Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
File: 541034be-1844-4bf7-9c43-91bf5b83fa3d.roa (raw, json)
Hash identifier: o19Uq/04UOh2hBnl6Q5FNNGCg9XaPgQbkG9v6+RQqjQ=
Subject key identifier: 90:1E:8B:58:3C:2B:6F:C2:4F:7C:32:77:72:EE:3A:7C:B1:2D:8B:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C13A7C5DB97FCC144FFD1AA9F4A23B1AF7DB044
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
Signing time: Mon 28 Jul 2025 16:11:16 +0000
ROA not before: Mon 28 Jul 2025 16:11:16 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:13:a7:c5:db:97:fc:c1:44:ff:d1:aa:9f:4a:23:b1:af:7d:b0:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:11:16 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=828b07483a9337bd1a9132fad05070efef9e80634d821de706369cf9f25f7c84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:66:d1:7b:6b:6d:e6:90:28:4f:c1:36:37:7c:
5d:3d:f6:0d:3d:fe:f4:cb:e9:f9:8c:d9:28:c8:c3:
9f:3a:89:14:39:8c:f0:33:9f:9b:b3:91:d7:e7:f4:
cf:02:49:32:ae:73:04:ad:67:23:4f:03:13:4a:2f:
b1:99:f8:6e:9f:83:94:0f:af:de:54:dc:be:4e:36:
eb:59:6e:91:78:52:f1:22:f5:4e:78:cd:5a:72:7f:
4b:a7:a8:6e:c3:9f:5c:49:dc:1b:6d:d1:2d:05:85:
65:34:b8:a6:43:f1:cd:a4:db:09:d3:46:5c:e8:b9:
9a:90:db:61:94:d7:5d:03:1b:9c:ef:8b:78:c1:32:
b2:e7:af:4d:d7:30:f5:67:68:6f:fc:28:16:31:53:
45:21:42:97:6b:30:5e:ed:97:53:a0:97:d7:1a:d7:
2d:0a:35:6a:87:ac:46:16:75:f6:ca:c3:7c:13:1f:
53:02:d9:25:ca:2a:ae:30:06:bc:f7:f8:b8:9e:a1:
79:0b:e0:12:6f:97:87:e0:6b:6f:c8:b5:50:89:45:
42:15:bb:70:77:96:93:8b:b1:18:fc:68:e3:74:c3:
f3:0f:ff:07:3f:c4:c2:18:1f:fb:7b:4f:d9:86:98:
8f:78:e0:94:bb:36:56:ae:4f:52:fb:03:9d:bb:c7:
e5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:1E:8B:58:3C:2B:6F:C2:4F:7C:32:77:72:EE:3A:7C:B1:2D:8B:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:8000::/40
Signature Algorithm: sha256WithRSAEncryption
a5:bd:78:96:0a:2e:70:3a:f4:9f:a9:9b:e1:5f:aa:3d:51:50:
48:de:38:b2:69:07:de:1a:8d:f4:3c:f7:2e:56:1c:75:f9:26:
fd:eb:98:ad:6f:64:d3:fa:b2:e8:0b:9b:f2:86:fd:cc:18:30:
74:d5:81:a4:d2:e3:f9:d8:f5:73:36:f0:6a:5e:1a:34:a9:ab:
f0:2f:1a:d1:4a:9c:f2:ed:83:b7:3d:3b:6c:3e:24:7c:47:6b:
89:a1:97:f5:33:bc:25:6a:1b:94:99:f8:f1:16:4d:05:e4:a3:
b7:f1:b3:81:77:f2:45:3d:c0:5a:7a:e3:b2:72:ed:01:d3:4d:
62:34:f1:9d:af:2d:7b:d1:24:16:6e:0f:3e:ad:fd:bf:83:e2:
64:6c:28:9a:5b:52:1a:6a:1b:c1:6f:e8:4b:b2:15:17:f8:1a:
f6:21:88:be:d0:c2:6e:f3:76:87:38:f7:af:d3:f8:12:ae:77:
d5:c1:07:50:14:b4:8a:7c:5b:ef:73:00:80:95:ae:8d:94:af:
b1:fd:2e:f5:7d:c5:1d:73:9d:2f:af:e5:50:96:a1:06:23:bf:
93:3e:03:eb:e6:f6:0d:d6:55:b4:28:d6:9e:b9:91:fb:d6:92:
eb:df:87:2a:4c:18:9b:ba:54:34:e3:84:0c:0c:16:8a:06:8b:
50:b0:5d:38
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHBOnxduX/MFE/9Gqn0ojsa99sEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjExMTZaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyOGIwNzQ4M2E5MzM3YmQxYTkxMzJmYWQwNTA3MGVmZWY5ZTgwNjM0ZDgy
MWRlNzA2MzY5Y2Y5ZjI1ZjdjODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO5m0XtrbeaQKE/BNjd8XT32DT3+9Mvp+YzZKMjDnzqJFDmM8DOfm7OR1+f0
zwJJMq5zBK1nI08DE0ovsZn4bp+DlA+v3lTcvk4261lukXhS8SL1TnjNWnJ/S6eo
bsOfXEncG23RLQWFZTS4pkPxzaTbCdNGXOi5mpDbYZTXXQMbnO+LeMEysuevTdcw
9Wdob/woFjFTRSFCl2swXu2XU6CX1xrXLQo1aoesRhZ19srDfBMfUwLZJcoqrjAG
vPf4uJ6heQvgEm+Xh+Brb8i1UIlFQhW7cHeWk4uxGPxo43TD8w//Bz/Ewhgf+3tP
2YaYj3jglLs2Vq5PUvsDnbvH5RcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSQHotY
PCtvwk98Mndy7jp8sS2LpjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQxMDM0YmUtMTg0NC00YmY3LTljNDMtOTFiZjViODNmYTNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HaA
MA0GCSqGSIb3DQEBCwUAA4IBAQClvXiWCi5wOvSfqZvhX6o9UVBI3jiyaQfeGo30
PPcuVhx1+Sb965itb2TT+rLoC5vyhv3MGDB01YGk0uP52PVzNvBqXho0qavwLxrR
Spzy7YO3PTtsPiR8R2uJoZf1M7wlahuUmfjxFk0F5KO38bOBd/JFPcBaeuOycu0B
001iNPGdry170SQWbg8+rf2/g+JkbCiaW1IaahvBb+hLshUX+Br2IYi+0MJu83aH
OPev0/gSrnfVwQdQFLSKfFvvcwCAla6NlK+x/S71fcUdc50vr+VQlqEGI7+TPgPr
5vYN1lW0KNaeuZH71pLr34cqTBibulQ044QMDBaKBotQsF04
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:15 2025 by rpki-client