Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
File: e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa (raw, json)
Hash identifier: r5f8dQK/6FfCBNsjmqa/mN95IUbXKb6dupfrv9Qui6Y=
Subject key identifier: 39:20:DB:D4:A7:22:BA:CC:65:6B:BB:AE:6E:3A:34:2E:BD:18:BC:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1606B3899FF7E82127F24B34D31E73829E951726
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
Signing time: Tue 29 Jul 2025 18:30:10 +0000
ROA not before: Tue 29 Jul 2025 18:30:10 +0000
ROA not after: Tue 02 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:06:b3:89:9f:f7:e8:21:27:f2:4b:34:d3:1e:73:82:9e:95:17:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 29 18:30:10 2025 GMT
Not After : Sep 2 23:59:59 2025 GMT
Subject: serialNumber=c2cb935d11a3a7c4769af260b8fcf83227d8fc669c05c2731cc5a3c1f64ea258, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:48:fc:bf:b5:3a:c9:17:cc:ba:70:4b:4c:73:
1c:ff:3b:e4:e4:fc:8a:74:e8:3b:0b:e7:c5:46:7f:
ed:b9:0e:c3:e1:96:f6:a2:81:af:67:95:d7:d1:80:
39:a8:00:8e:b1:12:3b:a1:d9:c2:6c:0a:74:d5:b0:
89:15:99:64:8e:dc:93:ba:f4:0d:11:0e:96:01:d3:
ee:96:18:79:48:7a:96:bc:ca:e9:7d:3f:a7:19:ca:
d2:a0:73:ea:21:a4:69:3f:b9:00:0a:16:47:02:f4:
91:1a:70:aa:66:1f:c9:59:41:aa:68:8f:67:31:93:
5e:73:30:a0:b0:eb:cf:25:08:73:ee:ea:47:bc:c0:
20:76:85:32:b1:9c:df:e5:4b:44:d1:f5:bb:f7:bf:
3d:61:60:b0:e3:3e:f3:f1:b6:d0:92:f3:52:d0:73:
9e:78:7d:d3:cb:64:d9:17:c4:2c:38:c1:a7:28:00:
79:30:4a:c9:d1:95:03:2a:d4:54:aa:66:cd:fd:7c:
d5:2c:50:76:10:2a:82:38:38:78:ba:88:e3:f2:7a:
59:c1:41:16:bf:46:b9:ee:af:6d:aa:9b:8d:37:70:
c5:8f:55:4b:ed:9c:52:22:88:79:4b:48:f3:82:fc:
03:1a:c5:f8:55:52:0c:9f:ed:40:8b:b1:7d:38:7a:
af:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:20:DB:D4:A7:22:BA:CC:65:6B:BB:AE:6E:3A:34:2E:BD:18:BC:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:a000::/40
Signature Algorithm: sha256WithRSAEncryption
39:82:26:3a:05:a4:de:93:6b:f6:e2:36:2a:47:3e:dd:7a:b7:
fb:a1:81:df:b9:ee:a9:74:6f:0d:d1:56:b0:c3:9b:6b:25:df:
28:d2:d3:19:f0:8c:07:8c:e8:9a:06:55:38:ea:e0:01:4b:6a:
48:1f:26:d7:d1:24:8a:a9:72:8b:a1:1a:28:74:a4:de:51:28:
92:24:1f:0a:41:e5:79:75:5d:2c:22:c5:28:cc:1e:40:cd:ff:
ea:40:af:e1:af:b0:4b:54:44:08:28:2d:ff:09:8f:2e:49:60:
d5:0c:af:b0:37:8d:9c:d0:9b:ef:95:15:17:ea:3f:23:f1:89:
30:72:b1:3b:31:47:d7:d6:84:5b:6a:ff:e6:88:39:18:6c:fe:
44:21:ff:08:25:a2:65:60:f8:5a:cd:dd:87:85:49:e1:c8:ad:
b1:56:90:8a:82:11:fb:f3:3f:15:1d:2a:80:92:75:35:f5:21:
a3:bd:40:4b:6d:a9:72:7e:9b:94:34:7a:53:6a:b1:83:9a:17:
6e:24:8c:bf:31:51:cb:3c:08:c0:13:2b:49:0b:bb:67:1a:74:
4f:c9:f5:01:14:d5:c7:16:3b:6c:11:a6:b9:3d:7f:d1:de:56:
2f:b0:c9:93:6d:e7:9d:73:23:5d:51:42:fe:13:15:d6:7c:16:
f3:55:f8:1a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFgaziZ/36CEn8ks00x5zgp6VFyYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjkxODMwMTBaFw0yNTA5MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyY2I5MzVkMTFhM2E3YzQ3NjlhZjI2MGI4ZmNmODMyMjdkOGZjNjY5YzA1
YzI3MzFjYzVhM2MxZjY0ZWEyNTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxI/L+1OskXzLpwS0xzHP875OT8inToOwvnxUZ/7bkOw+GW9qKBr2eV19GA
OagAjrESO6HZwmwKdNWwiRWZZI7ck7r0DREOlgHT7pYYeUh6lrzK6X0/pxnK0qBz
6iGkaT+5AAoWRwL0kRpwqmYfyVlBqmiPZzGTXnMwoLDrzyUIc+7qR7zAIHaFMrGc
3+VLRNH1u/e/PWFgsOM+8/G20JLzUtBznnh908tk2RfELDjBpygAeTBKydGVAyrU
VKpmzf181SxQdhAqgjg4eLqI4/J6WcFBFr9Gue6vbaqbjTdwxY9VS+2cUiKIeUtI
84L8AxrF+FVSDJ/tQIuxfTh6r5sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ5INvU
pyK6zGVru65uOjQuvRi8+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTYxNWZlYTMtMzgyNi00YzU5LTk1NzQtNzJmYjZjYzhmMmVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hag
MA0GCSqGSIb3DQEBCwUAA4IBAQA5giY6BaTek2v24jYqRz7derf7oYHfue6pdG8N
0Vaww5trJd8o0tMZ8IwHjOiaBlU46uABS2pIHybX0SSKqXKLoRoodKTeUSiSJB8K
QeV5dV0sIsUozB5Azf/qQK/hr7BLVEQIKC3/CY8uSWDVDK+wN42c0JvvlRUX6j8j
8YkwcrE7MUfX1oRbav/miDkYbP5EIf8IJaJlYPhazd2HhUnhyK2xVpCKghH78z8V
HSqAknU19SGjvUBLbalyfpuUNHpTarGDmhduJIy/MVHLPAjAEytJC7tnGnRPyfUB
FNXHFjtsEaa5PX/R3lYvsMmTbeedcyNdUUL+ExXWfBbzVfga
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:49 2025 by rpki-client