Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acaa599d-041d-4181-81eb-d1fa213089e1.roa
File: acaa599d-041d-4181-81eb-d1fa213089e1.roa (raw, json)
Hash identifier: cslPjHP4ZR5R+tu+e1mialbwd1qBYVdVvOdSlhghZEI=
Subject key identifier: 91:51:26:12:56:63:74:45:91:3F:AB:74:34:D7:22:13:16:75:58:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F17FF7710AE91934E6717C7EBC1180F62BD0AB2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acaa599d-041d-4181-81eb-d1fa213089e1.roa
Signing time: Mon 21 Jul 2025 16:40:31 +0000
ROA not before: Mon 21 Jul 2025 16:40:31 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:2080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:17:ff:77:10:ae:91:93:4e:67:17:c7:eb:c1:18:0f:62:bd:0a:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:40:31 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=9d3e38a0fd90967a9da8f0a5f9db7123fe30b664da61630bc10636a052464717, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8d:64:93:07:a7:dc:96:a0:38:ea:c3:56:bb:
5b:53:d6:85:17:7f:3f:42:ea:d2:90:1f:8b:b6:e5:
a3:89:c6:d5:b4:c1:fd:35:f5:59:41:31:c2:b8:87:
0e:b7:9d:0b:73:66:f3:79:97:e5:ac:f9:39:f3:19:
f3:79:11:8d:3f:da:92:93:65:a4:9c:6f:8d:0e:74:
b0:43:22:95:bf:93:bd:c3:93:2e:8e:ab:8a:a0:02:
d8:93:35:0d:5a:45:21:b2:5c:db:f4:15:bc:24:ea:
05:4d:ca:13:13:6d:5a:68:dd:5c:78:e9:be:aa:ed:
12:5c:57:d7:b4:51:88:71:5b:6e:81:8d:e9:d6:73:
a7:9a:63:8c:a4:9b:3c:5d:82:a3:6f:56:3c:28:4e:
05:c7:e8:e6:01:8b:2b:3e:bf:86:d7:90:78:10:29:
4b:92:f2:e5:7c:0f:34:f2:20:ea:f7:63:ff:c0:30:
88:03:7d:5a:c4:93:38:9c:97:c1:df:a8:b6:bb:3e:
9f:91:f0:19:92:c4:60:8a:1c:37:e7:ae:87:15:42:
c1:a3:18:df:a2:73:57:37:78:2c:9c:3b:ac:cd:98:
8b:eb:f0:22:6f:36:f9:85:29:4b:b6:1f:bf:cd:f4:
c3:ab:0f:83:ee:99:77:d7:c5:4c:f1:94:51:d7:75:
6e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:51:26:12:56:63:74:45:91:3F:AB:74:34:D7:22:13:16:75:58:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/acaa599d-041d-4181-81eb-d1fa213089e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:2080::/46
Signature Algorithm: sha256WithRSAEncryption
17:4c:5e:3c:7b:54:a7:88:b8:b9:9a:fd:35:3a:b8:4f:41:1c:
40:e7:09:01:d1:c4:a9:6d:5c:dc:a4:4e:52:95:44:74:7d:24:
57:63:85:58:26:17:3d:74:21:76:b1:de:88:fc:6c:e7:8f:8c:
57:da:d2:1d:54:ce:d0:97:52:bc:3b:cc:04:f9:96:16:d0:70:
81:be:fb:25:a3:be:39:c6:0b:88:e0:42:60:d2:27:3a:2d:2d:
f7:1e:d3:30:c3:dd:c4:29:6a:15:dc:95:ad:e9:fa:60:af:fe:
59:9c:c9:21:c2:f2:f6:72:c9:12:d3:ab:29:f7:13:b3:95:b2:
80:0f:c9:f9:0b:ef:e9:49:74:e8:d5:4a:ba:1c:fb:f4:bb:9f:
82:ba:25:19:4d:ea:4e:76:36:90:02:ae:aa:c0:58:73:57:4c:
e1:91:77:6d:96:9d:9d:1a:cb:5f:a5:05:10:fd:c2:3d:b5:f7:
f5:fa:ca:96:c0:49:7c:70:0e:d3:29:80:2f:15:ca:4b:2e:fa:
46:fe:60:2c:1d:ed:24:af:3a:da:f1:9e:b2:69:d0:05:99:1a:
58:bb:12:9c:b0:c1:1d:8c:ca:47:f9:ad:94:aa:91:1f:4d:cf:
1a:d6:34:11:81:fc:dd:24:b6:dd:27:cf:8a:ab:5d:e2:9c:75:
b9:08:72:70
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULxf/dxCukZNOZxfH68EYD2K9CrIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjQwMzFaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkM2UzOGEwZmQ5MDk2N2E5ZGE4ZjBhNWY5ZGI3MTIzZmUzMGI2NjRkYTYx
NjMwYmMxMDYzNmEwNTI0NjQ3MTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCNZJMHp9yWoDjqw1a7W1PWhRd/P0Lq0pAfi7blo4nG1bTB/TX1WUExwriH
DredC3Nm83mX5az5OfMZ83kRjT/akpNlpJxvjQ50sEMilb+TvcOTLo6riqAC2JM1
DVpFIbJc2/QVvCTqBU3KExNtWmjdXHjpvqrtElxX17RRiHFbboGN6dZzp5pjjKSb
PF2Co29WPChOBcfo5gGLKz6/hteQeBApS5Ly5XwPNPIg6vdj/8AwiAN9WsSTOJyX
wd+otrs+n5HwGZLEYIocN+euhxVCwaMY36JzVzd4LJw7rM2Yi+vwIm82+YUpS7Yf
v830w6sPg+6Zd9fFTPGUUdd1bkMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSRUSYS
VmN0RZE/q3Q01yITFnVYRjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWNhYTU5OWQtMDQxZC00MTgxLTgxZWItZDFmYTIxMzA4OWUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMg
gDANBgkqhkiG9w0BAQsFAAOCAQEAF0xePHtUp4i4uZr9NTq4T0EcQOcJAdHEqW1c
3KROUpVEdH0kV2OFWCYXPXQhdrHeiPxs54+MV9rSHVTO0JdSvDvMBPmWFtBwgb77
JaO+OcYLiOBCYNInOi0t9x7TMMPdxClqFdyVren6YK/+WZzJIcLy9nLJEtOrKfcT
s5WygA/J+Qvv6Ul06NVKuhz79LufgrolGU3qTnY2kAKuqsBYc1dM4ZF3bZadnRrL
X6UFEP3CPbX39frKlsBJfHAO0ymALxXKSy76Rv5gLB3tJK862vGesmnQBZkaWLsS
nLDBHYzKR/mtlKqRH03PGtY0EYH83SS23SfPiqtd4px1uQhycA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:36 2025 by rpki-client