Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9cee224-c41f-451e-ba80-f0bceb6623bc.roa
File: c9cee224-c41f-451e-ba80-f0bceb6623bc.roa (raw, json)
Hash identifier: ZQ7VTbkuFWGmJUToY8U0I1tL841iaWt88fKz7kcHyNI=
Subject key identifier: CF:63:05:FD:8F:9A:53:CB:F8:BB:4D:67:81:F3:BC:4E:A8:BC:F8:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0CE2943ACB9A75CF05FA5B702F29E327C64C6FD6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9cee224-c41f-451e-ba80-f0bceb6623bc.roa
Signing time: Fri 15 Aug 2025 15:41:19 +0000
ROA not before: Fri 15 Aug 2025 15:41:19 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:4080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:e2:94:3a:cb:9a:75:cf:05:fa:5b:70:2f:29:e3:27:c6:4c:6f:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:41:19 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=dd33445d25cdffef4a4e8a853f064472cd131211aac2d1a33a48222e2baf010e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e4:6f:8d:e7:5f:ef:68:fe:10:5b:ee:ac:5e:
4f:93:32:2e:72:e4:d5:a7:72:67:c1:f9:c6:7b:5b:
1b:b7:39:20:f7:f6:f2:2c:37:db:d8:54:21:1c:52:
79:05:3d:ff:66:f8:9d:de:69:82:6f:85:10:96:a5:
cc:15:72:7b:4a:bd:f8:85:9a:f5:4a:02:5f:bc:2b:
f4:3d:f9:2c:70:61:ae:8c:af:ff:63:75:e7:aa:3d:
66:f7:73:bb:b9:c5:a5:5c:5d:e7:8d:40:c8:e6:21:
ab:e3:32:c4:35:a9:aa:a2:88:ce:ec:e9:ca:7b:4c:
5c:fc:e7:21:64:7e:73:d0:f4:0f:78:57:d1:78:35:
6b:59:7b:62:cf:22:1b:7d:da:b1:22:dd:79:33:16:
77:c9:98:54:38:95:67:d1:c7:d1:d9:d6:78:5e:47:
9e:51:5e:4d:48:64:d7:e2:59:da:82:3d:7e:04:59:
0b:b6:e0:aa:29:8a:ac:d7:d4:7b:54:30:29:ab:8c:
5c:38:a0:96:f2:2b:5a:e6:49:b5:79:e4:b3:05:b3:
78:aa:7f:75:74:e1:89:47:52:87:b1:fd:a1:42:15:
be:12:f2:99:f6:da:4d:ac:4d:46:17:0c:a3:dc:54:
c1:a5:51:bd:b6:5e:67:b8:4c:8f:d0:8a:08:dc:de:
71:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:63:05:FD:8F:9A:53:CB:F8:BB:4D:67:81:F3:BC:4E:A8:BC:F8:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9cee224-c41f-451e-ba80-f0bceb6623bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:4080::/46
Signature Algorithm: sha256WithRSAEncryption
bc:74:48:65:be:e4:43:c3:86:40:44:b4:e9:aa:45:e0:af:fd:
ac:35:dd:b2:28:67:fb:62:11:27:00:92:1e:97:7b:93:57:69:
94:2f:ec:f6:dd:7b:c3:87:56:64:6a:33:b1:e7:40:34:25:f5:
17:e9:dc:95:e0:3b:d7:34:3d:84:5f:11:22:63:03:d6:c0:9b:
b4:5d:5d:1d:a3:a6:67:4c:47:49:21:a4:b4:44:f3:6d:82:9d:
c6:e7:95:7c:57:2e:3a:d5:f3:1e:a6:e7:be:bf:46:e0:f8:00:
4a:a4:6c:93:16:2d:a5:9e:a1:00:ad:52:52:ae:a4:37:2f:12:
a1:f6:61:a2:50:4a:65:1a:3d:79:87:3c:fe:24:de:0c:26:2c:
f2:4f:34:bd:48:84:88:27:99:5e:b2:a6:1c:f3:32:e1:1d:7a:
0c:4d:74:cd:d5:5a:69:9b:0d:f9:45:98:1f:1c:68:b1:7a:ae:
a5:ec:70:4d:76:be:b0:50:c3:ea:eb:81:34:0b:d2:2f:3f:a6:
60:81:e2:11:e4:fd:15:e1:b4:84:e2:eb:c1:01:fc:39:c5:fe:
34:66:f7:19:43:9e:f6:b4:9d:52:a9:01:85:ed:2d:26:ab:13:
5e:df:1d:c5:48:f1:2e:98:32:d5:29:65:e6:a6:85:b1:7e:6f:
d1:2a:d5:48
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDOKUOsuadc8F+ltwLynjJ8ZMb9YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTQxMTlaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkMzM0NDVkMjVjZGZmZWY0YTRlOGE4NTNmMDY0NDcyY2QxMzEyMTFhYWMy
ZDFhMzNhNDgyMjJlMmJhZjAxMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXkb43nX+9o/hBb7qxeT5MyLnLk1adyZ8H5xntbG7c5IPf28iw329hUIRxS
eQU9/2b4nd5pgm+FEJalzBVye0q9+IWa9UoCX7wr9D35LHBhroyv/2N156o9Zvdz
u7nFpVxd541AyOYhq+MyxDWpqqKIzuzpyntMXPznIWR+c9D0D3hX0Xg1a1l7Ys8i
G33asSLdeTMWd8mYVDiVZ9HH0dnWeF5HnlFeTUhk1+JZ2oI9fgRZC7bgqimKrNfU
e1QwKauMXDiglvIrWuZJtXnkswWzeKp/dXThiUdSh7H9oUIVvhLymfbaTaxNRhcM
o9xUwaVRvbZeZ7hMj9CKCNzecZUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTPYwX9
j5pTy/i7TWeB87xOqLz4DTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzljZWUyMjQtYzQxZi00NTFlLWJhODAtZjBiY2ViNjYyM2JjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNA
gDANBgkqhkiG9w0BAQsFAAOCAQEAvHRIZb7kQ8OGQES06apF4K/9rDXdsihn+2IR
JwCSHpd7k1dplC/s9t17w4dWZGozsedANCX1F+ncleA71zQ9hF8RImMD1sCbtF1d
HaOmZ0xHSSGktETzbYKdxueVfFcuOtXzHqbnvr9G4PgASqRskxYtpZ6hAK1SUq6k
Ny8SofZholBKZRo9eYc8/iTeDCYs8k80vUiEiCeZXrKmHPMy4R16DE10zdVaaZsN
+UWYHxxosXqupexwTXa+sFDD6uuBNAvSLz+mYIHiEeT9FeG0hOLrwQH8OcX+NGb3
GUOe9rSdUqkBhe0tJqsTXt8dxUjxLpgy1Sll5qaFsX5v0SrVSA==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:40 2025 by rpki-client