Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51b3d4ec-2ade-4aaa-b3ce-e1eb7028fdb7.roa
File: 51b3d4ec-2ade-4aaa-b3ce-e1eb7028fdb7.roa (raw, json)
Hash identifier: oNY5q0fgf6ogAqPWab3s5mQFJgndqTXaDDffIJ6HCPM=
Subject key identifier: 42:AE:95:D5:40:44:0D:57:B4:21:BC:7B:41:BF:A9:DE:0A:BC:27:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 503F67D0C9EC9C0E66A64E3DE4933BE1814FCD98
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51b3d4ec-2ade-4aaa-b3ce-e1eb7028fdb7.roa
Signing time: Wed 30 Jul 2025 20:07:24 +0000
ROA not before: Wed 30 Jul 2025 20:07:24 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:3f:67:d0:c9:ec:9c:0e:66:a6:4e:3d:e4:93:3b:e1:81:4f:cd:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:07:24 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=ee75101f3e79cc67d0956ae74ca85270c3c232e742f816fbc2c229892c99dee8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8d:53:b0:42:f1:fe:5e:96:9f:ec:af:8a:05:
83:2d:7e:c8:e4:2d:1a:0b:23:42:12:bd:34:f9:9a:
f5:fb:4d:0a:13:10:2f:62:e4:bb:09:cd:bb:5a:a1:
f1:8b:10:2a:dc:8d:a7:3a:b9:d1:40:c6:06:7e:6a:
71:d0:6f:d1:d2:68:5a:1e:67:91:41:5e:95:4d:70:
43:98:c7:3b:7a:bd:c0:c1:3b:a4:11:c5:96:97:c2:
00:97:f1:10:1d:79:f8:d3:ee:76:a6:ea:f3:d2:c7:
c9:23:85:0d:75:8e:97:a0:d3:04:1d:98:87:9c:55:
57:e3:eb:e8:fc:bb:6e:79:97:60:ee:25:ca:24:76:
5e:16:e8:77:03:f3:14:36:23:5c:ef:7a:c0:74:76:
24:20:87:e1:ea:05:fa:ff:a9:ad:cc:a2:d0:82:d8:
21:d8:d5:9e:a2:15:b6:b1:c3:41:50:08:95:8c:90:
d1:77:de:e7:30:94:12:f5:05:c0:8d:ed:fa:ff:3c:
f8:31:bc:48:d5:84:c6:fc:a8:2c:63:e0:99:ac:f6:
31:21:c2:39:49:2f:09:8e:ab:58:91:25:d2:4d:64:
7f:d9:03:ea:1b:6e:55:2c:46:6b:45:39:38:dc:f7:
e3:61:15:9d:4f:36:57:4a:16:ef:4c:70:d6:23:77:
0b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:AE:95:D5:40:44:0D:57:B4:21:BC:7B:41:BF:A9:DE:0A:BC:27:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51b3d4ec-2ade-4aaa-b3ce-e1eb7028fdb7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:2000::/40
Signature Algorithm: sha256WithRSAEncryption
54:d0:6c:f6:6a:ea:bd:24:e8:db:62:e9:98:f8:4e:ef:57:11:
2d:df:98:98:d9:23:9a:ae:f6:86:72:8f:01:0b:fd:42:99:5a:
03:5d:d5:bb:43:a3:84:9a:23:0e:a2:a6:6b:83:e8:ef:9a:c1:
43:3e:62:b1:c8:28:6d:26:e4:de:3d:46:42:1b:0e:5b:21:6b:
5e:10:5a:36:03:85:61:0f:39:5f:d5:aa:07:29:f4:e8:37:f7:
ff:fb:f8:7b:16:0b:a4:1f:c4:bb:7f:af:c6:db:16:14:ac:b5:
05:14:66:a2:31:58:bd:71:1c:20:58:ee:49:d5:7d:53:70:a5:
80:2f:ae:6c:7a:3b:b0:16:08:d9:27:3b:ab:82:36:c9:3c:d7:
c1:f1:ab:ce:85:32:32:05:60:47:4f:b1:62:e8:2b:92:b8:1b:
77:b8:2e:49:d0:ac:60:ae:11:75:8a:a7:a0:59:0a:77:83:a3:
00:25:4c:26:5a:6a:04:45:cc:32:1b:f1:79:02:db:43:1c:56:
58:07:3e:ea:fe:81:06:f1:62:67:85:19:f6:dc:ab:69:b3:d1:
fa:5d:80:5c:13:90:c4:bd:8e:9a:58:1e:14:12:6a:a1:f7:6c:
45:d7:fe:ef:af:1d:15:31:14:59:f6:6d:a7:bd:3d:0b:86:6a:
8d:ba:30:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUD9n0MnsnA5mpk495JM74YFPzZgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MzAyMDA3MjRaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlNzUxMDFmM2U3OWNjNjdkMDk1NmFlNzRjYTg1MjcwYzNjMjMyZTc0MmY4
MTZmYmMyYzIyOTg5MmM5OWRlZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANuNU7BC8f5elp/sr4oFgy1+yOQtGgsjQhK9NPma9ftNChMQL2LkuwnNu1qh
8YsQKtyNpzq50UDGBn5qcdBv0dJoWh5nkUFelU1wQ5jHO3q9wME7pBHFlpfCAJfx
EB15+NPudqbq89LHySOFDXWOl6DTBB2Yh5xVV+Pr6Py7bnmXYO4lyiR2XhbodwPz
FDYjXO96wHR2JCCH4eoF+v+prcyi0ILYIdjVnqIVtrHDQVAIlYyQ0Xfe5zCUEvUF
wI3t+v88+DG8SNWExvyoLGPgmaz2MSHCOUkvCY6rWJEl0k1kf9kD6htuVSxGa0U5
ONz342EVnU82V0oW70xw1iN3C5cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRCrpXV
QEQNV7QhvHtBv6neCrwnoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTFiM2Q0ZWMtMmFkZS00YWFhLWIzY2UtZTFlYjcwMjhmZGI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hsg
MA0GCSqGSIb3DQEBCwUAA4IBAQBU0Gz2auq9JOjbYumY+E7vVxEt35iY2SOarvaG
co8BC/1CmVoDXdW7Q6OEmiMOoqZrg+jvmsFDPmKxyChtJuTePUZCGw5bIWteEFo2
A4VhDzlf1aoHKfToN/f/+/h7FgukH8S7f6/G2xYUrLUFFGaiMVi9cRwgWO5J1X1T
cKWAL65sejuwFgjZJzurgjbJPNfB8avOhTIyBWBHT7Fi6CuSuBt3uC5J0KxgrhF1
iqegWQp3g6MAJUwmWmoERcwyG/F5AttDHFZYBz7q/oEG8WJnhRn23Ktps9H6XYBc
E5DEvY6aWB4UEmqh92xF1/7vrx0VMRRZ9m2nvT0LhmqNujCR
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:57:44 2025 by rpki-client