Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
File: bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa (raw, json)
Hash identifier: ZD6jehWmfzTQFiaenxdqQMXUPCgopO6ylDcoaSshcpU=
Subject key identifier: 38:3D:24:07:0B:D2:DB:C2:FB:BA:5D:05:98:BB:E2:B4:FD:93:B9:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3946BAE397D8EAFE7CE4F08F503C6CF206692CB4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
Signing time: Mon 28 Jul 2025 16:11:21 +0000
ROA not before: Mon 28 Jul 2025 16:11:21 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:46:ba:e3:97:d8:ea:fe:7c:e4:f0:8f:50:3c:6c:f2:06:69:2c:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:11:21 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=9eab1fd8fc0dbb4b016211d2950e31e52d5b4510c048a3e4d56147420f70aa7e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:7d:78:13:ea:2f:65:a1:89:d6:5a:bf:46:66:
cb:b0:3e:0b:55:32:9c:61:02:c8:b4:0f:9c:df:59:
7a:be:75:25:5c:b3:05:42:c5:fd:3f:e1:c1:e6:b2:
59:d7:53:87:f3:c3:60:c2:32:73:1a:ce:65:97:8e:
84:4a:9a:c3:dd:0d:4e:4b:ac:6c:b6:c8:96:de:62:
eb:f9:bc:0a:18:8f:a0:97:27:ad:76:29:13:d3:9f:
57:a9:42:df:00:55:86:4a:07:1d:bf:88:d5:ef:1c:
50:bf:42:51:2b:91:05:00:c6:15:e2:b6:7e:cc:88:
7e:91:46:46:83:f4:50:4e:9e:5a:f3:08:72:45:6c:
ff:95:74:1b:65:cc:e6:6a:5d:3a:14:bb:ae:5f:86:
d0:14:94:b4:b7:52:98:d5:34:aa:a7:7c:1c:a1:98:
3d:72:20:19:96:bb:9a:d1:1c:5b:fd:66:2a:93:87:
b4:71:4c:78:cc:84:75:d4:a7:40:0b:01:cb:7b:4d:
49:30:9b:7f:f8:2f:a6:fa:0d:2a:50:65:eb:b7:19:
01:7c:8f:69:9a:d2:fb:89:05:d8:18:b0:62:f3:0a:
16:5f:e8:5b:66:d6:74:31:e3:46:c1:8a:f0:2a:06:
fb:f7:14:75:6a:6d:f5:65:08:2a:53:8f:f4:9a:a1:
29:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:3D:24:07:0B:D2:DB:C2:FB:BA:5D:05:98:BB:E2:B4:FD:93:B9:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:2000::/40
Signature Algorithm: sha256WithRSAEncryption
1a:26:41:2f:34:90:57:06:33:42:65:5c:b7:f5:58:7c:5f:0f:
3b:77:89:a5:0d:d8:9a:47:9a:45:d9:a5:58:ff:c7:bc:c8:e3:
24:0e:5e:31:ee:f6:2e:17:e8:68:8b:b4:29:dc:d1:9a:02:28:
12:6d:53:53:27:32:84:0b:b7:ee:72:5f:c4:69:29:48:ee:58:
96:3d:a6:36:2f:ad:91:a9:06:87:18:fa:91:2d:be:cb:32:38:
79:6b:39:f1:87:fc:04:4b:6e:df:c1:cd:94:05:c1:0a:5b:82:
fd:0d:78:33:36:2f:97:62:08:4c:e2:af:91:3c:00:7e:43:49:
fe:54:8d:78:36:c6:86:3d:bf:5f:6d:be:1d:b8:39:19:c6:f8:
9e:b3:71:84:fc:89:e9:17:e4:bd:e7:e4:89:04:8e:48:19:21:
4c:ca:22:b2:31:31:98:dd:dc:bb:09:71:fd:2a:ac:cb:80:c4:
5e:07:48:e7:2b:75:40:a5:60:cf:13:fd:84:ee:51:95:dc:23:
26:0e:65:74:7c:8e:8e:91:f5:73:27:55:3b:e2:3d:e9:a8:a6:
e3:ee:ed:6f:a4:b2:99:6f:e8:55:0a:71:76:e6:a0:82:7f:89:
59:81:88:7b:9a:25:69:20:54:c0:2b:52:9d:8f:89:ca:8e:5a:
87:76:a9:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOUa645fY6v585PCPUDxs8gZpLLQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjExMjFaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDllYWIxZmQ4ZmMwZGJiNGIwMTYyMTFkMjk1MGUzMWU1MmQ1YjQ1MTBjMDQ4
YTNlNGQ1NjE0NzQyMGY3MGFhN2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPt9eBPqL2WhidZav0Zmy7A+C1UynGECyLQPnN9Zer51JVyzBULF/T/hweay
WddTh/PDYMIycxrOZZeOhEqaw90NTkusbLbIlt5i6/m8ChiPoJcnrXYpE9OfV6lC
3wBVhkoHHb+I1e8cUL9CUSuRBQDGFeK2fsyIfpFGRoP0UE6eWvMIckVs/5V0G2XM
5mpdOhS7rl+G0BSUtLdSmNU0qqd8HKGYPXIgGZa7mtEcW/1mKpOHtHFMeMyEddSn
QAsBy3tNSTCbf/gvpvoNKlBl67cZAXyPaZrS+4kF2BiwYvMKFl/oW2bWdDHjRsGK
8CoG+/cUdWpt9WUIKlOP9JqhKeMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ4PSQH
C9Lbwvu6XQWYu+K0/ZO5SDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmM1OWU0MjEtYmExZC00ZjZhLWFlYmEtOWQ1YzY3M2E3MDI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAg
MA0GCSqGSIb3DQEBCwUAA4IBAQAaJkEvNJBXBjNCZVy39Vh8Xw87d4mlDdiaR5pF
2aVY/8e8yOMkDl4x7vYuF+hoi7Qp3NGaAigSbVNTJzKEC7fucl/EaSlI7liWPaY2
L62RqQaHGPqRLb7LMjh5aznxh/wES27fwc2UBcEKW4L9DXgzNi+XYghM4q+RPAB+
Q0n+VI14NsaGPb9fbb4duDkZxvies3GE/InpF+S95+SJBI5IGSFMyiKyMTGY3dy7
CXH9KqzLgMReB0jnK3VApWDPE/2E7lGV3CMmDmV0fI6OkfVzJ1U74j3pqKbj7u1v
pLKZb+hVCnF25qCCf4lZgYh7miVpIFTAK1Kdj4nKjlqHdqlZ
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:22:50 2025 by rpki-client