Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
File: e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa (raw, json)
Hash identifier: 6V/NWJrSwF7QquJzoeTbNTHaEwWwKH7mVLsh8IQt1CY=
Subject key identifier: 70:55:D8:8B:A6:CF:2E:33:06:7D:D6:AE:CB:A2:A2:7D:E4:D6:85:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7EFEEEAA6532A9C4D3C9AE0F7B6667804FA9E183
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
Signing time: Mon 28 Jul 2025 16:10:58 +0000
ROA not before: Mon 28 Jul 2025 16:10:58 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:6000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:fe:ee:aa:65:32:a9:c4:d3:c9:ae:0f:7b:66:67:80:4f:a9:e1:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:58 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=be1217634e4b93f2e86e1661c800642928dd4462d8ff2462df1b3234530f3de6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:83:f2:de:01:bc:6a:1c:df:52:c6:38:50:3d:
4a:9d:97:b7:bc:a8:be:9b:73:f7:74:24:1a:46:6e:
03:f4:72:78:d1:9d:88:1d:df:15:c4:12:11:51:56:
f4:0c:50:6f:bc:fb:db:c2:7e:f9:2b:c6:7a:d0:ba:
d6:6f:b2:83:cf:e4:70:56:fc:19:5f:ae:58:bb:81:
a8:18:c0:09:40:76:02:db:80:0e:9e:75:72:c3:46:
70:90:5d:cd:98:c2:0d:0d:2a:e6:cd:8e:03:89:e9:
40:07:7f:ca:dd:b7:4d:73:31:7f:2c:22:70:f8:65:
59:d5:b8:d3:38:6b:da:0d:97:30:9f:7a:aa:22:c2:
a9:1f:77:48:67:77:2e:56:70:c8:26:a2:35:cb:aa:
b6:72:97:35:bc:b8:61:13:02:65:63:bf:fc:b2:50:
92:dd:ea:d0:4f:d6:44:3f:d7:cf:b9:d1:ac:8c:d8:
3c:1c:74:f9:5f:d6:15:7d:79:11:2a:45:8f:7a:7f:
47:ed:e0:88:d0:b5:47:fc:6b:3c:5b:ac:54:de:f4:
a5:e0:42:11:29:02:5c:74:ca:01:f3:63:a6:7a:f0:
6d:6f:03:48:19:aa:50:0f:7d:ae:17:d2:f7:5d:5f:
da:49:03:6c:5d:97:f9:f8:d2:61:f0:75:83:f9:27:
3c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:55:D8:8B:A6:CF:2E:33:06:7D:D6:AE:CB:A2:A2:7D:E4:D6:85:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:6000::/48
Signature Algorithm: sha256WithRSAEncryption
ac:47:cc:b7:bf:d4:e6:f5:57:01:4d:97:37:96:90:15:5d:df:
88:15:15:b0:9f:18:a1:cc:19:b1:eb:47:7b:41:6d:d3:3a:44:
6f:cf:37:73:d0:9f:4c:ba:96:4e:5e:81:9c:a6:eb:6a:57:62:
09:fa:bf:6c:69:bb:19:7d:d3:9e:33:59:40:5c:70:7b:49:cf:
38:1b:c6:a2:e1:01:b5:b1:42:cd:42:7b:53:98:6c:17:75:bb:
97:d0:e7:d8:38:a7:fd:bc:b1:a9:22:2d:d3:0f:7b:e7:69:f1:
83:e8:43:31:ec:c9:82:37:5f:a5:54:d0:5f:b9:fd:77:f6:5b:
58:19:d6:bb:ec:54:8d:55:86:01:3e:da:0d:8c:38:7a:7f:a8:
fc:6d:bc:4c:e4:8e:86:4c:8c:eb:8a:21:70:9a:6e:0f:d9:d0:
2f:ed:d2:4f:b7:1c:8b:02:22:7f:0f:f8:7a:5f:db:18:82:8c:
3d:c1:23:04:18:0e:29:b1:90:6f:8e:7f:07:03:b8:7b:bd:f9:
6c:eb:ff:3b:ef:3b:9a:74:a8:b2:c6:6a:63:e0:76:c7:0f:1e:
74:f3:e0:3a:ba:ea:cf:4d:da:06:57:0c:34:ab:59:11:30:68:
2d:f8:4c:d6:9f:7e:59:81:86:d3:07:e0:52:15:23:33:57:ad:
a8:9c:cc:48
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfv7uqmUyqcTTya4Pe2ZngE+p4YMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwNThaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlMTIxNzYzNGU0YjkzZjJlODZlMTY2MWM4MDA2NDI5MjhkZDQ0NjJkOGZm
MjQ2MmRmMWIzMjM0NTMwZjNkZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANuD8t4BvGoc31LGOFA9Sp2Xt7yovptz93QkGkZuA/RyeNGdiB3fFcQSEVFW
9AxQb7z728J++SvGetC61m+yg8/kcFb8GV+uWLuBqBjACUB2AtuADp51csNGcJBd
zZjCDQ0q5s2OA4npQAd/yt23TXMxfywicPhlWdW40zhr2g2XMJ96qiLCqR93SGd3
LlZwyCaiNcuqtnKXNby4YRMCZWO//LJQkt3q0E/WRD/Xz7nRrIzYPBx0+V/WFX15
ESpFj3p/R+3giNC1R/xrPFusVN70peBCESkCXHTKAfNjpnrwbW8DSBmqUA99rhfS
911f2kkDbF2X+fjSYfB1g/knPKMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRwVdiL
ps8uMwZ91q7LoqJ95NaFWDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTliMjRhZDEtMDY5Yi00OTE2LTlkMzMtMzFhZDY5MzdmYjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HZg
ADANBgkqhkiG9w0BAQsFAAOCAQEArEfMt7/U5vVXAU2XN5aQFV3fiBUVsJ8YocwZ
setHe0Ft0zpEb883c9CfTLqWTl6BnKbraldiCfq/bGm7GX3TnjNZQFxwe0nPOBvG
ouEBtbFCzUJ7U5hsF3W7l9Dn2Din/byxqSIt0w9752nxg+hDMezJgjdfpVTQX7n9
d/ZbWBnWu+xUjVWGAT7aDYw4en+o/G28TOSOhkyM64ohcJpuD9nQL+3ST7cciwIi
fw/4el/bGIKMPcEjBBgOKbGQb45/BwO4e735bOv/O+87mnSossZqY+B2xw8edPPg
Orrqz03aBlcMNKtZETBoLfhM1p9+WYGG0wfgUhUjM1etqJzMSA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:39 2025 by rpki-client