Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa
File: 88e98e26-39c9-4a1c-82e8-cc63267ca942.roa (raw, json)
Hash identifier: SNydU7xrHC6D0PsIt7qW685JWhHfmdgQD77UxyXSNjk=
Subject key identifier: 95:4C:1D:D9:11:81:36:02:61:1C:6C:C6:92:43:B2:D7:54:C3:BA:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 781FE41FBA3ECE2E51ECDB6FB159223F41719AA6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa
Signing time: Mon 21 Jul 2025 16:40:12 +0000
ROA not before: Mon 21 Jul 2025 16:40:12 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:8020::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:1f:e4:1f:ba:3e:ce:2e:51:ec:db:6f:b1:59:22:3f:41:71:9a:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:40:12 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=0e4bc1538f323c0972436563b394d925f32b395ba096eefd83b4aed0fdb49f58, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:03:ed:c3:e1:6d:ec:1c:fd:94:fc:a4:e5:42:
ce:fa:76:e4:04:b8:3d:8f:63:ce:a1:0b:d9:92:5a:
24:58:f6:0b:30:81:88:7a:22:5c:e3:17:59:89:28:
0a:7b:a7:33:eb:7e:66:f1:bf:51:54:94:45:e3:2e:
e7:dd:f6:6f:7e:a6:37:1a:da:8c:79:8b:ab:c8:b9:
6b:3b:c9:c6:66:e8:55:17:f4:80:c0:2e:83:61:b1:
e3:35:66:b8:83:22:2d:0b:b0:e8:9a:ea:af:e1:f8:
8f:24:48:69:8b:5d:c7:12:9a:75:9e:87:e2:79:e7:
d8:5f:d3:fa:bc:a0:2e:d0:25:81:7e:a1:ae:ce:a8:
b6:9d:a6:57:81:8d:35:f8:23:d2:5d:46:d4:3f:10:
3a:b3:61:16:f3:b1:a6:b8:c2:8e:99:b8:ad:78:19:
c1:6d:44:6d:25:97:72:3d:da:eb:ad:bd:77:d8:1e:
d4:bd:b9:32:37:1e:3d:e6:9d:a3:de:c8:ce:9b:28:
ce:68:84:bc:ae:1a:f4:b0:dd:8e:89:34:1e:5a:6b:
a8:99:95:58:a0:64:22:f3:e8:cb:15:50:b6:0d:ab:
f6:fc:85:1f:37:49:ab:61:75:36:5c:59:e6:33:43:
23:39:71:f4:a7:36:df:4f:2b:c3:ff:85:54:52:92:
f4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4C:1D:D9:11:81:36:02:61:1C:6C:C6:92:43:B2:D7:54:C3:BA:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88e98e26-39c9-4a1c-82e8-cc63267ca942.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:8020::/46
Signature Algorithm: sha256WithRSAEncryption
69:f8:15:3a:2d:ea:56:f1:54:6c:ae:02:7c:f5:f3:b6:d2:29:
0a:85:a3:ff:34:75:0a:0f:3a:9a:60:d4:1a:ab:99:50:a1:aa:
26:aa:82:5a:02:e5:96:93:e8:48:04:9e:45:aa:16:4f:30:8b:
52:93:24:e4:f1:5a:25:d1:f7:2d:6a:d1:b9:b8:ac:e0:0d:c0:
08:e6:3a:53:ad:4e:69:de:20:7e:14:70:96:cb:f5:1e:c6:b4:
c3:d5:1f:2f:fd:3e:d9:32:d2:95:e3:fa:51:96:31:6b:ba:56:
84:5a:e5:76:b9:c9:63:e1:a6:e3:ce:6c:52:1a:82:fd:89:54:
51:3d:e4:86:b9:2a:67:c4:70:07:05:a3:a5:5f:1b:fd:54:cd:
9b:f4:7a:33:49:a4:42:80:93:03:7b:05:4c:b0:dd:07:37:34:
4a:4b:4e:5f:dd:cd:39:04:3e:fc:77:9e:99:8c:da:d5:75:2c:
ae:ef:90:a9:3d:be:e3:1d:de:e2:77:60:2f:b1:e2:ae:72:3e:
eb:c6:ac:0b:a3:98:67:41:0c:9c:1d:91:b6:a5:b8:4a:dc:7a:
97:43:53:09:66:dc:0e:78:9c:a9:61:81:7f:52:21:38:d3:b1:
05:9f:b2:3e:c3:e0:40:33:e9:b8:26:10:91:29:1c:aa:05:6f:
1d:3e:22:c0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeB/kH7o+zi5R7NtvsVkiP0FxmqYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjQwMTJaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlNGJjMTUzOGYzMjNjMDk3MjQzNjU2M2IzOTRkOTI1ZjMyYjM5NWJhMDk2
ZWVmZDgzYjRhZWQwZmRiNDlmNTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIUD7cPhbewc/ZT8pOVCzvp25AS4PY9jzqEL2ZJaJFj2CzCBiHoiXOMXWYko
CnunM+t+ZvG/UVSUReMu5932b36mNxrajHmLq8i5azvJxmboVRf0gMAug2Gx4zVm
uIMiLQuw6Jrqr+H4jyRIaYtdxxKadZ6H4nnn2F/T+rygLtAlgX6hrs6otp2mV4GN
Nfgj0l1G1D8QOrNhFvOxprjCjpm4rXgZwW1EbSWXcj3a6629d9ge1L25MjcePead
o97IzpsozmiEvK4a9LDdjok0HlprqJmVWKBkIvPoyxVQtg2r9vyFHzdJq2F1NlxZ
5jNDIzlx9Kc2308rw/+FVFKS9MECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSVTB3Z
EYE2AmEcbMaSQ7LXVMO6ZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODhlOThlMjYtMzljOS00YTFjLTgyZTgtY2M2MzI2N2NhOTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOA
IDANBgkqhkiG9w0BAQsFAAOCAQEAafgVOi3qVvFUbK4CfPXzttIpCoWj/zR1Cg86
mmDUGquZUKGqJqqCWgLllpPoSASeRaoWTzCLUpMk5PFaJdH3LWrRubis4A3ACOY6
U61Oad4gfhRwlsv1Hsa0w9UfL/0+2TLSleP6UZYxa7pWhFrldrnJY+Gm485sUhqC
/YlUUT3khrkqZ8RwBwWjpV8b/VTNm/R6M0mkQoCTA3sFTLDdBzc0SktOX93NOQQ+
/HeemYza1XUsru+QqT2+4x3e4ndgL7HirnI+68asC6OYZ0EMnB2RtqW4Stx6l0NT
CWbcDnicqWGBf1IhONOxBZ+yPsPgQDPpuCYQkSkcqgVvHT4iwA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:22 2025 by rpki-client