2MwMzhjNmJlZWQxNTE1MzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLCa437OLeeiEMu33tg7DeYp7iq/Y5hHooYU1VGCqjqZSKYZRaokOOEZGHy
ZJyi4TUMP9IWPVE4LUGbgQvAnebntl6jtHrtBtY+eHzSYFmNPx3tUQ298Tx+vkTE
KNslTshu6jFgdQaYlvrTB+k3hmuZRsN/6UjTNvL3sozC3jBA8ZDQD7ESxCPfRJYu
O1oIK+GKaLm5xCIoPvIf9zf8TH2xtYEwiIgiIJ8Hs++RHzmDvtNFUTdPCkw8fU76
Iverr7p+7bRO4XEWFTSB2lSoZ+0r+zKUuaXwHA4YQ47z3fqD1nxmAGfGeunVAF+e
qtNBYLl9LTNy9ZVxxoGpxWTQIy8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR0J/4B
+/zFtABbQznsAUUPk1RjfTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWE1ZmVjMmQtMmM0MC00MDY4LTliY2YtYzQ3ZDc2MDFkMDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOQ
wDANBgkqhkiG9w0BAQsFAAOCAQEANnW830pfLb2Al6kfbpNOB5F+e9F9MsqK5f0l
2YORWXSAFgS/BZ2SSZNfUJDMqk1LPTHsE44dWW5zqRen3DdtopDh0fSMOUvN3ELS
GICXGHjbNyXbG5ylTv2uBTLmlaDAXBRS36vNtNyLePJXf6c5/UIAW8SJPrbVCg3x
gJTaNfa/qJpVpAdi7g1tQ2xBVWMjc6lA/89xoMm86+T5nmuTV5QpkKMko0BL7XNl
jDZDBG0/WWsUGvJ2vTlysgMOCwO+iAGSz+BdyS64djiVu6+hEsjoWa91aPJGDI+K
qWfKUB56ejcus2CkHi4NrjHMJO0EID/tZXmSMSuzbtKLoMuHew==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:40 2025 by rpki-client