Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9351f0f-1de7-4e75-9502-939a8ea72ee5.roa
File: a9351f0f-1de7-4e75-9502-939a8ea72ee5.roa (raw, json)
Hash identifier: hkMTtUcl6sQqOas0SrLuYjiNwUIPS9uZeJgbGCgEhOc=
Subject key identifier: DD:DE:29:D8:A2:34:13:3D:E4:14:6E:7E:F2:C6:EA:2E:99:B4:46:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2E684F69C8504DB647A4DCC7673E8FA955559A58
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9351f0f-1de7-4e75-9502-939a8ea72ee5.roa
Signing time: Fri 25 Jul 2025 16:50:47 +0000
ROA not before: Fri 25 Jul 2025 16:50:47 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:68:4f:69:c8:50:4d:b6:47:a4:dc:c7:67:3e:8f:a9:55:55:9a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:50:47 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=38ae61e25ed028c1ffa417219f7aeafbb649fc1b86e9d31758fc9f651775df9b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fd:e9:82:6c:c5:5b:f3:82:10:22:70:95:8b:
50:31:2d:2a:a1:6d:d5:67:3f:fd:3d:c7:af:f0:0c:
fd:96:89:42:c4:f9:28:b0:91:f4:62:ba:81:f0:3a:
bc:6f:7f:f0:47:e8:11:c6:59:11:3e:05:96:79:52:
73:b1:a5:b1:1e:78:26:28:88:cd:fd:a0:68:f6:80:
33:e0:0b:60:ec:cc:e3:fa:30:81:53:3b:d9:3f:e6:
03:f0:75:70:73:1b:4f:90:2f:14:28:15:71:d3:0d:
08:3a:d9:0f:10:5c:02:30:bd:2e:29:9b:c8:0e:dc:
da:f4:bc:7c:e2:03:f9:19:df:ad:16:fd:fc:b4:ae:
54:fa:72:fa:d6:e6:dd:a0:c3:5f:1c:41:e9:09:7f:
26:7a:1f:85:11:21:ca:19:87:77:f4:d7:ab:fa:e8:
de:e4:d8:6e:f1:40:49:65:17:5e:c8:76:4c:18:f5:
e0:2d:ed:e8:8e:70:8f:1a:1c:65:66:8a:40:9f:5b:
68:a4:9f:ac:ae:8f:b7:3b:12:4a:e3:9d:66:14:89:
22:d5:d3:42:c6:70:8a:54:66:41:67:29:2d:f2:79:
c6:65:fe:86:11:8e:cd:b2:21:03:2a:15:d6:c1:f6:
bd:80:c3:54:0f:0a:7d:38:ea:a5:db:7d:ff:13:a6:
00:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:DE:29:D8:A2:34:13:3D:E4:14:6E:7E:F2:C6:EA:2E:99:B4:46:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9351f0f-1de7-4e75-9502-939a8ea72ee5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e::/32
Signature Algorithm: sha256WithRSAEncryption
52:11:c5:1f:0a:72:5b:be:6a:18:97:b2:d4:74:51:b7:9a:28:
f9:ef:1e:4e:ea:7f:95:03:ca:f1:e6:d2:33:62:da:dd:29:cc:
0b:38:6c:7f:e5:b8:b1:ef:50:7f:26:47:b7:ef:44:51:b1:21:
42:89:8d:d8:93:f9:5b:15:d7:47:98:e2:07:16:53:7f:a3:49:
e2:3c:f0:e1:4d:f1:ae:0b:99:6a:df:99:46:b3:17:2f:55:90:
4e:48:31:9b:0f:b7:8e:77:be:51:c7:50:4a:f6:eb:8d:04:88:
38:23:69:c5:f9:ce:28:2b:c6:ba:ee:39:27:06:6b:1c:14:fc:
26:ce:c6:58:d0:a7:89:73:fd:75:4b:93:b3:af:1b:76:51:dd:
a9:54:3f:c8:f8:53:d0:b9:10:e0:83:08:f5:b8:82:2c:af:4a:
88:f2:9c:78:27:88:6b:33:3a:d0:0d:e1:0f:9b:d2:28:32:9c:
0f:b0:f4:61:fa:ee:51:f6:8f:f1:9a:15:e5:58:81:36:ff:f6:
ff:f8:13:a1:c1:77:85:f5:c4:ea:56:cb:15:ad:b3:29:b7:81:
df:9f:db:9e:d7:96:ad:0a:59:62:6d:a1:c8:dd:ab:85:4e:b0:
ae:eb:e8:83:bb:f7:42:9b:d4:53:2a:ff:1d:d3:e0:90:a4:67:
ff:71:2b:1c
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIULmhPachQTbZHpNzHZz6PqVVVmlgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUwNDdaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4YWU2MWUyNWVkMDI4YzFmZmE0MTcyMTlmN2FlYWZiYjY0OWZjMWI4NmU5
ZDMxNzU4ZmM5ZjY1MTc3NWRmOWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALP96YJsxVvzghAicJWLUDEtKqFt1Wc//T3Hr/AM/ZaJQsT5KLCR9GK6gfA6
vG9/8EfoEcZZET4FlnlSc7GlsR54JiiIzf2gaPaAM+ALYOzM4/owgVM72T/mA/B1
cHMbT5AvFCgVcdMNCDrZDxBcAjC9LimbyA7c2vS8fOID+RnfrRb9/LSuVPpy+tbm
3aDDXxxB6Ql/JnofhREhyhmHd/TXq/ro3uTYbvFASWUXXsh2TBj14C3t6I5wjxoc
ZWaKQJ9baKSfrK6PtzsSSuOdZhSJItXTQsZwilRmQWcpLfJ5xmX+hhGOzbIhAyoV
1sH2vYDDVA8KfTjqpdt9/xOmADsCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTd3inY
ojQTPeQUbn7yxuoumbRG5TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTkzNTFmMGYtMWRlNy00ZTc1LTk1MDItOTM5YThlYTcyZWU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0G4w
DQYJKoZIhvcNAQELBQADggEBAFIRxR8Kclu+ahiXstR0UbeaKPnvHk7qf5UDyvHm
0jNi2t0pzAs4bH/luLHvUH8mR7fvRFGxIUKJjdiT+VsV10eY4gcWU3+jSeI88OFN
8a4LmWrfmUazFy9VkE5IMZsPt453vlHHUEr2640EiDgjacX5zigrxrruOScGaxwU
/CbOxljQp4lz/XVLk7OvG3ZR3alUP8j4U9C5EOCDCPW4giyvSojynHgniGszOtAN
4Q+b0igynA+w9GH67lH2j/GaFeVYgTb/9v/4E6HBd4X1xOpWyxWtsym3gd+f257X
lq0KWWJtocjdq4VOsK7r6IO790Kb1FMq/x3T4JCkZ/9xKxw=
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:25 2025 by rpki-client