Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
File: 9a732efb-e23f-49a4-ad51-1a43431e07c9.roa (raw, json)
Hash identifier: OswohPGItFM//XpA8RVtQhoN8R+xjdnQNYrbF+92B38=
Subject key identifier: 6A:B0:FA:8F:70:58:6A:0F:F1:D3:93:6A:BA:AB:E0:22:68:36:16:98
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F25EFC3FEDD533588A840AB50D8D1E75CEA4DB3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
Signing time: Tue 05 Aug 2025 20:01:31 +0000
ROA not before: Tue 05 Aug 2025 20:01:31 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:25:ef:c3:fe:dd:53:35:88:a8:40:ab:50:d8:d1:e7:5c:ea:4d:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:01:31 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=e3cef5e3a7929c6f0e8f73c31d6fb1f4338796fa0055d8069ff5a19ba2e1ed19, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a9:4e:2f:94:cd:e9:86:19:3e:cb:c6:da:5e:
0c:8e:2b:ee:e2:20:dc:fc:c2:f9:22:0e:ef:46:89:
28:29:df:bd:2e:d1:ce:3f:a7:a9:db:92:a7:44:a2:
71:88:3f:dc:29:a2:68:3d:de:72:38:db:d9:23:cc:
fe:3d:81:27:d6:4d:08:f6:da:e8:81:9d:e4:22:b2:
a3:1d:be:04:74:32:05:1b:1a:26:70:e9:9a:12:a1:
88:f3:78:56:ef:6c:71:83:9d:ca:0a:61:21:86:88:
10:64:e0:f5:4f:1d:2e:9c:3b:8f:9d:72:8f:2e:6f:
99:0b:42:68:29:d8:10:6d:d0:d4:cb:c3:08:c9:5b:
ec:a5:03:c9:67:2a:de:87:a6:0b:d0:94:80:1c:66:
ce:6b:e4:43:14:fa:81:d7:f8:9e:87:5e:0b:60:e3:
23:37:8c:a3:b0:59:c6:e0:82:b7:9e:6f:c4:7c:33:
c2:f4:f3:f6:1f:ad:a8:e6:05:1a:a5:13:03:6e:9c:
64:6d:63:c1:76:7d:7d:89:09:b4:9b:5e:06:a3:88:
54:14:eb:67:a6:50:fc:2b:a9:81:41:d6:f7:71:19:
45:de:c5:b5:fd:6b:13:97:d6:36:54:82:36:b2:e7:
5a:63:99:a1:40:18:2d:fe:12:7f:dd:0b:68:e9:f0:
3f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:B0:FA:8F:70:58:6A:0F:F1:D3:93:6A:BA:AB:E0:22:68:36:16:98
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:9000::/40
Signature Algorithm: sha256WithRSAEncryption
9b:17:29:be:0f:04:03:ab:79:de:d4:23:40:ee:d0:93:19:24:
d6:bc:27:38:0a:4a:c5:2e:75:21:f0:3c:e3:34:ed:15:5a:33:
65:89:7e:91:b6:bb:93:32:74:c5:15:46:00:cc:29:3a:17:bc:
d6:f9:31:34:d5:90:36:01:f4:13:2d:c9:33:3a:a6:8c:5d:8f:
a7:c2:9f:d4:53:00:c1:46:fd:00:04:30:61:18:da:ae:6a:33:
a8:cc:4d:be:e2:72:1d:d2:85:31:f8:14:96:75:23:8b:a0:f6:
10:73:10:32:61:ed:97:f1:1e:85:be:5b:2e:60:fb:79:ce:47:
14:2a:5a:f0:48:f0:09:9d:2c:13:72:10:81:6e:7d:db:ce:4e:
7f:44:68:f7:77:39:c7:d5:fb:c6:bf:51:d3:48:cd:2e:ce:c9:
e0:ef:ca:bd:07:9f:6b:b5:93:35:14:76:1e:6f:4b:75:65:76:
40:eb:58:f4:81:cf:ef:24:33:6a:9c:7c:2f:6e:b1:c7:88:74:
ed:9a:6c:4b:14:8c:02:e8:e4:ba:64:4d:d0:85:b3:8e:08:7e:
17:10:3a:fa:e8:6e:75:93:21:e5:54:6c:a3:1d:b5:30:bc:b0:
18:5d:8d:b8:4c:c9:0d:bb:ff:db:4a:5a:f0:5b:12:46:dc:78:
f4:24:0f:25
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULyXvw/7dUzWIqECrUNjR51zqTbMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAxMzFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzY2VmNWUzYTc5MjljNmYwZThmNzNjMzFkNmZiMWY0MzM4Nzk2ZmEwMDU1
ZDgwNjlmZjVhMTliYTJlMWVkMTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCpTi+UzemGGT7LxtpeDI4r7uIg3PzC+SIO70aJKCnfvS7Rzj+nqduSp0Si
cYg/3CmiaD3ecjjb2SPM/j2BJ9ZNCPba6IGd5CKyox2+BHQyBRsaJnDpmhKhiPN4
Vu9scYOdygphIYaIEGTg9U8dLpw7j51yjy5vmQtCaCnYEG3Q1MvDCMlb7KUDyWcq
3oemC9CUgBxmzmvkQxT6gdf4nodeC2DjIzeMo7BZxuCCt55vxHwzwvTz9h+tqOYF
GqUTA26cZG1jwXZ9fYkJtJteBqOIVBTrZ6ZQ/CupgUHW93EZRd7Ftf1rE5fWNlSC
NrLnWmOZoUAYLf4Sf90LaOnwP/0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRqsPqP
cFhqD/HTk2q6q+AiaDYWmDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWE3MzJlZmItZTIzZi00OWE0LWFkNTEtMWE0MzQzMWUwN2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCbFym+DwQDq3ne1CNA7tCTGSTWvCc4CkrFLnUh
8DzjNO0VWjNliX6RtruTMnTFFUYAzCk6F7zW+TE01ZA2AfQTLckzOqaMXY+nwp/U
UwDBRv0ABDBhGNquajOozE2+4nId0oUx+BSWdSOLoPYQcxAyYe2X8R6FvlsuYPt5
zkcUKlrwSPAJnSwTchCBbn3bzk5/RGj3dznH1fvGv1HTSM0uzsng78q9B59rtZM1
FHYeb0t1ZXZA61j0gc/vJDNqnHwvbrHHiHTtmmxLFIwC6OS6ZE3QhbOOCH4XEDr6
6G51kyHlVGyjHbUwvLAYXY24TMkNu//bSlrwWxJG3Hj0JA8l
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:40 2025 by rpki-client