Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08e9f311-ee3f-4a72-94cd-4b4eeae736f4.roa
File: 08e9f311-ee3f-4a72-94cd-4b4eeae736f4.roa (raw, json)
Hash identifier: Go9jhykLSmQ7XKI2MTBnFCmtwt4DwK/E3XSF8FS4RKM=
Subject key identifier: 2A:9D:6F:61:4A:62:93:CB:34:A3:BA:1D:19:8A:F2:CA:03:DB:B8:ED
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12CD7A7CFF35427726C24883DE660642432847E7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08e9f311-ee3f-4a72-94cd-4b4eeae736f4.roa
Signing time: Wed 30 Jul 2025 20:07:20 +0000
ROA not before: Wed 30 Jul 2025 20:07:20 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:cd:7a:7c:ff:35:42:77:26:c2:48:83:de:66:06:42:43:28:47:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:07:20 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=ce4cd6c709fff9bf015aaac330cd1eadbd5c58a9338975fbe60a1f1b1c4141b8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:fd:ba:22:42:b2:44:75:26:3e:df:80:ba:84:
f2:b2:71:ce:f2:67:40:1d:11:51:1c:6a:35:d9:71:
7e:61:dc:71:56:cb:52:6c:a1:bd:8b:e3:25:cc:df:
96:f7:d7:38:4b:65:dc:b2:48:ed:2d:35:70:77:16:
0c:9c:b6:78:7e:33:ac:40:da:b5:34:de:5e:27:d9:
51:07:b2:4c:24:aa:54:7e:4e:31:72:60:0b:a5:e2:
c7:bb:f6:a3:ba:23:c8:5c:b8:4d:97:bd:26:26:26:
8d:1c:14:7c:4e:38:59:ea:e5:92:07:03:d9:71:fc:
d8:f7:34:62:37:89:91:bc:f5:10:52:f3:4d:c9:3f:
a2:69:37:56:cd:1a:a1:62:43:b5:5f:51:9b:1f:31:
ac:c7:28:19:8a:5a:1c:2f:81:ee:9a:17:c6:22:80:
45:70:dd:5d:01:96:dd:49:88:f2:5c:97:cf:9a:d6:
98:4c:e2:73:0c:39:71:73:61:18:58:22:9b:5f:36:
1b:e5:9f:65:51:4e:47:86:a7:b4:2b:84:1a:c0:ae:
81:24:9c:b3:8d:c5:a6:cd:eb:3b:cf:78:a2:13:c7:
f2:25:b9:f5:9a:1e:b3:91:62:58:f5:c7:7b:e2:78:
2a:97:a7:d1:af:a8:d3:c5:78:c2:42:81:7f:d6:4f:
5b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:9D:6F:61:4A:62:93:CB:34:A3:BA:1D:19:8A:F2:CA:03:DB:B8:ED
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08e9f311-ee3f-4a72-94cd-4b4eeae736f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:b000::/40
Signature Algorithm: sha256WithRSAEncryption
77:4d:dd:40:29:30:4e:2f:4f:fa:53:f6:6f:ef:27:41:ba:78:
ad:76:7c:50:b7:1a:76:e9:34:a1:ee:84:40:f7:fa:80:df:61:
19:cd:77:9c:42:2a:93:8b:6b:93:a9:f6:6f:f3:6b:0c:53:b2:
ec:e3:7d:1f:2f:0f:97:61:ef:ba:09:6e:4c:e2:99:81:3a:e1:
d4:c3:80:dd:b7:25:5a:1f:80:a3:99:cb:65:4d:1c:31:38:b6:
c9:1e:28:30:e1:1f:e8:f7:08:b1:62:d5:d0:8c:2a:80:03:c6:
87:a7:58:22:84:90:c6:c7:7e:c1:4b:37:08:65:f7:62:8c:0b:
5c:73:8a:ba:48:cb:23:d0:43:1f:40:8a:2b:c2:38:2d:47:ff:
d7:48:b8:07:1c:85:9f:42:88:68:17:b4:81:13:6c:4d:a4:cc:
30:46:5c:02:50:1c:f4:99:5f:d4:0a:30:d6:08:6d:0f:c8:ad:
eb:92:08:29:c7:7d:9b:99:e9:17:6d:6e:ee:10:fc:2a:42:bf:
ca:fa:d8:25:26:3b:97:3d:5a:47:bd:6b:2d:a3:90:a6:5c:ce:
f6:fb:08:35:6b:2b:7a:f8:a3:3f:97:45:48:c7:0e:55:72:9d:
6c:aa:4d:10:5f:c8:ce:b0:5b:10:47:ad:d6:be:65:f6:8a:3d:
72:67:c6:bb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEs16fP81QncmwkiD3mYGQkMoR+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MzAyMDA3MjBaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlNGNkNmM3MDlmZmY5YmYwMTVhYWFjMzMwY2QxZWFkYmQ1YzU4YTkzMzg5
NzVmYmU2MGExZjFiMWM0MTQxYjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPj9uiJCskR1Jj7fgLqE8rJxzvJnQB0RURxqNdlxfmHccVbLUmyhvYvjJczf
lvfXOEtl3LJI7S01cHcWDJy2eH4zrEDatTTeXifZUQeyTCSqVH5OMXJgC6Xix7v2
o7ojyFy4TZe9JiYmjRwUfE44WerlkgcD2XH82Pc0YjeJkbz1EFLzTck/omk3Vs0a
oWJDtV9Rmx8xrMcoGYpaHC+B7poXxiKARXDdXQGW3UmI8lyXz5rWmEzicww5cXNh
GFgim182G+WfZVFOR4antCuEGsCugSScs43Fps3rO894ohPH8iW59Zoes5FiWPXH
e+J4Kpen0a+o08V4wkKBf9ZPWzMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQqnW9h
SmKTyzSjuh0ZivLKA9u47TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDhlOWYzMTEtZWUzZi00YTcyLTk0Y2QtNGI0ZWVhZTczNmY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWw
MA0GCSqGSIb3DQEBCwUAA4IBAQB3Td1AKTBOL0/6U/Zv7ydBunitdnxQtxp26TSh
7oRA9/qA32EZzXecQiqTi2uTqfZv82sMU7Ls430fLw+XYe+6CW5M4pmBOuHUw4Dd
tyVaH4CjmctlTRwxOLbJHigw4R/o9wixYtXQjCqAA8aHp1gihJDGx37BSzcIZfdi
jAtcc4q6SMsj0EMfQIorwjgtR//XSLgHHIWfQohoF7SBE2xNpMwwRlwCUBz0mV/U
CjDWCG0PyK3rkggpx32bmekXbW7uEPwqQr/K+tglJjuXPVpHvWsto5CmXM72+wg1
ayt6+KM/l0VIxw5Vcp1sqk0QX8jOsFsQR63WvmX2ij1yZ8a7
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:24 2025 by rpki-client