Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
File: d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa (raw, json)
Hash identifier: IWgeHyO4xr8JOcjb8/DxZ65z1slAowLeXNf6pDw1+rI=
Subject key identifier: 17:43:37:BE:7A:2E:BD:D1:30:08:1B:9A:77:C2:F0:D5:0A:1B:51:96
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B5D437F7BB2BB15E4007C7F12A5AF16C932F668
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
Signing time: Fri 15 Aug 2025 15:41:34 +0000
ROA not before: Fri 15 Aug 2025 15:41:34 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:5d:43:7f:7b:b2:bb:15:e4:00:7c:7f:12:a5:af:16:c9:32:f6:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:41:34 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=6b65b19c1474ec0ad89cb80c134dfcd261c9b583cc4c27ba25bd436a8dda60ba, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b7:d4:8b:95:dc:84:45:2a:72:bd:ca:09:c5:
80:c4:9d:68:fd:ba:ad:5e:35:8f:15:22:ed:55:7e:
08:84:1b:f4:30:8b:cb:3c:47:c8:27:d4:97:68:1b:
56:51:f5:7a:74:c0:f1:07:d0:d8:1a:e0:20:ab:b8:
b0:c2:8a:f1:e7:ad:d6:b4:08:7a:0e:c9:db:bc:b6:
ae:85:97:6f:6b:c3:1b:33:ed:4c:54:e5:44:fd:d8:
69:c5:69:6f:9f:86:85:95:90:6b:59:dd:b1:5a:84:
db:ed:64:10:bc:2c:99:d8:48:c2:5b:f4:56:95:40:
0c:d8:95:84:0e:d7:38:93:a1:ff:10:71:09:c8:f2:
0c:f0:d3:46:e2:63:46:65:04:ce:2e:fb:4c:8b:dd:
46:96:88:64:0b:61:60:43:97:33:9c:fe:57:db:80:
c1:04:27:cf:af:31:73:90:e2:f1:a7:a0:97:95:ab:
c2:3b:a7:6e:2b:e0:28:d2:20:aa:e2:cd:e0:da:fd:
18:13:5d:39:19:b7:10:5a:40:c4:2a:58:41:f4:b6:
a8:da:a6:af:96:34:d3:65:fc:b9:62:55:37:9e:cd:
ca:4b:15:a5:90:f8:98:90:b9:a4:26:89:a1:2d:bf:
28:f7:8f:c3:5c:2e:9f:8d:1b:9f:fc:2b:ff:58:94:
c6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:43:37:BE:7A:2E:BD:D1:30:08:1B:9A:77:C2:F0:D5:0A:1B:51:96
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:840::/46
Signature Algorithm: sha256WithRSAEncryption
3e:62:3e:b4:52:34:82:76:c5:53:31:27:4d:fd:6e:6b:62:7a:
91:10:c6:57:0a:e3:e7:17:c2:a9:a7:9d:8b:dc:5a:27:3e:41:
56:51:12:57:85:5b:8f:28:69:17:b7:df:36:ae:02:3a:70:6c:
b6:41:11:ca:16:ad:15:3c:13:66:d0:8d:0a:04:83:92:54:be:
52:e8:73:4c:8b:ea:a4:59:d9:2c:e3:46:6e:6e:b1:3f:64:91:
a2:24:fc:30:98:22:77:eb:b1:48:88:66:5e:cd:82:ba:9f:b7:
4d:11:50:65:c9:01:e0:36:07:ac:90:2d:7f:4d:fd:0d:97:39:
15:4b:fc:f4:7e:10:b7:ba:c9:dd:17:de:f4:92:47:2e:bd:49:
5e:d8:d2:de:d7:05:53:3d:25:58:f6:81:2c:db:4b:b2:b5:d8:
19:74:d0:69:a1:cc:d3:55:31:33:c1:6a:04:f3:b5:02:b5:eb:
fe:b4:99:5b:54:72:af:d4:7c:62:93:40:76:4a:76:10:25:07:
42:45:c9:28:7e:3c:d6:00:5c:98:1e:26:e8:f1:c2:14:c6:c9:
a0:be:33:f6:99:b6:c3:9a:28:e5:c4:7b:9e:b9:c4:34:b3:29:
c6:80:4f:4e:2b:4c:20:2a:c4:0a:93:14:6c:69:c9:8f:01:a0:
12:f9:80:76
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUK11Df3uyuxXkAHx/EqWvFsky9mgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTQxMzRaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiNjViMTljMTQ3NGVjMGFkODljYjgwYzEzNGRmY2QyNjFjOWI1ODNjYzRj
MjdiYTI1YmQ0MzZhOGRkYTYwYmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALe31IuV3IRFKnK9ygnFgMSdaP26rV41jxUi7VV+CIQb9DCLyzxHyCfUl2gb
VlH1enTA8QfQ2BrgIKu4sMKK8eet1rQIeg7J27y2roWXb2vDGzPtTFTlRP3YacVp
b5+GhZWQa1ndsVqE2+1kELwsmdhIwlv0VpVADNiVhA7XOJOh/xBxCcjyDPDTRuJj
RmUEzi77TIvdRpaIZAthYEOXM5z+V9uAwQQnz68xc5Di8aegl5WrwjunbivgKNIg
quLN4Nr9GBNdORm3EFpAxCpYQfS2qNqmr5Y002X8uWJVN57NyksVpZD4mJC5pCaJ
oS2/KPePw1wun40bn/wr/1iUxkkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQXQze+
ei690TAIG5p3wvDVChtRljAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDMxZTRiMWItMGZhOS00NTQ5LWE2ZmEtM2E2ZWI5NGVlZjJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMI
QDANBgkqhkiG9w0BAQsFAAOCAQEAPmI+tFI0gnbFUzEnTf1ua2J6kRDGVwrj5xfC
qaedi9xaJz5BVlESV4VbjyhpF7ffNq4COnBstkERyhatFTwTZtCNCgSDklS+Uuhz
TIvqpFnZLONGbm6xP2SRoiT8MJgid+uxSIhmXs2Cup+3TRFQZckB4DYHrJAtf039
DZc5FUv89H4Qt7rJ3Rfe9JJHLr1JXtjS3tcFUz0lWPaBLNtLsrXYGXTQaaHM01Ux
M8FqBPO1ArXr/rSZW1Ryr9R8YpNAdkp2ECUHQkXJKH481gBcmB4m6PHCFMbJoL4z
9pm2w5oo5cR7nrnENLMpxoBPTitMICrECpMUbGnJjwGgEvmAdg==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:43 2025 by rpki-client