Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa
File: 5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa (raw, json)
Hash identifier: CKPNXXBSBwDOMPFM0ZL8MPmdc/r9B4LSs0oBY5vO998=
Subject key identifier: 6B:41:C5:90:62:FC:14:51:AF:6D:9B:E1:A8:7C:19:AD:2F:1F:AF:66
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E9AD1ABC0EA5257543D27B82A2881EB4F348842
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa
Signing time: Fri 01 Aug 2025 17:10:27 +0000
ROA not before: Fri 01 Aug 2025 17:10:27 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:9a:d1:ab:c0:ea:52:57:54:3d:27:b8:2a:28:81:eb:4f:34:88:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:10:27 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=4d412bcabe5da2c5b4aed40b5d6caf526d87260bd8e185cbe01816abe40e8c90, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:df:03:75:4d:ff:27:56:28:9a:fc:ec:8d:6c:
c7:6c:22:e7:cc:08:64:c1:fe:67:5f:bb:eb:c0:1c:
b8:0c:ea:19:81:d5:2a:eb:76:02:b7:dd:6d:ec:b0:
6d:e8:c9:be:05:6b:f5:96:ea:8a:cb:20:a8:4b:48:
50:3b:31:1a:61:e2:33:a5:b1:14:d6:b1:7c:5b:74:
ad:73:44:dc:59:fb:1e:67:a0:d8:f1:f9:5b:92:3c:
fc:4d:1d:a8:bf:f4:90:f4:f6:d4:09:57:ae:c2:bb:
69:30:d7:6a:a5:e5:c0:b6:aa:cd:61:0a:91:9e:d5:
21:a1:a7:82:38:9a:5e:24:43:a5:84:47:83:dc:83:
46:cf:99:68:4b:b2:46:13:d3:87:a7:c4:40:3d:7d:
bc:62:57:0c:8d:37:35:0c:d2:e0:ed:38:0d:c1:61:
73:58:33:33:fe:34:f5:a2:7e:78:83:24:7b:99:06:
ca:cf:9c:44:6e:21:52:a5:c8:72:c5:b5:58:76:f6:
e1:a6:4c:28:3f:1b:ca:6a:b0:18:55:fd:0b:20:88:
f0:ca:1f:2e:78:7a:18:be:b4:23:0b:e7:34:79:8d:
57:80:71:ec:25:03:31:cd:1c:09:db:cb:54:19:98:
ae:01:e0:22:80:ad:da:21:82:18:eb:c1:a6:8b:b5:
a9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:41:C5:90:62:FC:14:51:AF:6D:9B:E1:A8:7C:19:AD:2F:1F:AF:66
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
c5:13:e6:f1:15:70:bf:16:03:05:c7:06:2c:8b:ce:28:b6:52:
fd:9b:1f:69:70:a3:b5:82:78:e0:83:bb:c0:b7:f4:05:8f:52:
e7:b4:34:ba:45:60:d9:e9:11:c6:04:e8:45:b2:45:c9:9d:19:
18:3e:13:8b:7c:ab:96:71:fc:4a:f9:67:57:ef:91:3e:ce:2f:
f1:14:65:5b:79:1a:3c:9c:2e:f8:3d:17:c4:5b:95:8c:ca:a3:
98:72:b3:73:ef:95:35:1e:bf:73:17:a3:1e:0b:21:e6:cd:37:
7a:2d:6d:0f:6b:56:3e:2a:89:28:48:34:73:97:1f:a1:83:d7:
90:08:76:59:86:33:14:fc:18:db:fd:79:0a:84:0e:0c:29:92:
de:09:02:3f:7d:8a:a7:69:8c:a0:5d:77:a9:d6:8a:fa:c4:ce:
ea:4e:e4:6f:58:b5:a6:d1:0b:b1:7a:81:35:73:8b:16:d1:aa:
09:57:8d:1f:ae:e4:0a:96:92:03:35:4e:42:c8:3b:4f:45:a4:
5b:75:28:e7:27:b7:d4:77:f7:ea:88:b6:29:9b:a8:cc:17:e5:
71:09:b0:4e:f3:08:63:ad:15:cf:b7:0e:7d:f4:5f:8b:c7:31:
df:b4:9a:53:5b:5e:a2:31:33:0b:d4:cc:b9:c2:b1:f2:f4:5c:
fd:77:18:22
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDprRq8DqUldUPSe4KiiB6080iEIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzEwMjdaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkNDEyYmNhYmU1ZGEyYzViNGFlZDQwYjVkNmNhZjUyNmQ4NzI2MGJkOGUx
ODVjYmUwMTgxNmFiZTQwZThjOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnfA3VN/ydWKJr87I1sx2wi58wIZMH+Z1+768AcuAzqGYHVKut2Arfdbeyw
bejJvgVr9ZbqissgqEtIUDsxGmHiM6WxFNaxfFt0rXNE3Fn7Hmeg2PH5W5I8/E0d
qL/0kPT21AlXrsK7aTDXaqXlwLaqzWEKkZ7VIaGngjiaXiRDpYRHg9yDRs+ZaEuy
RhPTh6fEQD19vGJXDI03NQzS4O04DcFhc1gzM/409aJ+eIMke5kGys+cRG4hUqXI
csW1WHb24aZMKD8bymqwGFX9CyCI8MofLnh6GL60IwvnNHmNV4Bx7CUDMc0cCdvL
VBmYrgHgIoCt2iGCGOvBpou1qa8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRrQcWQ
YvwUUa9tm+GofBmtLx+vZjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWEwMjNiYTctNmRiZS00NmFjLWJjNmYtNjIxZWQ2OTQ2YjZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8I
wDANBgkqhkiG9w0BAQsFAAOCAQEAxRPm8RVwvxYDBccGLIvOKLZS/ZsfaXCjtYJ4
4IO7wLf0BY9S57Q0ukVg2ekRxgToRbJFyZ0ZGD4Ti3yrlnH8SvlnV++RPs4v8RRl
W3kaPJwu+D0XxFuVjMqjmHKzc++VNR6/cxejHgsh5s03ei1tD2tWPiqJKEg0c5cf
oYPXkAh2WYYzFPwY2/15CoQODCmS3gkCP32Kp2mMoF13qdaK+sTO6k7kb1i1ptEL
sXqBNXOLFtGqCVeNH67kCpaSAzVOQsg7T0WkW3Uo5ye31Hf36oi2KZuozBflcQmw
TvMIY60Vz7cOffRfi8cx37SaU1teojEzC9TMucKx8vRc/XcYIg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:58:40 2025 by rpki-client