Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
File: be609ec8-2ad0-42f7-9159-0a3ece35241f.roa (raw, json)
Hash identifier: Iem9N6CuI91w0UdgnEINrOmB7q7ECWmczg0MQ+5oKoA=
Subject key identifier: 94:0C:A3:B7:F8:47:4B:11:4F:B6:31:DB:4C:F1:15:26:33:8A:B3:F9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3AC407094572C052BB26917FE026A1A7A2A4A650
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
Signing time: Fri 01 Aug 2025 17:20:06 +0000
ROA not before: Fri 01 Aug 2025 17:20:06 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:c4:07:09:45:72:c0:52:bb:26:91:7f:e0:26:a1:a7:a2:a4:a6:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:20:06 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=51f3817fe6c59e44cc03e31903c86a29707be809bcfa85c7b10d12ef23d20609, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2f:64:04:0b:ee:82:b3:0e:9d:0b:92:c0:80:
56:d0:82:22:0b:e3:a8:44:0b:9b:2f:d2:ac:d4:b0:
56:9a:62:b3:ec:bf:9c:0b:fd:7d:58:fc:f6:d1:70:
22:7a:39:e0:11:e1:0f:9f:ab:4b:5c:28:8b:29:1c:
58:4a:7f:01:3a:31:c2:cc:11:e8:75:11:96:65:51:
5f:c6:7e:75:cd:3d:dc:57:d5:2f:17:ca:46:9e:1c:
65:19:a8:cf:26:95:48:48:4a:fa:ae:20:9f:bd:23:
30:a6:d1:7e:93:72:17:ac:a3:52:19:89:31:ac:81:
bb:33:87:a8:7b:fe:85:81:7d:d1:74:a2:d8:9c:3c:
fd:6e:ad:44:9f:c6:d5:5d:79:e0:dd:e7:12:04:6f:
eb:69:03:9c:dc:78:30:ac:09:9c:7f:79:b9:84:7d:
f7:e8:fd:f4:9c:8d:19:ee:64:c5:32:ef:e7:94:84:
be:a8:b9:91:16:41:b5:b1:1c:2a:ca:a1:e7:30:f2:
93:a4:ba:e5:84:9b:a8:76:79:ce:38:6f:94:79:4c:
1e:69:f3:c0:65:7d:f0:65:48:c2:46:82:f7:36:a5:
27:07:22:21:8f:a7:42:91:ef:f3:3a:7c:23:0b:1d:
7d:bf:b9:ec:e1:8d:fb:dd:9c:17:5a:01:1d:e3:7e:
1e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:0C:A3:B7:F8:47:4B:11:4F:B6:31:DB:4C:F1:15:26:33:8A:B3:F9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:800::/40
Signature Algorithm: sha256WithRSAEncryption
a9:b1:58:91:94:95:f2:8f:46:9c:07:65:3e:e9:0a:de:75:41:
5f:69:92:3d:a8:b7:b1:ed:d5:09:6b:95:af:27:8f:1d:97:cb:
3e:23:0b:5e:e3:58:21:ee:c1:f8:30:b9:36:c3:29:9a:10:3e:
f3:e7:b9:e9:9a:a9:e4:06:94:eb:4f:f3:cf:31:0a:33:93:64:
6e:81:16:7e:38:5c:ef:d9:2b:c2:7e:86:ac:e7:3e:3f:40:9d:
20:79:8a:4c:2a:77:6f:bb:29:b8:57:46:03:d2:10:72:35:c2:
cb:32:87:6e:14:f7:da:69:d6:a0:d4:74:6a:a0:5e:cf:ce:2e:
80:63:46:2d:cb:9b:ab:29:96:d6:3a:bd:8c:d2:4b:d6:46:18:
3e:67:c2:0c:23:a8:e3:d4:b0:75:c5:b3:00:fb:0b:1c:cc:1a:
a9:ff:b3:d5:83:cd:2a:47:8b:48:3c:18:22:0f:8b:94:7b:c3:
36:c3:9d:39:97:df:b0:ca:a6:df:65:da:25:5b:01:78:6b:40:
38:29:83:91:99:85:1e:0d:67:ac:89:0b:2f:72:73:81:2a:9a:
4c:d0:72:e9:c2:5a:85:62:d1:e7:c9:d2:7e:2f:32:b5:4d:be:
77:86:b6:e5:d4:b9:d2:85:25:a8:a7:e0:6d:5a:35:41:5c:a8:
3e:a3:ed:b5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOsQHCUVywFK7JpF/4Cahp6KkplAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzIwMDZaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxZjM4MTdmZTZjNTllNDRjYzAzZTMxOTAzYzg2YTI5NzA3YmU4MDliY2Zh
ODVjN2IxMGQxMmVmMjNkMjA2MDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEvZAQL7oKzDp0LksCAVtCCIgvjqEQLmy/SrNSwVppis+y/nAv9fVj89tFw
Ino54BHhD5+rS1woiykcWEp/AToxwswR6HURlmVRX8Z+dc093FfVLxfKRp4cZRmo
zyaVSEhK+q4gn70jMKbRfpNyF6yjUhmJMayBuzOHqHv+hYF90XSi2Jw8/W6tRJ/G
1V154N3nEgRv62kDnNx4MKwJnH95uYR99+j99JyNGe5kxTLv55SEvqi5kRZBtbEc
Ksqh5zDyk6S65YSbqHZ5zjhvlHlMHmnzwGV98GVIwkaC9zalJwciIY+nQpHv8zp8
Iwsdfb+57OGN+92cF1oBHeN+HsUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSUDKO3
+EdLEU+2MdtM8RUmM4qz+TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2MDllYzgtMmFkMC00MmY3LTkxNTktMGEzZWNlMzUyNDFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAI
MA0GCSqGSIb3DQEBCwUAA4IBAQCpsViRlJXyj0acB2U+6QredUFfaZI9qLex7dUJ
a5WvJ48dl8s+Iwte41gh7sH4MLk2wymaED7z57npmqnkBpTrT/PPMQozk2RugRZ+
OFzv2SvCfoas5z4/QJ0geYpMKndvuym4V0YD0hByNcLLModuFPfaadag1HRqoF7P
zi6AY0Yty5urKZbWOr2M0kvWRhg+Z8IMI6jj1LB1xbMA+wsczBqp/7PVg80qR4tI
PBgiD4uUe8M2w505l9+wyqbfZdolWwF4a0A4KYORmYUeDWesiQsvcnOBKppM0HLp
wlqFYtHnydJ+LzK1Tb53hrbl1LnShSWop+BtWjVBXKg+o+21
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:21 2025 by rpki-client