Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21442095-1d11-4516-867c-53ad149e6c07.roa
File: 21442095-1d11-4516-867c-53ad149e6c07.roa (raw, json)
Hash identifier: TpbsojLo1i7OAEnsze/kDYo+l60zebvQ3vN6nspu3dk=
Subject key identifier: 46:20:DD:D0:E3:9C:D1:9A:7D:73:A2:38:A0:BF:41:1B:4C:BB:07:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69F9026D98DA8FF6D5B919E8468E02E177FECE6D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21442095-1d11-4516-867c-53ad149e6c07.roa
Signing time: Wed 30 Jul 2025 20:07:17 +0000
ROA not before: Wed 30 Jul 2025 20:07:17 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:f9:02:6d:98:da:8f:f6:d5:b9:19:e8:46:8e:02:e1:77:fe:ce:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:07:17 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=d8e6c578e216f9d7ab7eb947f56febfdcf4fcf50c4da640faf4ef7f588d003fa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a2:dc:40:f0:dd:15:b4:c5:ae:54:20:ed:80:
96:ff:a2:e5:68:34:8a:a6:a2:e0:ee:62:e9:c4:6d:
fb:c6:92:6e:bd:39:04:aa:cd:f3:2b:a4:0a:f9:af:
dd:16:cc:1c:6e:e2:d6:1c:24:ce:d2:d8:9b:4f:22:
d1:7a:08:32:0b:01:7e:db:ca:7d:df:7f:79:73:44:
13:6b:d3:99:f4:55:80:e9:d9:72:93:3f:d6:1c:c7:
39:47:09:7e:89:c5:39:8d:96:f2:4d:5a:bd:6d:52:
c0:01:c7:1b:a4:7b:da:8e:1f:63:f0:61:c4:0f:fb:
1f:5f:e5:1e:d2:08:6c:d0:a0:56:58:c1:8d:7d:7c:
3f:7d:d6:3f:dd:b8:70:2a:de:31:45:67:f3:b0:c6:
80:a4:12:1b:d6:0a:a1:e3:98:44:f5:38:56:71:93:
e2:e1:6f:e9:71:75:68:24:6a:25:8d:b5:2a:fe:51:
76:1d:36:a1:6a:dd:bf:5f:44:c4:ef:65:d8:a4:60:
a2:86:50:1d:7c:9b:f5:64:6d:35:cd:63:9c:15:78:
18:ad:7f:50:bb:41:a5:00:9c:c6:ec:e0:91:19:8a:
16:aa:a4:41:e7:1e:42:c7:08:42:6e:f3:00:9c:48:
04:8a:ae:00:ee:87:cd:3c:7a:88:57:02:09:31:ef:
21:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:20:DD:D0:E3:9C:D1:9A:7D:73:A2:38:A0:BF:41:1B:4C:BB:07:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21442095-1d11-4516-867c-53ad149e6c07.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:800::/40
Signature Algorithm: sha256WithRSAEncryption
92:9a:6d:a8:d9:c3:12:66:85:74:dd:0e:c6:a8:10:a0:c7:5f:
22:f6:8d:3b:2c:ac:38:bf:45:fc:e5:26:16:52:0a:6f:6e:51:
21:c5:3c:af:cd:74:da:22:e6:e1:2d:78:d0:fc:c0:a2:c7:c5:
3b:70:9d:53:3e:ec:f3:4a:00:cc:39:77:fe:d2:db:81:60:22:
19:e4:6f:5d:e1:18:c5:bb:08:4d:4c:a9:ba:c3:9e:17:6f:18:
d6:8f:7a:15:e0:c2:aa:55:72:78:91:df:3b:24:2d:87:37:b8:
7e:af:ff:4b:76:52:da:59:60:0a:9d:87:de:41:f9:d1:2f:bd:
2f:28:0c:a5:43:ae:20:12:34:60:22:fc:bd:52:74:fa:b5:11:
8f:c4:14:bc:d1:c5:de:27:1e:41:20:7c:42:28:13:72:d7:28:
ec:ce:73:95:79:c7:27:80:88:6e:03:0a:95:4e:13:f5:bf:85:
62:9b:57:2a:00:f0:25:4b:06:d6:80:86:d1:38:48:22:ec:98:
59:34:40:fa:bd:97:39:84:12:65:f4:d4:d9:38:eb:92:7a:d3:
ba:12:2b:50:84:e2:3e:bc:11:c7:c6:48:c6:c3:62:9a:eb:92:
b2:01:47:6f:fd:fc:ed:d5:49:0b:d4:86:bd:dc:75:37:b8:19:
00:b2:51:21
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUafkCbZjaj/bVuRnoRo4C4Xf+zm0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MzAyMDA3MTdaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4ZTZjNTc4ZTIxNmY5ZDdhYjdlYjk0N2Y1NmZlYmZkY2Y0ZmNmNTBjNGRh
NjQwZmFmNGVmN2Y1ODhkMDAzZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyi3EDw3RW0xa5UIO2Alv+i5Wg0iqai4O5i6cRt+8aSbr05BKrN8yukCvmv
3RbMHG7i1hwkztLYm08i0XoIMgsBftvKfd9/eXNEE2vTmfRVgOnZcpM/1hzHOUcJ
fonFOY2W8k1avW1SwAHHG6R72o4fY/BhxA/7H1/lHtIIbNCgVljBjX18P33WP924
cCreMUVn87DGgKQSG9YKoeOYRPU4VnGT4uFv6XF1aCRqJY21Kv5Rdh02oWrdv19E
xO9l2KRgooZQHXyb9WRtNc1jnBV4GK1/ULtBpQCcxuzgkRmKFqqkQeceQscIQm7z
AJxIBIquAO6HzTx6iFcCCTHvITcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRGIN3Q
45zRmn1zojigv0EbTLsHxzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjE0NDIwOTUtMWQxMS00NTE2LTg2N2MtNTNhZDE0OWU2YzA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DUI
MA0GCSqGSIb3DQEBCwUAA4IBAQCSmm2o2cMSZoV03Q7GqBCgx18i9o07LKw4v0X8
5SYWUgpvblEhxTyvzXTaIubhLXjQ/MCix8U7cJ1TPuzzSgDMOXf+0tuBYCIZ5G9d
4RjFuwhNTKm6w54XbxjWj3oV4MKqVXJ4kd87JC2HN7h+r/9LdlLaWWAKnYfeQfnR
L70vKAylQ64gEjRgIvy9UnT6tRGPxBS80cXeJx5BIHxCKBNy1yjsznOVeccngIhu
AwqVThP1v4Vim1cqAPAlSwbWgIbROEgi7JhZNED6vZc5hBJl9NTZOOuSetO6EitQ
hOI+vBHHxkjGw2Ka65KyAUdv/fzt1UkL1Ia93HU3uBkAslEh
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:50 2025 by rpki-client