Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
File: 28181159-5695-4944-b901-f84b836b4d8f.roa (raw, json)
Hash identifier: Zvp0rrJ4E40CKDvDLuAXN3JU2rL/c9fqUYjqgCUAiyg=
Subject key identifier: 5D:27:9F:36:C2:9C:59:6E:18:DA:6D:07:48:C7:1D:CC:65:A1:54:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C2E2640782972B8057D9DBEABA8DC8805E2D022
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
Signing time: Tue 29 Jul 2025 18:30:06 +0000
ROA not before: Tue 29 Jul 2025 18:30:06 +0000
ROA not after: Tue 02 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:2e:26:40:78:29:72:b8:05:7d:9d:be:ab:a8:dc:88:05:e2:d0:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 29 18:30:06 2025 GMT
Not After : Sep 2 23:59:59 2025 GMT
Subject: serialNumber=25d47c1535acd4f7eb0ded7004ff80e03aa8cb02c677002af586438b5ababafe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8f:79:4e:f2:5f:68:54:96:0a:b0:96:16:00:
b4:57:79:0d:e4:0c:a7:bb:3d:08:32:72:5e:01:f6:
ab:3b:f8:86:07:ae:1c:86:23:6b:8a:bc:01:db:aa:
3b:06:a6:2f:7a:1e:fd:d5:b1:ad:d9:c9:2e:0c:c3:
0e:31:58:43:0d:37:4f:bb:78:08:b1:e9:e4:a9:df:
e9:45:03:63:63:d6:67:4c:d0:fa:97:22:9e:a3:d2:
c2:8f:d5:bb:11:af:a0:1a:de:01:23:ef:77:aa:ea:
66:61:61:1f:94:bf:a9:7b:87:4b:98:9d:db:2a:23:
0a:34:ae:a4:07:9b:e9:5a:e9:6c:d7:5e:74:52:39:
28:85:35:93:af:c5:a1:c6:bd:78:c6:1c:6c:3b:22:
02:cc:aa:8f:1b:00:21:b1:83:e6:50:e3:7a:2c:b6:
6c:36:55:6e:e6:a9:0a:3f:ab:ef:99:86:df:23:4f:
0f:ba:38:32:08:85:26:5e:c2:e8:7e:52:e1:b7:5b:
63:e2:db:7e:d1:e0:a8:90:c4:72:92:3b:d8:de:a2:
12:17:91:f0:bb:e7:17:cf:3c:b3:56:a2:2c:cb:0f:
74:94:5e:cc:a7:a2:bc:f2:f1:d2:a6:ff:bd:64:91:
64:82:2c:58:98:7a:c3:1f:d5:da:2c:77:d1:95:03:
56:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:27:9F:36:C2:9C:59:6E:18:DA:6D:07:48:C7:1D:CC:65:A1:54:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28181159-5695-4944-b901-f84b836b4d8f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:9000::/40
Signature Algorithm: sha256WithRSAEncryption
c6:2a:cd:14:cf:67:9a:45:db:59:fc:e6:f1:a8:48:ec:4c:3e:
fb:a4:39:07:26:68:18:36:f1:52:36:b2:7b:a3:28:58:a4:1b:
1e:11:d9:0c:13:cc:45:c2:af:e0:5b:6e:13:8e:ec:b5:a1:26:
42:c6:a9:c7:d5:07:f5:61:86:2c:79:51:98:ad:f1:14:cd:92:
2d:2f:9a:ed:b3:1e:fc:87:63:49:92:42:c6:c4:06:48:72:22:
91:30:2c:4e:5c:19:c8:85:b6:c4:12:1e:bb:1b:39:64:30:0b:
00:77:2c:03:aa:8b:02:4f:38:69:90:91:2e:5f:ba:0e:92:5d:
68:cf:bf:82:6f:fc:e3:0b:d3:3c:a0:2c:09:c1:b8:f9:d2:34:
7b:fb:cb:25:8f:60:ac:ad:c4:51:d8:17:31:73:c4:95:86:d8:
63:79:0a:7d:b2:44:49:83:85:7b:53:95:07:61:f1:9f:fc:47:
24:e4:7c:a2:68:1b:94:14:3d:8c:03:fe:22:52:45:c7:f6:2c:
a4:01:36:fb:ab:fa:06:ac:40:65:9b:86:78:22:fa:bd:e0:b7:
1b:b3:9c:af:51:70:ef:69:ad:67:45:61:26:9a:83:c6:5f:46:
48:5e:89:19:ea:8b:66:93:f8:be:01:d3:e9:f1:4a:81:0d:7e:
2c:17:34:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXC4mQHgpcrgFfZ2+q6jciAXi0CIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjkxODMwMDZaFw0yNTA5MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1ZDQ3YzE1MzVhY2Q0ZjdlYjBkZWQ3MDA0ZmY4MGUwM2FhOGNiMDJjNjc3
MDAyYWY1ODY0MzhiNWFiYWJhZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCPeU7yX2hUlgqwlhYAtFd5DeQMp7s9CDJyXgH2qzv4hgeuHIYja4q8Aduq
OwamL3oe/dWxrdnJLgzDDjFYQw03T7t4CLHp5Knf6UUDY2PWZ0zQ+pcinqPSwo/V
uxGvoBreASPvd6rqZmFhH5S/qXuHS5id2yojCjSupAeb6VrpbNdedFI5KIU1k6/F
oca9eMYcbDsiAsyqjxsAIbGD5lDjeiy2bDZVbuapCj+r75mG3yNPD7o4MgiFJl7C
6H5S4bdbY+LbftHgqJDEcpI72N6iEheR8LvnF888s1aiLMsPdJRezKeivPLx0qb/
vWSRZIIsWJh6wx/V2ix30ZUDVrcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRdJ582
wpxZbhjabQdIxx3MZaFU0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjgxODExNTktNTY5NS00OTQ0LWI5MDEtZjg0YjgzNmI0ZDhmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDGKs0Uz2eaRdtZ/ObxqEjsTD77pDkHJmgYNvFS
NrJ7oyhYpBseEdkME8xFwq/gW24Tjuy1oSZCxqnH1Qf1YYYseVGYrfEUzZItL5rt
sx78h2NJkkLGxAZIciKRMCxOXBnIhbbEEh67GzlkMAsAdywDqosCTzhpkJEuX7oO
kl1oz7+Cb/zjC9M8oCwJwbj50jR7+8slj2CsrcRR2Bcxc8SVhthjeQp9skRJg4V7
U5UHYfGf/Eck5HyiaBuUFD2MA/4iUkXH9iykATb7q/oGrEBlm4Z4Ivq94Lcbs5yv
UXDvaa1nRWEmmoPGX0ZIXokZ6otmk/i+AdPp8UqBDX4sFzS2
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:01:49 2025 by rpki-client