Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa
File: cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa (raw, json)
Hash identifier: 4dBK+kuqSwZHala3dfTh+6ZQ1EivX2wOpouYaHjxG5s=
Subject key identifier: DD:C8:67:61:D5:EC:A5:FC:BB:CF:98:63:02:BE:51:2A:31:B9:08:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2906D53D7F0B5A4E7A1154DC27629E359D1DF27E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa
Signing time: Fri 25 Jul 2025 16:50:37 +0000
ROA not before: Fri 25 Jul 2025 16:50:37 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:06:d5:3d:7f:0b:5a:4e:7a:11:54:dc:27:62:9e:35:9d:1d:f2:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:50:37 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=0a374425ec026496233bc1ed4abd62bde5856d56769a515bb2458e7335df9c95, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bc:7e:6c:90:90:8c:1c:ba:d1:31:6c:50:aa:
25:b1:5f:99:eb:4f:c2:d4:14:23:8f:23:dc:be:26:
76:4d:59:f0:fe:22:5d:45:f8:da:e1:be:c3:10:0d:
3c:aa:4b:bc:ce:a1:3e:96:7d:94:ca:28:84:6a:48:
1a:97:1f:6d:69:81:27:c8:ba:5c:10:60:f1:11:77:
eb:bc:6a:77:f2:ff:7b:37:78:15:61:13:d9:87:1d:
d5:ac:a2:e3:9f:66:37:88:a5:a5:7a:37:06:fb:ac:
bd:4a:04:17:4a:25:62:d6:cf:29:d9:4c:6e:46:d0:
8d:34:4c:cb:07:f2:cc:de:69:5b:77:af:74:6e:26:
97:2c:73:7f:dd:58:44:c5:98:d0:bc:51:cb:37:4f:
2b:98:b4:4a:be:68:9c:97:96:d9:a0:c3:a3:88:ff:
e1:b9:2e:25:74:68:7a:9a:08:fc:80:e3:bd:8b:d2:
fb:7a:c0:f0:67:a8:f6:0b:a8:b2:cd:96:93:52:2c:
00:c4:92:4b:0b:3f:57:95:8e:47:c9:3b:b9:4f:2e:
54:ff:e4:0b:d4:69:f2:95:1b:bd:b1:69:5e:ac:ee:
8f:2b:5f:3b:a3:6b:3c:4f:e2:bc:7c:f1:cd:7e:25:
f2:43:9d:f2:e8:a7:05:d3:45:43:bf:e7:42:20:65:
ea:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C8:67:61:D5:EC:A5:FC:BB:CF:98:63:02:BE:51:2A:31:B9:08:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:800::/40
Signature Algorithm: sha256WithRSAEncryption
04:84:cc:6d:f7:8f:cb:5f:4f:22:f9:14:99:cc:fc:e8:46:0a:
bd:62:7e:03:d8:d2:09:56:49:85:24:a2:0a:7c:48:5f:4d:1c:
c0:94:de:f9:a5:bd:30:d9:42:6b:a8:3f:ab:25:18:5f:bd:67:
a9:fb:41:f4:92:d6:06:9b:09:a9:d6:16:6f:cc:41:77:30:62:
52:d3:49:ac:ab:44:65:0b:4e:ef:91:79:1b:17:9f:e2:d1:28:
05:07:90:f4:3a:b4:54:95:de:f0:5c:01:a8:db:a8:ef:0e:ad:
33:43:96:87:90:20:8b:b3:75:58:a4:9b:f9:e3:7e:8f:3e:30:
1c:fc:c9:8c:71:8c:74:4d:d9:a0:cf:4d:ef:af:83:5e:b6:ce:
28:af:8c:68:8d:49:d4:cb:ae:81:e4:5f:54:43:a1:91:3f:40:
3d:8e:3b:9e:b1:af:1e:19:65:af:9e:f4:f0:3a:52:14:38:09:
50:95:d2:7d:1e:74:c7:78:8f:c3:8e:92:62:be:fa:2c:0a:21:
0c:c4:5e:67:6b:6f:d7:76:c5:e3:28:d3:88:87:fe:56:c7:93:
53:ee:f8:df:81:99:79:16:00:b1:3f:0f:4f:6f:ac:2b:22:0a:
f8:c2:73:06:ad:6c:a1:34:58:8e:11:57:03:c3:b9:3d:a9:f8:
06:33:96:5b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKQbVPX8LWk56EVTcJ2KeNZ0d8n4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUwMzdaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhMzc0NDI1ZWMwMjY0OTYyMzNiYzFlZDRhYmQ2MmJkZTU4NTZkNTY3Njlh
NTE1YmIyNDU4ZTczMzVkZjljOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM28fmyQkIwcutExbFCqJbFfmetPwtQUI48j3L4mdk1Z8P4iXUX42uG+wxAN
PKpLvM6hPpZ9lMoohGpIGpcfbWmBJ8i6XBBg8RF367xqd/L/ezd4FWET2Ycd1ayi
459mN4ilpXo3BvusvUoEF0olYtbPKdlMbkbQjTRMywfyzN5pW3evdG4mlyxzf91Y
RMWY0LxRyzdPK5i0Sr5onJeW2aDDo4j/4bkuJXRoepoI/IDjvYvS+3rA8Geo9guo
ss2Wk1IsAMSSSws/V5WOR8k7uU8uVP/kC9Rp8pUbvbFpXqzujytfO6NrPE/ivHzx
zX4l8kOd8uinBdNFQ7/nQiBl6k0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTdyGdh
1eyl/LvPmGMCvlEqMbkIUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2JkMjFiOWUtNzYyNy00ZWJjLWExZjgtNjM4OTBiNWQ0MTQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkI
MA0GCSqGSIb3DQEBCwUAA4IBAQAEhMxt94/LX08i+RSZzPzoRgq9Yn4D2NIJVkmF
JKIKfEhfTRzAlN75pb0w2UJrqD+rJRhfvWep+0H0ktYGmwmp1hZvzEF3MGJS00ms
q0RlC07vkXkbF5/i0SgFB5D0OrRUld7wXAGo26jvDq0zQ5aHkCCLs3VYpJv5436P
PjAc/MmMcYx0Tdmgz03vr4Nets4or4xojUnUy66B5F9UQ6GRP0A9jjuesa8eGWWv
nvTwOlIUOAlQldJ9HnTHeI/DjpJivvosCiEMxF5na2/XdsXjKNOIh/5Wx5NT7vjf
gZl5FgCxPw9Pb6wrIgr4wnMGrWyhNFiOEVcDw7k9qfgGM5Zb
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:59:15 2025 by rpki-client