Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/012c9415-fd75-453f-91b6-b57a394d548d.roa
File: 012c9415-fd75-453f-91b6-b57a394d548d.roa (raw, json)
Hash identifier: svOfEufzTzcnsT27+WZbq5u4l2XKfPbOic9lZ3jNunA=
Subject key identifier: 5B:BB:8B:32:6E:EE:5C:FF:78:61:50:22:84:FE:A2:75:EA:79:AE:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E1D03259DB5AF02CFDF2FBF4472FC01C5CE44DA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/012c9415-fd75-453f-91b6-b57a394d548d.roa
Signing time: Wed 30 Jul 2025 20:07:14 +0000
ROA not before: Wed 30 Jul 2025 20:07:14 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:1d:03:25:9d:b5:af:02:cf:df:2f:bf:44:72:fc:01:c5:ce:44:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:07:14 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=2aa96fa2db6f119956e08d68057a6bc13b561d33b442280b7f27b29d7c8d2e76, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f5:ce:6c:74:38:22:f0:5a:35:24:37:a6:81:
1e:e8:e5:f3:66:a9:25:25:8c:3d:84:8e:c0:7a:97:
5e:38:b4:c0:3e:24:f1:ff:7a:20:4a:ac:a5:fa:81:
ce:fb:24:f7:ce:c8:3e:0b:08:58:34:e2:68:ea:23:
70:df:97:d7:0f:fd:60:17:a0:8c:a0:21:10:d3:51:
89:da:a5:0d:6a:c8:2c:f5:b7:44:92:8a:3a:dc:62:
1e:de:7c:43:b9:56:48:4e:4b:c6:a8:3c:18:1f:71:
a8:52:84:d4:d0:e0:6e:10:fe:41:75:01:74:70:21:
4b:5f:5f:33:8b:2a:1c:6e:4d:57:7f:ec:1f:e2:b4:
75:61:4e:08:28:6e:0d:c8:a9:a4:ff:31:67:38:26:
c4:8d:09:21:88:0c:be:ae:20:07:83:4b:21:e9:35:
c0:4d:1b:53:6b:5e:25:3f:36:19:a2:98:57:b9:75:
07:77:58:d5:df:21:a2:78:a2:d1:2d:63:b5:d3:f0:
c8:ec:45:33:9f:e1:a6:00:6f:d4:68:da:08:34:57:
3d:d0:27:2f:fa:f8:51:cf:c0:b0:b8:80:9a:2e:9d:
c0:a0:4b:0b:96:93:b2:1d:50:7a:05:17:2e:70:94:
8b:db:aa:6e:6b:6b:cc:e4:f7:f6:2b:dd:f3:e5:18:
38:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:BB:8B:32:6E:EE:5C:FF:78:61:50:22:84:FE:A2:75:EA:79:AE:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/012c9415-fd75-453f-91b6-b57a394d548d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:6000::/40
Signature Algorithm: sha256WithRSAEncryption
40:a6:3b:39:92:7c:78:91:05:35:8c:21:b7:dc:52:32:15:2e:
38:e1:06:d5:f7:51:ae:8f:03:67:78:e9:c8:56:f5:a3:92:9d:
bd:cc:65:00:14:2a:3c:59:fe:a4:9f:06:82:5f:f4:5f:47:97:
f8:c7:77:7c:2e:ed:96:65:75:b1:68:b5:01:89:de:08:41:95:
6b:d9:3e:ea:91:b0:79:12:b0:fe:98:a8:52:85:2f:8f:c9:80:
72:bc:a5:0d:f9:05:4f:3f:de:cd:7e:44:f8:76:ea:44:74:c7:
36:b3:c6:67:de:bc:3c:fc:2f:de:a2:80:30:6d:3e:d3:f4:da:
20:2d:10:11:ad:a8:3e:a1:4b:d2:02:ca:5c:06:e3:37:1c:1d:
46:37:10:3e:09:96:5f:93:65:73:9e:85:a6:ec:29:dc:b3:26:
79:45:f7:4b:4c:2f:79:60:7f:27:58:68:1f:22:26:2d:9b:04:
00:a1:78:e2:2d:52:92:ef:2f:fe:a0:f2:14:66:26:e8:dd:5c:
c2:13:f7:f3:1a:11:e3:3f:d9:9a:7c:00:3c:c5:0f:a7:f1:4f:
22:77:2d:22:ff:50:85:4b:e4:b9:81:25:26:0b:b5:e0:02:36:
1d:f3:e1:2b:ad:29:6f:4f:c7:ff:2e:f3:d6:89:7c:a2:fe:46:
61:0b:28:b1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDh0DJZ21rwLP3y+/RHL8AcXORNowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MzAyMDA3MTRaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhYTk2ZmEyZGI2ZjExOTk1NmUwOGQ2ODA1N2E2YmMxM2I1NjFkMzNiNDQy
MjgwYjdmMjdiMjlkN2M4ZDJlNzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALz1zmx0OCLwWjUkN6aBHujl82apJSWMPYSOwHqXXji0wD4k8f96IEqspfqB
zvsk987IPgsIWDTiaOojcN+X1w/9YBegjKAhENNRidqlDWrILPW3RJKKOtxiHt58
Q7lWSE5Lxqg8GB9xqFKE1NDgbhD+QXUBdHAhS19fM4sqHG5NV3/sH+K0dWFOCChu
DcippP8xZzgmxI0JIYgMvq4gB4NLIek1wE0bU2teJT82GaKYV7l1B3dY1d8honii
0S1jtdPwyOxFM5/hpgBv1GjaCDRXPdAnL/r4Uc/AsLiAmi6dwKBLC5aTsh1QegUX
LnCUi9uqbmtrzOT39ivd8+UYOOMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRbu4sy
bu5c/3hhUCKE/qJ16nmuzjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDEyYzk0MTUtZmQ3NS00NTNmLTkxYjYtYjU3YTM5NGQ1NDhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVg
MA0GCSqGSIb3DQEBCwUAA4IBAQBApjs5knx4kQU1jCG33FIyFS444QbV91GujwNn
eOnIVvWjkp29zGUAFCo8Wf6knwaCX/RfR5f4x3d8Lu2WZXWxaLUBid4IQZVr2T7q
kbB5ErD+mKhShS+PyYByvKUN+QVPP97NfkT4dupEdMc2s8Zn3rw8/C/eooAwbT7T
9NogLRARrag+oUvSAspcBuM3HB1GNxA+CZZfk2VznoWm7CncsyZ5RfdLTC95YH8n
WGgfIiYtmwQAoXjiLVKS7y/+oPIUZibo3VzCE/fzGhHjP9mafAA8xQ+n8U8idy0i
/1CFS+S5gSUmC7XgAjYd8+ErrSlvT8f/LvPWiXyi/kZhCyix
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:13 2025 by rpki-client