Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed4fb2e2-531d-453d-9efc-d69a8a9e2312.roa
File: ed4fb2e2-531d-453d-9efc-d69a8a9e2312.roa (raw, json)
Hash identifier: pFT4zHVlW+KKwczV5VoNhj8Bnrg/pLNXwF5EzJSKHcc=
Subject key identifier: C9:BC:2E:77:35:3C:83:A8:28:66:40:98:A2:D3:46:29:94:37:5C:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A32736EBB657DAEFBB15178DA55B991FC1E89E8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed4fb2e2-531d-453d-9efc-d69a8a9e2312.roa
Signing time: Wed 30 Jul 2025 20:07:16 +0000
ROA not before: Wed 30 Jul 2025 20:07:16 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:32:73:6e:bb:65:7d:ae:fb:b1:51:78:da:55:b9:91:fc:1e:89:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:07:16 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=312e64a6ae5db250e30166e6be359aa76cd75d52a27ece4617c2b275c5fb8157, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:91:a7:31:76:2a:e6:f7:cb:95:af:31:df:6d:
9e:0b:58:01:f2:e6:10:66:97:4c:4c:19:9f:45:45:
2d:97:5d:1f:72:ba:db:6e:fa:99:e1:93:61:f4:3b:
98:98:1b:94:30:3b:f4:01:86:96:b4:7c:63:f3:10:
7c:1c:66:a4:d3:c8:1b:91:8a:47:a8:38:5c:4c:8d:
de:d6:a7:dc:18:cc:90:2a:f0:9b:02:eb:88:6b:50:
b4:58:eb:9e:d1:33:f0:8d:1e:7f:74:9f:cf:b8:20:
16:80:82:5d:df:fa:4f:d7:dc:00:fa:22:13:85:ec:
dd:27:b4:83:08:6a:84:92:b0:85:30:22:9c:31:f3:
a7:16:e2:08:ca:46:10:b3:39:73:76:f8:a9:fe:89:
45:a1:07:c5:db:cf:aa:60:9c:3d:cd:8f:33:62:e0:
72:3f:91:cd:38:04:f7:70:6f:7d:d1:33:0b:63:11:
82:a6:84:b7:19:fe:a5:f0:f9:a5:04:2a:2f:7d:c6:
c7:ca:7a:ea:c4:2c:27:4c:3a:89:9c:99:02:af:62:
8a:23:3e:06:76:23:0f:c2:e7:7e:b2:3b:0c:d9:29:
78:a3:38:4a:f4:98:92:b7:a4:13:73:ca:89:fc:61:
3f:a9:d9:7a:c6:60:45:36:30:4e:8d:d4:a4:f1:e3:
30:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:BC:2E:77:35:3C:83:A8:28:66:40:98:A2:D3:46:29:94:37:5C:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed4fb2e2-531d-453d-9efc-d69a8a9e2312.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8000::/40
Signature Algorithm: sha256WithRSAEncryption
8a:ec:db:56:f7:7a:b3:41:1e:f3:a0:da:df:98:fa:ff:88:35:
92:3f:78:41:33:4a:9c:97:ba:cc:9a:6f:4b:69:ec:8b:4a:5b:
06:5c:2f:d2:d7:05:ac:eb:e2:56:19:de:3b:34:f4:79:16:4e:
bd:cf:20:fc:6b:65:88:85:18:9d:1f:20:a8:18:c1:1e:78:07:
2a:e2:e8:02:e4:da:c4:25:13:dc:55:fe:20:a9:43:d0:8a:ba:
e5:3a:35:fb:77:4b:70:b9:20:13:36:5d:94:57:ae:ca:60:b6:
70:b3:3c:6d:77:d7:5b:c2:e4:f2:75:32:c4:e9:a8:52:36:72:
61:21:d0:46:21:34:92:3a:e2:34:97:32:b1:c5:1b:b4:79:9a:
d2:89:98:0e:6d:eb:c7:a1:91:59:c4:89:04:01:f5:29:aa:22:
15:51:78:06:3c:20:d3:6a:8d:ba:71:64:11:ae:cf:7f:a3:76:
4d:df:93:1b:bc:70:95:8b:39:29:55:b8:1a:48:59:af:20:c3:
73:51:5c:c0:6d:fa:86:d7:a8:48:ec:c5:3b:a1:58:a9:4c:1d:
00:d8:a0:4b:1e:ec:8f:65:81:d1:ad:8e:bb:c4:89:2a:d2:d2:
57:44:f0:a6:f7:ac:18:b9:db:e6:79:76:a4:40:0c:cb:48:9c:
e1:31:83:ca
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUejJzbrtlfa77sVF42lW5kfweiegwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MzAyMDA3MTZaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxMmU2NGE2YWU1ZGIyNTBlMzAxNjZlNmJlMzU5YWE3NmNkNzVkNTJhMjdl
Y2U0NjE3YzJiMjc1YzVmYjgxNTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJCRpzF2Kub3y5WvMd9tngtYAfLmEGaXTEwZn0VFLZddH3K62276meGTYfQ7
mJgblDA79AGGlrR8Y/MQfBxmpNPIG5GKR6g4XEyN3tan3BjMkCrwmwLriGtQtFjr
ntEz8I0ef3Sfz7ggFoCCXd/6T9fcAPoiE4Xs3Se0gwhqhJKwhTAinDHzpxbiCMpG
ELM5c3b4qf6JRaEHxdvPqmCcPc2PM2Lgcj+RzTgE93BvfdEzC2MRgqaEtxn+pfD5
pQQqL33Gx8p66sQsJ0w6iZyZAq9iiiM+BnYjD8LnfrI7DNkpeKM4SvSYkrekE3PK
ifxhP6nZesZgRTYwTo3UpPHjMG8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTJvC53
NTyDqChmQJii00YplDdcqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWQ0ZmIyZTItNTMxZC00NTNkLTllZmMtZDY5YThhOWUyMzEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWA
MA0GCSqGSIb3DQEBCwUAA4IBAQCK7NtW93qzQR7zoNrfmPr/iDWSP3hBM0qcl7rM
mm9LaeyLSlsGXC/S1wWs6+JWGd47NPR5Fk69zyD8a2WIhRidHyCoGMEeeAcq4ugC
5NrEJRPcVf4gqUPQirrlOjX7d0twuSATNl2UV67KYLZwszxtd9dbwuTydTLE6ahS
NnJhIdBGITSSOuI0lzKxxRu0eZrSiZgObevHoZFZxIkEAfUpqiIVUXgGPCDTao26
cWQRrs9/o3ZN35MbvHCVizkpVbgaSFmvIMNzUVzAbfqG16hI7MU7oVipTB0A2KBL
HuyPZYHRrY67xIkq0tJXRPCm96wYudvmeXakQAzLSJzhMYPK
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:52 2025 by rpki-client