Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83b951c2-f827-4554-9466-de8fd6e7ecec.roa
File: 83b951c2-f827-4554-9466-de8fd6e7ecec.roa (raw, json)
Hash identifier: cbKN4m4T341vPhT8uTaVx6iie9v1t9rERYZTZ2hEGLs=
Subject key identifier: 14:4F:C2:96:18:7F:48:E1:25:D1:4C:B0:F8:9B:01:1C:2F:C3:7C:F1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C01DB12304C72CE612FCA2105D91695DD5D5F80
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83b951c2-f827-4554-9466-de8fd6e7ecec.roa
Signing time: Fri 25 Jul 2025 16:50:17 +0000
ROA not before: Fri 25 Jul 2025 16:50:17 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:01:db:12:30:4c:72:ce:61:2f:ca:21:05:d9:16:95:dd:5d:5f:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:50:17 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=385306a35e1fdb21f8203ddd06050251fe202b8aeb412de166f2777a46add837, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:42:69:ca:01:ab:d2:c2:a6:14:8b:8a:15:6d:
a8:cf:1b:87:e5:17:85:50:40:f0:7e:6a:93:14:98:
bd:c8:59:9a:0d:0f:aa:4a:6f:a5:79:54:6b:9c:19:
d0:88:20:36:91:33:a6:a8:7a:56:b9:11:1e:78:c9:
59:3a:42:9f:e5:bc:28:e6:dd:9b:40:2d:89:d3:14:
28:17:a5:f3:c2:b6:99:cc:93:d4:31:02:1f:50:fd:
a1:9e:51:7c:66:1d:23:cf:06:29:0f:b9:f7:d1:5b:
e1:76:71:d8:30:62:b0:42:58:8e:bf:80:8e:ff:67:
aa:a4:0c:da:b1:1a:f8:6d:e1:d8:cd:42:0f:47:86:
c1:a7:d1:45:d3:2c:2e:c8:16:8b:0f:58:57:e0:62:
92:d7:0d:43:b8:97:4d:f1:da:76:57:70:c5:47:d5:
49:49:60:e3:98:cf:24:75:35:6a:a5:32:2b:35:71:
bf:95:be:31:9b:af:eb:46:48:d6:12:6d:02:e4:c8:
77:1e:8a:da:02:6a:d2:d6:8e:f8:35:86:ce:75:4e:
0f:3e:6d:bc:50:67:db:3c:53:d6:51:b2:f2:7f:14:
d7:31:57:ca:2b:d2:57:f3:65:1d:3b:c8:dc:e9:78:
2c:4e:6f:64:dc:96:82:9b:d7:f4:b7:d3:bd:72:8a:
d5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:4F:C2:96:18:7F:48:E1:25:D1:4C:B0:F8:9B:01:1C:2F:C3:7C:F1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83b951c2-f827-4554-9466-de8fd6e7ecec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:9000::/40
Signature Algorithm: sha256WithRSAEncryption
79:25:d7:c0:79:a6:80:d8:7f:30:be:ba:57:da:82:ca:a3:27:
9e:b6:73:64:7b:a6:8c:5a:40:b2:62:2a:cb:7e:b6:5e:45:f2:
32:f9:66:f8:08:76:b9:12:7f:9b:ab:53:62:8a:13:a6:0e:f1:
de:14:02:09:ba:29:c0:11:eb:34:ae:6b:47:94:e0:27:f6:c8:
e6:8f:3a:a2:72:08:15:16:b4:bc:b8:27:33:fd:f9:82:0d:7f:
e7:f8:66:64:2f:0a:74:24:c5:b9:a0:fe:c4:bc:8f:ca:cb:c4:
c6:b0:61:b0:30:d3:c2:84:35:d0:31:b3:25:7c:50:cd:01:63:
45:ef:8c:b4:83:e4:26:26:bd:5f:fa:8b:5a:f9:de:57:c4:ee:
fd:2b:5b:f6:70:b2:a4:5b:2c:3f:c2:9d:c8:92:2d:b0:f0:e4:
03:95:5c:e3:11:44:3f:18:e0:60:98:27:ba:cf:57:2f:39:e9:
e3:00:95:2b:04:76:fd:9b:75:ff:a8:b4:84:19:19:99:6e:ba:
84:89:53:28:04:08:0f:95:93:a0:bf:70:2d:f4:90:d7:fd:24:
02:34:d9:21:eb:ca:fb:cc:b4:5d:74:e3:ed:a1:6c:1b:e3:be:
db:7d:56:dd:87:a2:cd:44:2f:da:9a:4d:8e:31:36:49:53:2b:
9e:6a:8d:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbAHbEjBMcs5hL8ohBdkWld1dX4AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUwMTdaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4NTMwNmEzNWUxZmRiMjFmODIwM2RkZDA2MDUwMjUxZmUyMDJiOGFlYjQx
MmRlMTY2ZjI3NzdhNDZhZGQ4MzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZCacoBq9LCphSLihVtqM8bh+UXhVBA8H5qkxSYvchZmg0PqkpvpXlUa5wZ
0IggNpEzpqh6VrkRHnjJWTpCn+W8KObdm0AtidMUKBel88K2mcyT1DECH1D9oZ5R
fGYdI88GKQ+599Fb4XZx2DBisEJYjr+Ajv9nqqQM2rEa+G3h2M1CD0eGwafRRdMs
LsgWiw9YV+BiktcNQ7iXTfHadldwxUfVSUlg45jPJHU1aqUyKzVxv5W+MZuv60ZI
1hJtAuTIdx6K2gJq0taO+DWGznVODz5tvFBn2zxT1lGy8n8U1zFXyivSV/NlHTvI
3Ol4LE5vZNyWgpvX9LfTvXKK1akCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQUT8KW
GH9I4SXRTLD4mwEcL8N88TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODNiOTUxYzItZjgyNy00NTU0LTk0NjYtZGU4ZmQ2ZTdlY2VjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB5JdfAeaaA2H8wvrpX2oLKoyeetnNke6aMWkCy
YirLfrZeRfIy+Wb4CHa5En+bq1NiihOmDvHeFAIJuinAEes0rmtHlOAn9sjmjzqi
cggVFrS8uCcz/fmCDX/n+GZkLwp0JMW5oP7EvI/Ky8TGsGGwMNPChDXQMbMlfFDN
AWNF74y0g+QmJr1f+ota+d5XxO79K1v2cLKkWyw/wp3Iki2w8OQDlVzjEUQ/GOBg
mCe6z1cvOenjAJUrBHb9m3X/qLSEGRmZbrqEiVMoBAgPlZOgv3At9JDX/SQCNNkh
68r7zLRddOPtoWwb477bfVbdh6LNRC/amk2OMTZJUyueao2s
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:42 2025 by rpki-client