Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
File: 90bd72ba-b30d-4433-a47e-e0543a4ea451.roa (raw, json)
Hash identifier: SvQ6UMjcDYC5vH/tetNZa8xdBLP0Zy0mIzpPuq+8CwE=
Subject key identifier: B2:0C:D7:68:09:99:C9:7B:33:77:56:86:04:2F:49:C8:84:7C:2A:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F191E6EDC94F6CA80461D3A31AFDDC4A5864982
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
Signing time: Fri 11 Jul 2025 20:11:44 +0000
ROA not before: Fri 11 Jul 2025 20:11:44 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:19:1e:6e:dc:94:f6:ca:80:46:1d:3a:31:af:dd:c4:a5:86:49:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:11:44 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=0f696b4d8e10adc2c6eb7818d73a72bcf046756fc3eef8bfa11533ebe04f23fe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:77:79:04:bf:0f:20:e7:3f:97:b3:3e:25:c9:
23:0a:a7:4b:59:70:01:8e:30:1c:c4:5d:3a:91:b1:
97:0c:9b:d6:8e:1e:a3:c2:86:2c:46:8b:57:f0:be:
5a:7f:db:13:7a:5a:7c:f6:4d:c2:03:bf:f2:94:39:
df:36:9c:ce:60:88:e8:e6:d5:8b:3b:a7:32:bc:6d:
a1:18:77:2f:19:f3:9b:e9:c5:46:a7:88:b0:f5:2f:
75:02:a5:b0:69:8e:38:d0:5c:0f:b0:23:82:1c:85:
7c:6b:e0:1c:3a:d7:9b:f9:ec:02:a3:27:7e:1f:f4:
3c:bd:aa:e9:5a:e8:df:ff:80:b3:5c:02:a4:75:15:
81:89:1a:d8:8a:80:f2:ff:9a:7a:43:30:dd:0f:9c:
fe:83:52:6f:b0:3e:ee:f4:0b:04:54:4d:7f:02:8f:
e4:0b:5d:db:9b:7e:27:9a:40:f0:c8:7b:6d:5f:d2:
e2:3e:dd:ce:0b:94:fe:42:48:6c:1a:b9:65:5d:eb:
48:d2:66:04:dd:6f:4d:3a:7d:c1:8a:e7:26:f6:c6:
b1:e7:30:6e:d7:66:ba:a2:f7:fb:61:0a:19:28:7c:
2d:d2:eb:93:51:11:49:42:9c:2a:2b:06:4e:07:1a:
5d:6e:8f:0b:03:f0:58:f8:85:a2:32:ee:d1:9a:60:
e3:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0C:D7:68:09:99:C9:7B:33:77:56:86:04:2F:49:C8:84:7C:2A:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:e000::/40
Signature Algorithm: sha256WithRSAEncryption
38:1d:28:6b:de:3c:40:13:8c:63:3e:95:31:68:93:39:e5:47:
a8:06:5e:9f:52:8a:c3:48:43:74:11:e3:75:5f:51:e2:5e:ad:
f6:6d:d0:b7:83:46:da:44:f5:22:81:64:87:3e:11:9e:fa:1e:
70:13:8e:0a:2c:01:9d:3a:ad:fc:9b:d6:b8:2f:ef:3d:2b:01:
e9:c1:17:22:98:62:d2:5d:62:6a:76:c3:8d:4c:b8:eb:69:41:
78:8d:67:ac:e1:21:5a:99:17:d6:62:f3:68:02:01:d8:79:c7:
2f:18:bb:6e:45:cf:17:ff:4d:99:ab:ff:f6:7d:cf:37:17:e4:
c3:ee:64:09:4e:1c:3b:3a:4c:b6:be:e2:33:28:94:31:90:c9:
51:0d:da:c1:57:dd:07:2f:2d:29:41:c1:7f:ce:13:5f:29:7e:
f0:66:2b:b5:b3:f0:fa:13:e0:fa:da:d9:5d:73:97:61:4a:fa:
e7:a4:1c:41:bb:1d:ae:bf:e3:64:25:42:c9:e7:be:c6:f9:01:
86:d7:c1:72:1c:f0:18:9e:28:10:92:94:b9:27:48:5d:c0:44:
d8:43:02:91:1c:92:02:8f:c7:44:3d:f8:9f:dd:4f:7d:17:aa:
cf:de:1a:81:ad:0c:2e:ff:17:4b:9e:83:40:a2:27:2c:b3:66:
94:a3:37:98
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDxkebtyU9sqARh06Ma/dxKWGSYIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDExNDRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmNjk2YjRkOGUxMGFkYzJjNmViNzgxOGQ3M2E3MmJjZjA0Njc1NmZjM2Vl
ZjhiZmExMTUzM2ViZTA0ZjIzZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKB3eQS/DyDnP5ezPiXJIwqnS1lwAY4wHMRdOpGxlwyb1o4eo8KGLEaLV/C+
Wn/bE3pafPZNwgO/8pQ53zaczmCI6ObVizunMrxtoRh3Lxnzm+nFRqeIsPUvdQKl
sGmOONBcD7AjghyFfGvgHDrXm/nsAqMnfh/0PL2q6Vro3/+As1wCpHUVgYka2IqA
8v+aekMw3Q+c/oNSb7A+7vQLBFRNfwKP5Atd25t+J5pA8Mh7bV/S4j7dzguU/kJI
bBq5ZV3rSNJmBN1vTTp9wYrnJvbGsecwbtdmuqL3+2EKGSh8LdLrk1ERSUKcKisG
TgcaXW6PCwPwWPiFojLu0Zpg478CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSyDNdo
CZnJezN3VoYEL0nIhHwqnDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTBiZDcyYmEtYjMwZC00NDMzLWE0N2UtZTA1NDNhNGVhNDUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DTg
MA0GCSqGSIb3DQEBCwUAA4IBAQA4HShr3jxAE4xjPpUxaJM55UeoBl6fUorDSEN0
EeN1X1HiXq32bdC3g0baRPUigWSHPhGe+h5wE44KLAGdOq38m9a4L+89KwHpwRci
mGLSXWJqdsONTLjraUF4jWes4SFamRfWYvNoAgHYeccvGLtuRc8X/02Zq//2fc83
F+TD7mQJThw7Oky2vuIzKJQxkMlRDdrBV90HLy0pQcF/zhNfKX7wZiu1s/D6E+D6
2tldc5dhSvrnpBxBux2uv+NkJULJ577G+QGG18FyHPAYnigQkpS5J0hdwETYQwKR
HJICj8dEPfif3U99F6rP3hqBrQwu/xdLnoNAoicss2aUozeY
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:07 2025 by rpki-client