Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
File: 3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa (raw, json)
Hash identifier: xyEVydFyBEFYlby7kuNCqaAAYE2J9bKK/Rd6yyXJd1o=
Subject key identifier: 8E:B3:B5:B2:6D:D4:E0:6F:41:B4:A9:EC:61:0B:E4:5D:82:76:AB:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 320B0F95BA831E5AD6C25A8ABF191332CBE9E46F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
Signing time: Fri 01 Aug 2025 17:20:09 +0000
ROA not before: Fri 01 Aug 2025 17:20:09 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d020::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:0b:0f:95:ba:83:1e:5a:d6:c2:5a:8a:bf:19:13:32:cb:e9:e4:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:20:09 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=adb6ea02453dd188ca5745f2201d97cc18fdb19cf9ff5ab9015d1edc975a2a19, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:69:70:ea:dd:a6:70:98:9f:61:83:fa:c6:c7:
ff:1d:9b:5e:4c:98:6a:90:a6:c6:ad:ae:5b:41:37:
bb:6a:8e:79:fd:e8:ee:9b:19:95:ab:d5:68:dc:1c:
ad:f5:27:fc:32:19:85:4e:c3:0b:25:e6:4d:69:c2:
47:8a:38:97:4d:dc:5b:34:5d:c4:ce:d6:d9:ba:3e:
0f:60:8b:d8:34:15:f6:60:7c:57:27:b7:a4:24:90:
41:f3:1f:1e:96:90:61:cb:f9:0a:37:5b:c6:2f:2f:
1e:15:68:62:2c:ca:02:32:f0:f1:7b:22:8d:59:30:
f4:cb:6e:e7:27:c2:96:83:be:ab:af:4a:e9:f7:94:
bf:77:3e:b7:55:36:2c:0b:7d:ae:92:09:39:b7:98:
94:f3:21:94:da:c3:2a:ff:e9:3b:3c:c2:04:15:a6:
3e:07:74:e0:d2:a1:10:ee:4d:f9:00:b4:3d:67:77:
47:bc:cf:42:5a:b6:3d:a9:b4:ea:30:b0:a7:8f:00:
81:a8:85:1d:96:75:11:53:45:35:48:cf:77:dd:bf:
26:01:34:11:0f:13:e9:8f:5e:13:b0:d2:07:81:da:
f2:56:58:8e:d0:14:03:f9:19:ec:d1:d6:76:a2:31:
8a:d6:46:fd:30:c5:58:05:10:a8:de:e0:07:6e:50:
56:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B3:B5:B2:6D:D4:E0:6F:41:B4:A9:EC:61:0B:E4:5D:82:76:AB:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d020::/28
Signature Algorithm: sha256WithRSAEncryption
b5:e8:a6:3c:e8:c5:7e:68:e9:0e:83:16:ad:8f:10:dc:1a:f2:
b8:b1:35:d5:5a:4d:77:81:40:00:09:b9:1b:6b:28:08:2e:ed:
7f:fc:4e:2d:ae:8e:99:d1:c4:6a:d3:9c:75:db:c5:de:48:38:
45:77:68:66:40:3e:b7:ac:bf:a0:17:d8:b6:2f:d0:06:1f:61:
da:35:d2:27:da:ea:8a:3b:d7:92:cb:61:ef:09:e4:54:a3:4a:
43:5f:96:98:6f:be:92:01:fb:6e:3b:87:1a:fe:91:eb:5c:2c:
e1:d3:2c:c2:73:cb:95:5c:1f:9f:5e:eb:ed:78:5d:e2:2b:42:
e7:2a:27:df:9f:e8:d3:88:af:9f:ac:89:d6:85:5b:7b:88:72:
3a:fa:3d:21:a8:7b:3b:96:9d:94:6c:bf:8c:99:15:15:b8:f4:
2d:e6:08:f0:56:5e:f9:6d:c2:b6:63:97:33:bc:c4:70:04:c3:
92:cb:f8:10:ab:2d:04:32:0d:f7:dc:75:9b:0d:fd:d7:f6:ff:
b8:a0:a3:ff:4c:f2:e9:9f:f5:f3:5c:14:0f:b8:ac:83:57:8e:
ee:9b:80:58:26:f6:63:8b:17:e4:0f:08:54:07:85:39:cb:9c:
5d:cb:87:e5:8b:8d:fe:9b:4a:2d:35:ba:63:e0:d3:37:b0:83:
0c:27:f7:41
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUMgsPlbqDHlrWwlqKvxkTMsvp5G8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzIwMDlaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkYjZlYTAyNDUzZGQxODhjYTU3NDVmMjIwMWQ5N2NjMThmZGIxOWNmOWZm
NWFiOTAxNWQxZWRjOTc1YTJhMTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJRpcOrdpnCYn2GD+sbH/x2bXkyYapCmxq2uW0E3u2qOef3o7psZlavVaNwc
rfUn/DIZhU7DCyXmTWnCR4o4l03cWzRdxM7W2bo+D2CL2DQV9mB8Vye3pCSQQfMf
HpaQYcv5Cjdbxi8vHhVoYizKAjLw8XsijVkw9Mtu5yfCloO+q69K6feUv3c+t1U2
LAt9rpIJObeYlPMhlNrDKv/pOzzCBBWmPgd04NKhEO5N+QC0PWd3R7zPQlq2Pam0
6jCwp48AgaiFHZZ1EVNFNUjPd92/JgE0EQ8T6Y9eE7DSB4Ha8lZYjtAUA/kZ7NHW
dqIxitZG/TDFWAUQqN7gB25QVrcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSOs7Wy
bdTgb0G0qexhC+RdgnarHzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzEzNmEzMjItZjlkNC00Yzc3LWI0OGItM2E0YTViMmQzZDU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBCoF0CAw
DQYJKoZIhvcNAQELBQADggEBALXopjzoxX5o6Q6DFq2PENwa8rixNdVaTXeBQAAJ
uRtrKAgu7X/8Ti2ujpnRxGrTnHXbxd5IOEV3aGZAPresv6AX2LYv0AYfYdo10ifa
6oo715LLYe8J5FSjSkNflphvvpIB+247hxr+ketcLOHTLMJzy5VcH59e6+14XeIr
QucqJ9+f6NOIr5+sidaFW3uIcjr6PSGoezuWnZRsv4yZFRW49C3mCPBWXvltwrZj
lzO8xHAEw5LL+BCrLQQyDffcdZsN/df2/7igo/9M8umf9fNcFA+4rINXju6bgFgm
9mOLF+QPCFQHhTnLnF3Lh+WLjf6bSi01umPg0zewgwwn90E=
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:24 2025 by rpki-client