Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
File: a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa (raw, json)
Hash identifier: QCGSsg3KbYlxrqj1mF8tfqTeeRVw/kJdEL8QO3/K4Bs=
Subject key identifier: 8C:AB:91:55:A2:DE:E1:27:AC:C8:6C:07:84:0E:2C:A5:5F:AE:1C:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E0AFD0C9510DEE69CB1A8DB36D3CE55B17767BA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
Signing time: Mon 28 Jul 2025 16:10:43 +0000
ROA not before: Mon 28 Jul 2025 16:10:43 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:0a:fd:0c:95:10:de:e6:9c:b1:a8:db:36:d3:ce:55:b1:77:67:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:43 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=ea5560b31bccdf3e6f2f02fa92bbc71faa0acc9a34cad05966c58aa278abca04, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:20:80:e4:2c:5b:a4:7a:6b:08:cc:f5:a2:67:
cd:bc:db:09:67:54:b4:4d:f0:74:1d:ce:58:22:c3:
c4:63:7b:28:41:56:ce:c4:7a:2f:92:9c:bf:8d:20:
69:d2:b1:6b:e5:9d:dc:31:01:5b:88:e4:86:a6:53:
d6:b8:b0:dc:e4:57:c1:a6:69:71:15:47:b0:28:68:
f0:7a:dd:88:ce:68:a3:0a:af:b2:14:ee:da:ab:58:
37:92:3e:49:d1:09:b5:13:4d:de:d5:dc:f0:d8:c6:
77:29:29:5c:cb:ed:fd:c8:91:c0:ef:96:79:79:5f:
80:5f:da:7d:0f:2b:5c:8d:91:92:16:6e:71:3d:27:
44:01:c8:1c:5e:68:d8:ae:16:77:67:6a:3a:6a:cf:
fb:e1:0e:61:79:64:ab:fa:b4:86:f6:46:3c:77:db:
0f:d7:9b:f6:f1:e4:5f:69:af:44:04:47:f9:99:d7:
73:8b:64:a3:2e:85:61:f9:1b:d2:70:26:a2:ed:88:
5e:8b:ac:4c:63:c1:ad:7b:c2:43:28:6c:6d:2a:38:
fc:1e:c5:f9:0d:b8:f2:09:ef:80:0c:85:b5:6c:87:
71:72:76:b9:9b:7d:82:e5:50:21:6b:50:d3:56:29:
62:8d:3a:15:b7:e8:e2:ab:7a:e5:59:59:95:09:8f:
dc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:AB:91:55:A2:DE:E1:27:AC:C8:6C:07:84:0E:2C:A5:5F:AE:1C:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:2000::/48
Signature Algorithm: sha256WithRSAEncryption
96:9b:d9:63:bc:6f:75:61:df:36:28:b2:f4:26:9c:6d:99:4e:
4d:31:f2:e5:9f:3a:ae:0b:28:24:58:ab:45:47:e6:c5:56:91:
96:26:ba:64:0c:d5:06:17:49:d2:bc:8d:71:f4:bc:2f:1f:82:
a9:59:cc:53:c8:7f:e5:de:6d:7e:3d:da:ee:ea:52:f1:22:ed:
b6:fa:e6:b9:46:1a:46:40:b3:65:f8:1b:5e:7f:31:94:75:6c:
49:9d:34:c9:72:f5:88:75:ce:60:42:3b:4b:0d:b4:10:c7:f3:
33:2c:9f:2f:ba:30:be:6d:5a:38:8e:4d:97:10:ac:b3:80:bd:
e4:23:f3:e0:a1:7f:a0:a4:44:f5:da:99:53:e1:dd:40:b8:40:
d2:d0:e6:c7:d4:c7:c1:73:6f:17:09:d3:b4:2e:0a:a2:c9:1a:
d1:b5:da:f4:59:ec:be:cc:bd:ee:2d:48:20:1a:98:d7:f9:5d:
d8:0e:93:5b:52:9b:b7:21:27:52:31:e5:7a:64:92:db:13:ef:
30:26:f5:9a:59:c7:37:4a:12:b1:63:4a:4b:35:0c:54:6d:2d:
1a:de:9c:00:2e:d8:eb:b7:16:0e:7c:90:c5:ad:4f:c7:e4:43:
d0:e8:1b:08:d9:73:53:ed:db:0e:d8:6e:a2:d3:96:e2:17:fc:
7f:9b:1c:12
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbgr9DJUQ3uacsajbNtPOVbF3Z7owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwNDNaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhNTU2MGIzMWJjY2RmM2U2ZjJmMDJmYTkyYmJjNzFmYWEwYWNjOWEzNGNh
ZDA1OTY2YzU4YWEyNzhhYmNhMDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkggOQsW6R6awjM9aJnzbzbCWdUtE3wdB3OWCLDxGN7KEFWzsR6L5Kcv40g
adKxa+Wd3DEBW4jkhqZT1riw3ORXwaZpcRVHsCho8HrdiM5oowqvshTu2qtYN5I+
SdEJtRNN3tXc8NjGdykpXMvt/ciRwO+WeXlfgF/afQ8rXI2RkhZucT0nRAHIHF5o
2K4Wd2dqOmrP++EOYXlkq/q0hvZGPHfbD9eb9vHkX2mvRARH+ZnXc4tkoy6FYfkb
0nAmou2IXousTGPBrXvCQyhsbSo4/B7F+Q248gnvgAyFtWyHcXJ2uZt9guVQIWtQ
01YpYo06Fbfo4qt65VlZlQmP3LcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSMq5FV
ot7hJ6zIbAeEDiylX64c5jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc5NzVhYmUtMGNkOC00NTkwLWI1OGItNzAzZmE1ZjRiZGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HYg
ADANBgkqhkiG9w0BAQsFAAOCAQEAlpvZY7xvdWHfNiiy9CacbZlOTTHy5Z86rgso
JFirRUfmxVaRlia6ZAzVBhdJ0ryNcfS8Lx+CqVnMU8h/5d5tfj3a7upS8SLttvrm
uUYaRkCzZfgbXn8xlHVsSZ00yXL1iHXOYEI7Sw20EMfzMyyfL7owvm1aOI5NlxCs
s4C95CPz4KF/oKRE9dqZU+HdQLhA0tDmx9THwXNvFwnTtC4Koska0bXa9Fnsvsy9
7i1IIBqY1/ld2A6TW1KbtyEnUjHlemSS2xPvMCb1mlnHN0oSsWNKSzUMVG0tGt6c
AC7Y67cWDnyQxa1Px+RD0OgbCNlzU+3bDthuotOW4hf8f5scEg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:47 2025 by rpki-client