Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea0e91cd-e265-4578-9172-3a1331586357.roa
File: ea0e91cd-e265-4578-9172-3a1331586357.roa (raw, json)
Hash identifier: KbLThZ6UgwM904zgPmXMSz51koKRQ5uLCXzhPa8h1Lg=
Subject key identifier: 60:2F:E4:AB:82:90:E7:08:14:21:FC:28:62:11:25:44:2D:85:78:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3E27F275E83DBAF87351A3C4678B9A22CE13BF22
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea0e91cd-e265-4578-9172-3a1331586357.roa
Signing time: Wed 30 Jul 2025 20:07:13 +0000
ROA not before: Wed 30 Jul 2025 20:07:13 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:27:f2:75:e8:3d:ba:f8:73:51:a3:c4:67:8b:9a:22:ce:13:bf:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:07:13 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=d9bd767f8f725edc1565d4a408158e2fa64ba5e30c8b40970dbcf84371232c30, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a7:45:eb:4b:d0:5a:7e:4d:f7:28:79:9a:28:
8c:76:46:2a:af:c5:62:fd:28:8b:d0:62:2a:a5:43:
6d:69:0e:7e:dd:1c:37:93:cf:ed:b5:50:37:0f:b8:
4e:86:42:c8:1c:39:6b:ec:c0:58:92:af:df:a5:65:
85:f1:db:4c:62:9d:5b:e8:22:08:64:35:70:14:34:
8c:d8:3f:0a:b3:33:85:b7:e6:4c:65:07:9a:8b:de:
c8:68:20:10:aa:b9:7c:e4:fe:61:ea:80:e4:46:eb:
ad:e2:24:b7:27:e8:3d:6f:d5:64:0e:61:dd:dd:e4:
4f:de:2f:2b:eb:0f:16:18:c9:0b:3e:97:e2:12:01:
fc:8f:45:cc:4f:cd:85:a7:3e:76:36:a3:0c:d6:8d:
39:97:74:57:da:fe:d4:4c:e2:5e:2d:df:0d:ac:51:
72:a0:be:3b:8e:a6:38:78:b2:a9:7a:17:e8:e4:ee:
13:8d:06:64:e1:15:ef:95:13:1e:c3:ed:2e:84:1f:
b0:d0:02:ff:59:b8:4f:d9:ed:fa:6b:b5:38:42:8e:
c0:14:0a:b8:87:26:b8:91:38:5e:63:42:6e:61:1d:
f3:5a:69:9b:f8:5f:74:b8:ff:d6:73:8e:f4:d8:6b:
71:0c:47:67:14:a9:a7:1a:8b:4d:b4:73:97:93:0e:
30:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:2F:E4:AB:82:90:E7:08:14:21:FC:28:62:11:25:44:2D:85:78:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea0e91cd-e265-4578-9172-3a1331586357.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:5000::/40
Signature Algorithm: sha256WithRSAEncryption
35:64:d5:4c:bf:92:82:25:c4:a6:34:a3:c9:07:23:ec:3e:7a:
c3:2d:8a:25:72:24:52:13:e6:4d:bb:c7:0d:b5:c2:50:4c:4e:
d7:8e:92:3b:c7:2a:18:30:48:4e:33:75:0f:e5:c1:74:e8:3c:
e0:55:76:87:98:25:e4:e5:83:75:fe:84:05:1d:2b:73:3e:7b:
19:af:fd:4e:e6:f2:83:f6:f7:ee:f2:13:44:37:22:e2:1c:b8:
c3:63:5a:26:6b:26:84:46:86:90:20:ac:cc:e5:51:f4:af:be:
d5:d3:30:78:a6:c5:de:81:ab:8d:23:5a:49:76:af:9b:b0:3e:
72:89:db:cf:34:d2:61:93:d1:62:9d:17:ef:79:33:36:56:2e:
7a:1a:1e:0b:6e:28:dc:4c:f2:6d:71:0f:7f:eb:b2:b6:ae:84:
df:01:34:79:4f:9c:80:f2:0d:98:a2:f7:68:a4:5e:61:84:e4:
77:fb:77:31:5c:44:c3:08:7c:1b:57:f2:fa:eb:dd:7d:e0:df:
1f:6d:17:9b:8b:d6:90:f8:0e:95:1c:ef:a7:18:47:59:d0:c7:
ae:f3:a3:80:32:c3:15:3a:80:99:96:4b:0a:78:f1:46:69:4b:
89:6f:f0:71:ff:97:e8:6f:b2:65:6b:ec:f2:fb:c3:ab:af:68:
33:81:ff:7b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPifydeg9uvhzUaPEZ4uaIs4TvyIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MzAyMDA3MTNaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5YmQ3NjdmOGY3MjVlZGMxNTY1ZDRhNDA4MTU4ZTJmYTY0YmE1ZTMwYzhi
NDA5NzBkYmNmODQzNzEyMzJjMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI6nRetL0Fp+TfcoeZoojHZGKq/FYv0oi9BiKqVDbWkOft0cN5PP7bVQNw+4
ToZCyBw5a+zAWJKv36VlhfHbTGKdW+giCGQ1cBQ0jNg/CrMzhbfmTGUHmoveyGgg
EKq5fOT+YeqA5EbrreIktyfoPW/VZA5h3d3kT94vK+sPFhjJCz6X4hIB/I9FzE/N
hac+djajDNaNOZd0V9r+1EziXi3fDaxRcqC+O46mOHiyqXoX6OTuE40GZOEV75UT
HsPtLoQfsNAC/1m4T9nt+mu1OEKOwBQKuIcmuJE4XmNCbmEd81ppm/hfdLj/1nOO
9NhrcQxHZxSppxqLTbRzl5MOMPUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRgL+Sr
gpDnCBQh/ChiESVELYV4QDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWEwZTkxY2QtZTI2NS00NTc4LTkxNzItM2ExMzMxNTg2MzU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA1ZNVMv5KCJcSmNKPJByPsPnrDLYolciRSE+ZN
u8cNtcJQTE7XjpI7xyoYMEhOM3UP5cF06DzgVXaHmCXk5YN1/oQFHStzPnsZr/1O
5vKD9vfu8hNENyLiHLjDY1omayaERoaQIKzM5VH0r77V0zB4psXegauNI1pJdq+b
sD5yidvPNNJhk9FinRfveTM2Vi56Gh4LbijcTPJtcQ9/67K2roTfATR5T5yA8g2Y
ovdopF5hhOR3+3cxXETDCHwbV/L669194N8fbRebi9aQ+A6VHO+nGEdZ0Meu86OA
MsMVOoCZlksKePFGaUuJb/Bx/5fob7Jla+zy+8Orr2gzgf97
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:01:38 2025 by rpki-client