Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/afd23c37-4c24-49ac-baf6-1c3a9a2d0512.roa
File: afd23c37-4c24-49ac-baf6-1c3a9a2d0512.roa (raw, json)
Hash identifier: PJy0b3z7S1a6WEE8DyqovQvyeH9WbBH+1iumGq1c7Tw=
Subject key identifier: 90:0C:78:C0:47:82:8F:71:E6:8E:E6:66:D6:F7:D4:FF:1E:D0:A6:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04257C7CE5F4915B72764D3C7486146495607CC7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/afd23c37-4c24-49ac-baf6-1c3a9a2d0512.roa
Signing time: Wed 30 Jul 2025 20:07:18 +0000
ROA not before: Wed 30 Jul 2025 20:07:18 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:25:7c:7c:e5:f4:91:5b:72:76:4d:3c:74:86:14:64:95:60:7c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:07:18 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=8eccaad0f08066f41f809085477944860e140f5e2daeba3d47fe6c81a9be3487, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8b:51:61:54:1e:34:57:25:b8:0b:68:59:89:
48:ad:83:4a:87:b1:2b:e3:a3:ef:76:21:7a:08:8b:
55:2e:6c:b6:d8:57:10:c6:fa:7b:6f:c3:2e:36:3e:
49:dd:4c:cd:0e:8e:c3:d0:a6:d3:72:9a:1c:ae:c1:
83:c7:f8:5b:b9:d2:2d:bb:89:96:1f:98:9b:aa:60:
f1:31:2f:e8:69:1b:e2:90:18:6f:39:72:6f:2c:cd:
0a:b1:69:75:17:62:bb:6c:85:ab:f1:db:5e:60:f7:
03:6a:41:76:e8:38:96:75:bd:d2:48:20:fd:eb:9a:
ca:8e:49:ef:99:d6:59:11:dc:48:da:9d:7e:a8:ca:
4f:74:3c:8b:5d:9f:2b:9f:bf:11:fc:c2:48:98:78:
45:3f:89:84:d5:77:25:6b:0f:e2:ad:2e:ad:4c:6d:
f5:54:52:89:61:2e:cf:d3:a7:3a:7a:25:7a:8f:a1:
08:bd:b6:d5:84:27:32:29:f1:d8:62:fe:bf:2e:2b:
59:53:fd:5e:c0:b9:32:da:fd:a7:2c:e9:4f:13:bb:
92:46:65:0f:2a:fe:13:12:a2:6d:2b:43:b0:7a:db:
49:b3:8c:fc:1d:9b:a8:b6:fb:da:ee:a7:3d:08:0d:
e6:24:33:b0:f4:c8:98:30:f9:50:5e:4c:a7:b0:9d:
2a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0C:78:C0:47:82:8F:71:E6:8E:E6:66:D6:F7:D4:FF:1E:D0:A6:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/afd23c37-4c24-49ac-baf6-1c3a9a2d0512.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:9000::/40
Signature Algorithm: sha256WithRSAEncryption
93:e0:89:e0:ad:67:40:fb:06:2f:aa:86:b5:c5:c1:52:9b:32:
6d:dc:23:1a:cc:10:ad:b3:2a:54:aa:54:1f:08:7b:c3:73:96:
e2:31:0e:0e:6e:4a:1a:e1:d4:21:0e:54:50:09:6f:3a:37:22:
86:0b:ba:c8:3d:ae:ce:36:c7:51:ee:ba:93:3c:e9:8d:f7:e9:
df:76:c5:de:5e:08:51:ef:c8:f4:4b:73:bb:de:77:85:77:f3:
0f:66:36:4d:4f:99:80:d2:08:d9:6f:31:df:88:60:bb:f4:58:
b3:13:70:7e:f7:a7:ab:57:b4:27:2a:64:68:65:ab:48:34:b6:
27:3c:4e:18:16:1d:0f:11:17:4d:59:cb:46:d1:ba:77:97:a9:
fc:bc:0e:f6:28:16:4e:12:ba:4b:da:47:e3:be:54:26:1c:48:
f7:1d:c3:78:f8:2f:b6:20:7a:76:64:57:cb:8b:20:6d:e3:4d:
2f:98:fb:9a:40:fd:a6:f5:ec:72:ba:23:70:d4:9c:37:91:a9:
77:f4:5e:54:09:d8:5d:70:af:1e:a8:45:99:14:3b:73:49:13:
04:ff:91:31:be:10:77:b2:ea:4a:5f:66:66:77:9d:a1:33:51:
a2:54:d8:94:bd:a7:a4:d5:ea:ca:43:0d:bd:d7:3d:6d:a5:b3:
3a:d2:3d:76
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBCV8fOX0kVtydk08dIYUZJVgfMcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MzAyMDA3MThaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlY2NhYWQwZjA4MDY2ZjQxZjgwOTA4NTQ3Nzk0NDg2MGUxNDBmNWUyZGFl
YmEzZDQ3ZmU2YzgxYTliZTM0ODcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiLUWFUHjRXJbgLaFmJSK2DSoexK+Oj73YhegiLVS5stthXEMb6e2/DLjY+
Sd1MzQ6Ow9Cm03KaHK7Bg8f4W7nSLbuJlh+Ym6pg8TEv6Gkb4pAYbzlybyzNCrFp
dRdiu2yFq/HbXmD3A2pBdug4lnW90kgg/euayo5J75nWWRHcSNqdfqjKT3Q8i12f
K5+/EfzCSJh4RT+JhNV3JWsP4q0urUxt9VRSiWEuz9OnOnoleo+hCL221YQnMinx
2GL+vy4rWVP9XsC5Mtr9pyzpTxO7kkZlDyr+ExKibStDsHrbSbOM/B2bqLb72u6n
PQgN5iQzsPTImDD5UF5Mp7CdKoMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSQDHjA
R4KPceaO5mbW99T/HtCmczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWZkMjNjMzctNGMyNC00OWFjLWJhZjYtMWMzYTlhMmQwNTEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCT4IngrWdA+wYvqoa1xcFSmzJt3CMazBCtsypU
qlQfCHvDc5biMQ4Obkoa4dQhDlRQCW86NyKGC7rIPa7ONsdR7rqTPOmN9+nfdsXe
XghR78j0S3O73neFd/MPZjZNT5mA0gjZbzHfiGC79FizE3B+96erV7QnKmRoZatI
NLYnPE4YFh0PERdNWctG0bp3l6n8vA72KBZOErpL2kfjvlQmHEj3HcN4+C+2IHp2
ZFfLiyBt400vmPuaQP2m9exyuiNw1Jw3kal39F5UCdhdcK8eqEWZFDtzSRME/5Ex
vhB3supKX2Zmd52hM1GiVNiUvaek1erKQw291z1tpbM60j12
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:34 2025 by rpki-client