Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
File: 595250c3-e9f2-4e23-9779-87c47497f520.roa (raw, json)
Hash identifier: xA+NKPneoROBeg4+HX9ousxsD5gFgE8SFJ3p7yZoKMs=
Subject key identifier: 7F:E3:F5:67:1D:F7:5A:80:A2:46:2A:6E:8B:36:C3:AF:C2:D6:D3:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52E312DEB132CC31FB9DEB3C323D648A22BE92AB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
Signing time: Fri 11 Jul 2025 20:11:45 +0000
ROA not before: Fri 11 Jul 2025 20:11:45 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:e3:12:de:b1:32:cc:31:fb:9d:eb:3c:32:3d:64:8a:22:be:92:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:11:45 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=40a3374240faaed662e94e56b74fa558a3362aa09fe1b747c05bf0f168fdcac6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:73:45:59:56:e4:c6:cd:9a:59:f4:95:c4:79:
53:a8:3c:fc:76:e4:11:56:f0:14:50:06:34:6e:34:
69:e7:e9:bb:00:22:e3:4e:8c:2c:27:5b:28:7e:9d:
ed:bd:d1:b8:eb:af:4e:90:41:74:46:95:2d:3a:46:
2d:74:39:d6:ab:d4:6d:ef:8b:77:da:47:c1:5f:95:
fc:1d:16:3d:66:18:fb:36:31:59:df:82:0a:02:55:
10:b8:aa:42:e6:f3:22:72:83:7e:b9:7a:3d:7a:b2:
9c:13:d4:9a:2a:e3:e7:90:d2:56:27:b9:a2:af:09:
1f:c5:b3:21:d4:c8:91:be:bf:96:7f:a9:03:21:25:
15:4b:ed:a2:6f:7a:9a:67:68:69:64:8a:ec:5d:b2:
21:79:5c:98:a9:4f:f3:c9:fd:20:69:8d:6b:61:e3:
fa:ff:fa:ea:f6:d5:db:cb:5c:ca:b4:11:6e:51:5b:
a0:c7:29:c3:fa:71:c6:04:39:7d:44:29:1d:46:8d:
5b:b1:c1:0c:35:4a:3b:6c:53:79:76:a5:29:e1:40:
e0:9d:2a:b9:89:11:e1:a9:1a:f0:19:11:fa:a6:65:
cd:0f:e3:6a:1a:f8:0f:8a:0b:9a:3f:aa:72:4d:7b:
3f:d6:e8:06:97:8b:9c:c9:9c:ff:86:64:d3:2c:42:
a4:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:E3:F5:67:1D:F7:5A:80:A2:46:2A:6E:8B:36:C3:AF:C2:D6:D3:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:5000::/40
Signature Algorithm: sha256WithRSAEncryption
bb:19:57:14:b4:7e:be:11:b3:a8:38:e8:18:b5:4e:84:bf:0e:
36:1b:bd:cb:82:55:11:8b:f9:db:1f:81:b1:38:14:ef:84:4c:
67:8f:a5:c4:52:3f:d9:88:9d:03:91:af:0a:0e:90:a1:4e:40:
eb:d8:ff:49:94:75:22:7c:ff:87:82:2f:75:49:58:35:2c:ed:
ac:cb:ed:5e:10:e0:a5:be:39:02:36:a6:c7:69:a8:ef:2a:cb:
d8:b2:ee:6d:50:29:91:0e:26:4f:65:24:32:79:af:41:22:13:
c3:5f:db:ca:d3:3c:fa:57:4a:8e:22:26:2c:2d:f9:db:38:a1:
af:c5:15:bd:98:2c:bc:bc:67:01:25:14:07:0f:28:25:ef:9d:
c3:26:25:28:67:d8:77:5f:31:ce:84:ee:4e:74:f1:fc:3d:52:
87:f0:2f:51:66:34:79:4f:82:33:b4:42:ef:e5:6f:c3:0e:ba:
7b:31:43:a6:50:02:c3:18:01:0b:77:5e:d2:cb:26:7a:a1:b1:
69:d1:48:71:b8:b3:18:f1:cb:b5:6f:15:a2:0c:73:c4:79:3b:
f2:c7:6f:a1:d1:09:c1:d1:f3:9f:0e:e5:15:7f:bc:b0:70:04:
7a:06:e4:4c:58:35:ba:38:79:37:0b:bf:c6:c9:bf:b5:d2:3d:
98:bd:d7:2e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUuMS3rEyzDH7nes8Mj1kiiK+kqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDExNDVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwYTMzNzQyNDBmYWFlZDY2MmU5NGU1NmI3NGZhNTU4YTMzNjJhYTA5ZmUx
Yjc0N2MwNWJmMGYxNjhmZGNhYzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVzRVlW5MbNmln0lcR5U6g8/HbkEVbwFFAGNG40aefpuwAi406MLCdbKH6d
7b3RuOuvTpBBdEaVLTpGLXQ51qvUbe+Ld9pHwV+V/B0WPWYY+zYxWd+CCgJVELiq
QubzInKDfrl6PXqynBPUmirj55DSVie5oq8JH8WzIdTIkb6/ln+pAyElFUvtom96
mmdoaWSK7F2yIXlcmKlP88n9IGmNa2Hj+v/66vbV28tcyrQRblFboMcpw/pxxgQ5
fUQpHUaNW7HBDDVKO2xTeXalKeFA4J0quYkR4aka8BkR+qZlzQ/jahr4D4oLmj+q
ck17P9boBpeLnMmc/4Zk0yxCpJcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR/4/Vn
HfdagKJGKm6LNsOvwtbTgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTk1MjUwYzMtZTlmMi00ZTIzLTk3NzktODdjNDc0OTdmNTIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC7GVcUtH6+EbOoOOgYtU6Evw42G73LglURi/nb
H4GxOBTvhExnj6XEUj/ZiJ0Dka8KDpChTkDr2P9JlHUifP+Hgi91SVg1LO2sy+1e
EOClvjkCNqbHaajvKsvYsu5tUCmRDiZPZSQyea9BIhPDX9vK0zz6V0qOIiYsLfnb
OKGvxRW9mCy8vGcBJRQHDygl753DJiUoZ9h3XzHOhO5OdPH8PVKH8C9RZjR5T4Iz
tELv5W/DDrp7MUOmUALDGAELd17SyyZ6obFp0UhxuLMY8cu1bxWiDHPEeTvyx2+h
0QnB0fOfDuUVf7ywcAR6BuRMWDW6OHk3C7/Gyb+10j2Yvdcu
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:52 2025 by rpki-client