Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9351f0f-1de7-4e75-9502-939a8ea72ee5.roa
File: a9351f0f-1de7-4e75-9502-939a8ea72ee5.roa (raw, json)
Hash identifier: RaCnoDvUvv1tPtFIUdCjZnOBQt3ua5QGvU41yphaqgQ=
Subject key identifier: 02:F8:2A:06:C1:0A:37:82:1F:08:8A:E9:B4:5C:73:4C:07:4A:E6:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E2FD964E209626B12CCA1C8BD5180F5FAADF73C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9351f0f-1de7-4e75-9502-939a8ea72ee5.roa
Signing time: Tue 19 Aug 2025 16:50:50 +0000
ROA not before: Tue 19 Aug 2025 16:50:50 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:2f:d9:64:e2:09:62:6b:12:cc:a1:c8:bd:51:80:f5:fa:ad:f7:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:50 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=8ea78e973c299826005de1ba2fa6e1d369e1b667567517bced50a270b18fd57f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:86:95:18:46:d5:c7:c5:2e:68:4a:d9:f0:af:
e3:c3:10:81:1f:e9:03:f5:df:c9:f3:e0:e8:cb:3b:
1b:67:ac:53:06:8a:49:45:81:2b:61:b0:39:97:4b:
55:3d:41:6e:2f:c9:dd:b7:26:37:62:6a:76:d3:c0:
ae:66:2d:ae:40:91:5e:09:e3:c8:a3:7f:3e:85:51:
f9:cc:8a:9e:93:a5:c4:38:4d:d5:26:21:3b:54:ea:
40:5c:8e:34:fd:06:17:73:7a:80:0f:e3:3a:a6:f2:
22:96:90:e0:31:1b:5b:6d:91:66:55:bf:4a:ce:6a:
0b:2d:26:b3:10:c5:5d:5b:41:e8:93:8b:c7:82:9a:
8f:f7:62:56:f6:f7:b5:a8:12:5f:61:41:c8:4b:e7:
7b:da:f8:65:bd:c4:64:1a:28:71:98:6c:c8:67:a4:
b7:e8:2d:b3:07:ec:12:07:84:1a:f3:5f:be:d3:ae:
1d:e1:72:6a:9d:fa:b0:ec:ca:8c:bd:f8:22:f1:b2:
a1:b9:06:a7:fd:34:03:92:53:7c:cd:c6:36:e9:53:
7d:2f:c8:07:ad:0e:54:85:de:21:90:19:d9:f2:cb:
f4:8e:8a:12:51:26:93:21:04:57:8d:59:29:8f:cf:
15:bb:28:ca:2f:80:dd:ea:5b:a1:7c:34:07:7c:a0:
a8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:F8:2A:06:C1:0A:37:82:1F:08:8A:E9:B4:5C:73:4C:07:4A:E6:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9351f0f-1de7-4e75-9502-939a8ea72ee5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e::/32
Signature Algorithm: sha256WithRSAEncryption
c5:d5:51:f6:55:56:27:94:47:4e:37:8f:f2:c6:a3:b5:44:f2:
af:82:58:22:cd:d1:00:ab:22:2f:6e:ef:db:98:cf:9d:26:42:
ab:3f:13:95:a4:13:3c:47:d8:43:fc:7f:77:fd:40:74:07:83:
6c:43:87:5b:d6:b1:9e:2d:41:da:5a:76:9e:f8:43:87:2d:16:
bc:a0:60:89:9c:af:9f:c8:84:bf:13:22:41:a3:c7:57:d5:d5:
d4:d0:00:a7:9a:ac:9d:f1:2a:84:ff:99:7a:f4:fb:9f:54:57:
9e:7d:4e:d2:88:18:a4:8a:b1:1f:db:e7:aa:0f:1d:7e:2e:10:
5f:a6:a5:5c:b3:b2:d4:b0:92:3b:a3:f4:21:87:80:e2:5d:ab:
67:27:5f:41:5e:20:09:b8:c1:e7:c0:bf:59:e6:f2:20:4a:99:
0e:38:d1:89:f1:84:f2:14:de:2f:5c:2f:f3:a2:dd:0a:5e:1c:
08:fe:fe:09:b3:3f:ef:7c:ba:04:f9:15:1e:0f:fa:67:a8:95:
76:b6:28:f7:2f:47:af:7f:73:d2:24:c9:fc:d4:ac:88:cb:97:
d3:e7:c3:29:ad:38:8c:66:fd:a0:a7:42:d6:ae:1c:58:6a:5e:
e9:cc:5b:7b:90:15:d6:37:4d:c6:af:79:5b:9e:75:f8:a6:32:
cf:21:1f:c1
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUfi/ZZOIJYmsSzKHIvVGA9fqt9zwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwNTBaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlYTc4ZTk3M2MyOTk4MjYwMDVkZTFiYTJmYTZlMWQzNjllMWI2Njc1Njc1
MTdiY2VkNTBhMjcwYjE4ZmQ1N2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIiGlRhG1cfFLmhK2fCv48MQgR/pA/XfyfPg6Ms7G2esUwaKSUWBK2GwOZdL
VT1Bbi/J3bcmN2JqdtPArmYtrkCRXgnjyKN/PoVR+cyKnpOlxDhN1SYhO1TqQFyO
NP0GF3N6gA/jOqbyIpaQ4DEbW22RZlW/Ss5qCy0msxDFXVtB6JOLx4Kaj/diVvb3
tagSX2FByEvne9r4Zb3EZBoocZhsyGekt+gtswfsEgeEGvNfvtOuHeFyap36sOzK
jL34IvGyobkGp/00A5JTfM3GNulTfS/IB60OVIXeIZAZ2fLL9I6KElEmkyEEV41Z
KY/PFbsoyi+A3epboXw0B3ygqHECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQC+CoG
wQo3gh8Iium0XHNMB0rm9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTkzNTFmMGYtMWRlNy00ZTc1LTk1MDItOTM5YThlYTcyZWU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0G4w
DQYJKoZIhvcNAQELBQADggEBAMXVUfZVVieUR043j/LGo7VE8q+CWCLN0QCrIi9u
79uYz50mQqs/E5WkEzxH2EP8f3f9QHQHg2xDh1vWsZ4tQdpadp74Q4ctFrygYImc
r5/IhL8TIkGjx1fV1dTQAKearJ3xKoT/mXr0+59UV559TtKIGKSKsR/b56oPHX4u
EF+mpVyzstSwkjuj9CGHgOJdq2cnX0FeIAm4wefAv1nm8iBKmQ440YnxhPIU3i9c
L/Oi3QpeHAj+/gmzP+98ugT5FR4P+meolXa2KPcvR69/c9IkyfzUrIjLl9Pnwymt
OIxm/aCnQtauHFhqXunMW3uQFdY3TcaveVuedfimMs8hH8E=
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:39 2025 by rpki-client