Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/914a6acc-cb88-4da2-8443-fbaf927c9652.roa
File: 914a6acc-cb88-4da2-8443-fbaf927c9652.roa (raw, json)
Hash identifier: L1kkdIHE7ErlfJfeIzkRRMHRwTjkx/Ub0LhXtNal+zk=
Subject key identifier: C9:E3:9C:9D:4A:B7:CE:B9:D3:69:0F:CF:4A:02:CC:9F:B1:D2:AE:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 028C16762B7DAE0A372FC25F3B01C4061D8701D1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/914a6acc-cb88-4da2-8443-fbaf927c9652.roa
Signing time: Mon 21 Jul 2025 16:51:24 +0000
ROA not before: Mon 21 Jul 2025 16:51:24 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:8c:16:76:2b:7d:ae:0a:37:2f:c2:5f:3b:01:c4:06:1d:87:01:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:51:24 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=90911fae5503f9d0fa5e23bd0f79d4e7e7fa76a66148b6c35a2a68c1ad2348f5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fd:13:e6:bf:a4:28:2f:72:81:e1:7a:8e:05:
9b:7b:b8:40:f7:de:0f:2f:61:6c:37:43:08:33:9f:
97:89:01:d9:82:78:59:dc:21:6a:be:a0:d8:b6:43:
f8:7a:05:3d:ec:64:6c:ca:52:8a:32:6e:a7:88:5a:
4f:94:71:65:29:04:b6:4f:e7:e7:da:fe:10:e2:c8:
e8:b5:fc:0a:7b:f5:3b:3d:d1:7e:f1:4e:30:23:0d:
14:1d:de:72:ec:a9:e7:be:78:3f:1d:07:7d:b6:6c:
6e:9d:48:ae:39:1a:d8:4e:ce:3b:d9:07:ff:da:31:
2c:3a:79:52:51:06:83:30:2d:f5:06:96:42:2a:39:
67:fa:dd:0c:e6:86:99:d8:50:be:6d:bb:18:82:bd:
0e:ce:cc:72:e7:c7:9d:57:e6:1d:1a:55:1b:5b:34:
7d:b4:e4:a9:28:45:e7:df:1c:dd:f8:78:26:fc:65:
c7:05:81:dd:7b:30:55:8d:03:79:ff:5f:60:e6:ae:
57:0b:36:b0:91:d8:84:87:16:81:ee:b3:d7:a5:f4:
1a:09:6f:2d:54:34:e2:80:d3:d3:87:e2:62:0c:6f:
a7:bf:b3:23:d6:af:15:53:32:d8:1b:cd:9d:0f:13:
b5:0e:1c:c4:b1:36:ad:41:0c:0b:8b:60:32:a1:dd:
27:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E3:9C:9D:4A:B7:CE:B9:D3:69:0F:CF:4A:02:CC:9F:B1:D2:AE:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/914a6acc-cb88-4da2-8443-fbaf927c9652.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:9000::/40
Signature Algorithm: sha256WithRSAEncryption
73:ad:cc:b2:e8:12:58:4b:9e:12:3f:20:95:b3:e8:42:7b:f5:
c8:2e:a7:fd:cd:0c:1f:b5:75:d2:fb:f5:bc:8d:5c:93:71:18:
97:2c:6d:63:ae:91:21:87:ae:06:76:3a:8b:51:49:81:85:54:
c1:9b:99:a3:67:51:97:4e:cb:90:59:fd:d1:ef:04:ad:11:21:
e5:47:13:32:06:87:e3:6b:fa:f9:2e:70:e3:38:8b:06:18:a2:
eb:1d:26:9e:c9:a5:01:f5:3c:b5:69:71:e8:81:5c:22:98:ae:
b5:0e:09:24:ef:ce:ef:c0:bf:f7:9e:ad:d6:49:23:cb:c7:18:
06:05:64:ba:fd:d6:d7:62:3c:4f:c7:e1:84:1e:e3:ab:1b:28:
27:31:dc:79:c8:f9:1e:fd:42:dd:ff:62:d5:76:c0:a6:be:55:
fe:5f:ec:3f:66:52:4d:ee:fd:74:64:4f:8b:14:ce:ce:cd:d7:
d8:c0:e0:00:6a:4f:b8:69:12:14:50:16:e5:e2:5a:94:d6:05:
29:af:44:8d:30:b2:e0:db:e3:71:3f:d4:75:98:d2:a3:74:2f:
a1:af:93:5b:64:6d:1d:0d:c3:d8:36:09:09:9a:3a:e9:a9:a5:
cc:e5:9a:5f:27:06:d9:6f:4e:dd:da:f2:51:c4:59:99:cf:0a:
bb:22:bc:34
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAowWdit9rgo3L8JfOwHEBh2HAdEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjUxMjRaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwOTExZmFlNTUwM2Y5ZDBmYTVlMjNiZDBmNzlkNGU3ZTdmYTc2YTY2MTQ4
YjZjMzVhMmE2OGMxYWQyMzQ4ZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJz9E+a/pCgvcoHheo4Fm3u4QPfeDy9hbDdDCDOfl4kB2YJ4Wdwhar6g2LZD
+HoFPexkbMpSijJup4haT5RxZSkEtk/n59r+EOLI6LX8Cnv1Oz3RfvFOMCMNFB3e
cuyp5754Px0HfbZsbp1Irjka2E7OO9kH/9oxLDp5UlEGgzAt9QaWQio5Z/rdDOaG
mdhQvm27GIK9Ds7McufHnVfmHRpVG1s0fbTkqShF598c3fh4JvxlxwWB3XswVY0D
ef9fYOauVws2sJHYhIcWge6z16X0GglvLVQ04oDT04fiYgxvp7+zI9avFVMy2BvN
nQ8TtQ4cxLE2rUEMC4tgMqHdJ1kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTJ45yd
SrfOudNpD89KAsyfsdKuZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTE0YTZhY2MtY2I4OC00ZGEyLTg0NDMtZmJhZjkyN2M5NjUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HOQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBzrcyy6BJYS54SPyCVs+hCe/XILqf9zQwftXXS
+/W8jVyTcRiXLG1jrpEhh64GdjqLUUmBhVTBm5mjZ1GXTsuQWf3R7wStESHlRxMy
Bofja/r5LnDjOIsGGKLrHSaeyaUB9Ty1aXHogVwimK61Dgkk787vwL/3nq3WSSPL
xxgGBWS6/dbXYjxPx+GEHuOrGygnMdx5yPke/ULd/2LVdsCmvlX+X+w/ZlJN7v10
ZE+LFM7OzdfYwOAAak+4aRIUUBbl4lqU1gUpr0SNMLLg2+NxP9R1mNKjdC+hr5Nb
ZG0dDcPYNgkJmjrpqaXM5ZpfJwbZb07d2vJRxFmZzwq7Irw0
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:17:57 2025 by rpki-client