Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
File: bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa (raw, json)
Hash identifier: QtssXnQNqU0+g8Or+4aq20BT7e8W+wHnCFc6Gi0Ss7U=
Subject key identifier: 67:F3:CA:B2:D3:EC:D2:2C:06:03:A1:BA:61:DE:B9:54:B7:2A:B4:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 60515EB46EB46D269FFD482299BEFBF753E9255B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
Signing time: Mon 28 Jul 2025 16:10:12 +0000
ROA not before: Mon 28 Jul 2025 16:10:12 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:51:5e:b4:6e:b4:6d:26:9f:fd:48:22:99:be:fb:f7:53:e9:25:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:12 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=87b52a51e878cc17a076574114d89e5fabeac966b755d477c70d308707db2c58, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e4:83:8d:ee:32:72:5e:5b:45:fc:e8:89:28:
57:44:3c:a3:20:82:20:96:8c:c2:41:14:9b:53:e4:
44:ae:3d:3c:bf:29:4f:ef:a9:2f:82:b9:a6:0b:66:
71:5d:73:9e:5b:41:fb:28:a7:b7:6d:ec:cf:08:d0:
55:1f:ce:86:ad:81:98:81:82:33:f4:4d:d3:59:42:
9a:a6:3a:a2:2b:ac:a1:be:8b:f2:e8:88:1e:af:fd:
21:3e:36:fa:b2:b8:eb:f9:39:5a:4c:26:c1:06:a8:
9e:f6:8b:7a:6c:bf:21:6a:94:c7:94:f4:71:78:83:
5b:fc:40:14:6c:d0:ce:c1:3c:19:5b:57:ef:81:07:
7c:27:a8:01:a5:d2:07:ba:35:0e:50:54:96:70:aa:
c3:bd:37:41:8c:02:e2:d9:ca:e4:0f:ab:99:bf:4a:
5a:75:8b:ba:aa:42:43:b1:e2:8f:ae:7a:39:54:0e:
db:76:78:0b:40:56:ea:3b:11:65:22:b6:bf:2e:d0:
98:71:96:19:ee:5f:fa:ac:b7:8f:36:6d:94:01:d9:
85:bb:2f:74:ed:35:4a:96:cc:a1:80:51:f2:c6:a0:
3c:a8:ef:50:53:5d:10:3c:8a:6e:53:be:2d:61:c0:
a8:83:93:05:a1:06:71:02:a8:7f:b5:ae:18:dc:b9:
f2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:F3:CA:B2:D3:EC:D2:2C:06:03:A1:BA:61:DE:B9:54:B7:2A:B4:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdaa6de6-00d3-4d18-8aa0-0bf82888d36e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:b000::/40
Signature Algorithm: sha256WithRSAEncryption
19:4b:19:14:25:30:dc:52:13:3e:af:10:9e:c0:2f:48:35:ce:
33:72:db:01:6e:35:88:84:51:25:4d:b3:7e:c5:94:6a:03:63:
32:ab:33:5b:8e:3c:9b:f2:7b:9d:6c:e6:46:d9:87:0d:18:5c:
59:65:0d:68:4d:7b:6d:74:c2:2b:74:5d:e4:09:12:24:70:4f:
c8:8d:78:37:9c:fd:8a:3f:5c:3b:e2:7c:58:8a:52:d1:98:b1:
64:d1:05:d0:99:f3:bc:4d:ec:64:4e:c9:8e:43:4a:6f:cb:8c:
de:9c:3e:1f:7b:96:ee:6a:4b:92:4c:c4:5e:da:26:1c:47:f0:
d4:53:ef:a9:77:9a:7e:8e:d0:34:a5:e3:aa:e2:62:f5:2e:a8:
10:b5:fb:ef:d0:f0:90:cd:4b:2f:38:32:73:e0:5e:27:25:84:
b1:d5:b8:41:74:da:a6:c0:fa:6e:5d:a9:52:42:1a:67:d9:4c:
f2:28:9b:01:ad:a3:a9:99:fc:a4:b1:3a:27:b4:df:69:69:83:
95:0c:4d:e9:e4:bc:8c:1b:b8:17:a9:cc:5d:41:e5:10:57:78:
e2:3f:a9:fc:62:40:aa:68:99:ec:70:5b:22:04:79:48:bf:39:
ee:e9:a7:96:3f:c8:b7:62:ed:76:18:37:d9:21:83:01:52:05:
4b:5f:a7:42
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYFFetG60bSaf/Ugimb7791PpJVswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMTJaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3YjUyYTUxZTg3OGNjMTdhMDc2NTc0MTE0ZDg5ZTVmYWJlYWM5NjZiNzU1
ZDQ3N2M3MGQzMDg3MDdkYjJjNTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMfkg43uMnJeW0X86IkoV0Q8oyCCIJaMwkEUm1PkRK49PL8pT++pL4K5pgtm
cV1znltB+yint23szwjQVR/Ohq2BmIGCM/RN01lCmqY6oiusob6L8uiIHq/9IT42
+rK46/k5WkwmwQaonvaLemy/IWqUx5T0cXiDW/xAFGzQzsE8GVtX74EHfCeoAaXS
B7o1DlBUlnCqw703QYwC4tnK5A+rmb9KWnWLuqpCQ7Hij656OVQO23Z4C0BW6jsR
ZSK2vy7QmHGWGe5f+qy3jzZtlAHZhbsvdO01SpbMoYBR8sagPKjvUFNdEDyKblO+
LWHAqIOTBaEGcQKof7WuGNy58qECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRn88qy
0+zSLAYDobph3rlUtyq0MjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRhYTZkZTYtMDBkMy00ZDE4LThhYTAtMGJmODI4ODhkMzZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCw
MA0GCSqGSIb3DQEBCwUAA4IBAQAZSxkUJTDcUhM+rxCewC9INc4zctsBbjWIhFEl
TbN+xZRqA2MyqzNbjjyb8nudbOZG2YcNGFxZZQ1oTXttdMIrdF3kCRIkcE/IjXg3
nP2KP1w74nxYilLRmLFk0QXQmfO8TexkTsmOQ0pvy4zenD4fe5buakuSTMRe2iYc
R/DUU++pd5p+jtA0peOq4mL1LqgQtfvv0PCQzUsvODJz4F4nJYSx1bhBdNqmwPpu
XalSQhpn2UzyKJsBraOpmfyksTontN9paYOVDE3p5LyMG7gXqcxdQeUQV3jiP6n8
YkCqaJnscFsiBHlIvznu6aeWP8i3Yu12GDfZIYMBUgVLX6dC
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:53 2025 by rpki-client