Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9843a73f-18f2-433e-b871-f493b0645337.roa
File: 9843a73f-18f2-433e-b871-f493b0645337.roa (raw, json)
Hash identifier: ieEicQtV42XKQW/zh/jQDWAmvU59hjZYs+RFqJfslQg=
Subject key identifier: B5:48:0F:09:AB:7D:53:32:4F:6D:DA:08:B5:2D:20:98:76:E0:5C:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E645E098941FF862934658DB753FB413A0F531E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9843a73f-18f2-433e-b871-f493b0645337.roa
Signing time: Fri 01 Aug 2025 17:20:07 +0000
ROA not before: Fri 01 Aug 2025 17:20:07 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:64:5e:09:89:41:ff:86:29:34:65:8d:b7:53:fb:41:3a:0f:53:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:20:07 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=4843a45ab316ed740f616bf7a4e06733bdabf313951388288322d2298bd88f8e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ac:ff:26:1f:f6:76:71:e9:ec:d9:29:b8:40:
87:04:69:33:a4:63:8c:35:9b:a7:86:74:f3:80:e4:
14:51:27:2c:37:6f:1b:6f:9e:89:07:2c:18:c2:d7:
d5:88:db:49:91:50:70:e7:84:2b:b2:32:af:10:e6:
3f:0e:84:8a:ea:29:ec:45:5e:f0:af:0f:2f:1b:ae:
d3:31:9a:33:33:d3:2e:04:89:d1:c0:a7:ea:a7:05:
2f:93:4c:2c:17:68:49:34:d8:23:84:02:2d:2e:78:
4d:9a:92:00:17:da:03:73:9f:d0:6a:da:41:2b:12:
28:97:e9:1e:14:d1:3d:15:31:2a:29:29:45:29:5f:
d4:51:7b:e5:48:be:dd:af:09:58:db:90:96:82:5b:
5c:7b:dd:64:d9:08:95:e5:e9:29:84:30:a6:50:00:
d7:67:b0:d9:97:fa:31:cd:86:a7:3a:23:4c:f0:ea:
78:59:f0:da:1b:4f:f3:cb:e6:b0:5a:b0:46:cf:85:
ce:04:3a:ae:30:65:85:43:c2:f4:8b:db:b5:00:42:
b8:f0:2e:2f:3e:ac:4d:0d:81:ba:3c:f8:86:f1:e1:
3b:86:be:59:35:dc:a5:18:ac:ca:15:81:1c:a1:0e:
80:8c:96:eb:12:16:cf:2a:01:50:fd:62:54:ea:d4:
c4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:48:0F:09:AB:7D:53:32:4F:6D:DA:08:B5:2D:20:98:76:E0:5C:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9843a73f-18f2-433e-b871-f493b0645337.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:800::/40
Signature Algorithm: sha256WithRSAEncryption
16:2b:6d:6b:cb:54:8d:fc:35:e4:c0:29:5e:b2:bd:ee:f2:29:
85:42:07:7d:ae:ff:de:de:08:b0:7d:3d:52:b5:ec:41:41:40:
b3:d8:82:f6:09:d7:e3:92:a5:c0:97:76:fb:b7:2d:20:be:f7:
4a:f9:70:f5:86:f3:a9:a2:dc:c5:f1:96:76:d8:3e:fa:2e:36:
d0:b4:be:cf:0e:14:09:4a:b9:82:49:f4:12:57:d6:56:0d:b0:
f4:f9:6c:19:cc:01:d1:c2:a8:25:ff:af:de:23:8f:b9:db:30:
39:f9:51:46:6f:03:4a:a0:62:9e:fd:ea:0c:aa:db:b2:d7:1c:
92:3b:c3:1c:92:89:6d:97:1f:60:68:d8:cc:4f:42:87:03:a5:
c7:2e:fe:e0:3b:b6:a6:23:64:e4:45:9d:d2:cb:e5:ea:56:22:
6d:8b:c6:06:df:14:b3:d1:a4:72:9e:d9:01:4c:58:c2:9c:14:
6e:78:de:ee:56:1a:e0:8f:a7:e2:01:21:7c:f0:99:6d:a8:67:
54:45:7a:cf:bb:a6:ad:d7:9d:70:1c:3d:69:bc:7b:8c:13:72:
c2:cd:89:cb:8d:62:cc:ba:8b:50:76:00:60:9b:ab:fb:fa:78:
fe:e4:81:e4:6e:d9:3c:67:78:da:ff:95:d7:fe:ed:21:84:96:
e7:5e:9e:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbmReCYlB/4YpNGWNt1P7QToPUx4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzIwMDdaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4NDNhNDVhYjMxNmVkNzQwZjYxNmJmN2E0ZTA2NzMzYmRhYmYzMTM5NTEz
ODgyODgzMjJkMjI5OGJkODhmOGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGs/yYf9nZx6ezZKbhAhwRpM6RjjDWbp4Z084DkFFEnLDdvG2+eiQcsGMLX
1YjbSZFQcOeEK7IyrxDmPw6Eiuop7EVe8K8PLxuu0zGaMzPTLgSJ0cCn6qcFL5NM
LBdoSTTYI4QCLS54TZqSABfaA3Of0GraQSsSKJfpHhTRPRUxKikpRSlf1FF75Ui+
3a8JWNuQloJbXHvdZNkIleXpKYQwplAA12ew2Zf6Mc2GpzojTPDqeFnw2htP88vm
sFqwRs+FzgQ6rjBlhUPC9IvbtQBCuPAuLz6sTQ2Bujz4hvHhO4a+WTXcpRisyhWB
HKEOgIyW6xIWzyoBUP1iVOrUxN8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS1SA8J
q31TMk9t2gi1LSCYduBcXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTg0M2E3M2YtMThmMi00MzNlLWI4NzEtZjQ5M2IwNjQ1MzM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DoI
MA0GCSqGSIb3DQEBCwUAA4IBAQAWK21ry1SN/DXkwClesr3u8imFQgd9rv/e3giw
fT1StexBQUCz2IL2CdfjkqXAl3b7ty0gvvdK+XD1hvOpotzF8ZZ22D76LjbQtL7P
DhQJSrmCSfQSV9ZWDbD0+WwZzAHRwqgl/6/eI4+52zA5+VFGbwNKoGKe/eoMqtuy
1xySO8Mckoltlx9gaNjMT0KHA6XHLv7gO7amI2TkRZ3Sy+XqViJti8YG3xSz0aRy
ntkBTFjCnBRueN7uVhrgj6fiASF88JltqGdURXrPu6at151wHD1pvHuME3LCzYnL
jWLMuotQdgBgm6v7+nj+5IHkbtk8Z3ja/5XX/u0hhJbnXp5Z
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:49 2025 by rpki-client