Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa
File: 5b65b415-a397-41d3-99dc-207c8689d0ee.roa (raw, json)
Hash identifier: 0oGTHwrSvSYct8X59x+fqSk01/8L5FNbsymXiAwwE1A=
Subject key identifier: AA:1B:4F:78:B9:A0:FF:22:FA:53:75:74:7D:7D:37:4A:1B:A5:59:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B5C8530CB441A5F1EA4EA2BD6FE975F34EC63C7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa
Signing time: Mon 28 Jul 2025 16:11:00 +0000
ROA not before: Mon 28 Jul 2025 16:11:00 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:5c:85:30:cb:44:1a:5f:1e:a4:ea:2b:d6:fe:97:5f:34:ec:63:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:11:00 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=2733222a75ee31af688569f28547b7efb48054e48d900be6ae56f5ee80b67957, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:13:77:51:33:ac:07:80:06:0f:47:90:46:52:
64:7a:79:c2:32:9c:a1:9e:2b:8e:9c:19:3f:1d:ea:
98:e5:06:65:45:4f:4c:1c:27:fc:54:a0:21:11:4c:
7d:7b:19:40:3b:8c:cc:44:32:bd:d2:09:11:5b:6b:
29:b5:3f:6d:ff:c7:53:6a:32:79:9d:da:23:59:60:
5f:d8:66:25:99:95:df:5c:cd:9b:d8:9e:4e:7e:e1:
4b:17:cd:dd:02:64:c3:f3:8b:c2:bb:3a:fe:5a:c7:
40:0b:39:a8:af:b5:72:02:7d:23:a0:04:72:fd:8e:
4a:84:40:b9:bf:a4:23:95:01:62:f7:6a:d2:ba:d3:
06:c4:69:82:a0:df:d7:18:8c:f5:8b:25:33:32:43:
ce:5c:97:2d:78:b3:00:ca:51:ac:5d:9f:2b:7f:ac:
7e:00:47:b0:d3:39:aa:d3:e1:87:d3:21:56:73:f8:
31:7a:78:63:b2:bc:fb:5e:48:a8:8d:85:87:2b:4d:
41:5a:36:d5:3a:c7:1d:b0:63:08:1a:54:c3:6b:87:
f2:f8:05:1a:fc:91:4f:22:c9:a7:31:30:3f:c9:f6:
69:c6:ae:38:91:d7:1d:e7:dd:23:0e:d9:0c:1f:ae:
b9:79:4e:25:a2:88:b0:43:cd:2d:ad:54:35:99:df:
15:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1B:4F:78:B9:A0:FF:22:FA:53:75:74:7D:7D:37:4A:1B:A5:59:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:6000::/40
Signature Algorithm: sha256WithRSAEncryption
3d:7a:8e:71:d6:ea:fb:37:a5:d6:fd:ba:18:d3:e5:66:f7:97:
83:69:c3:66:ca:f3:44:f3:71:29:b5:e5:dd:3d:17:50:33:8c:
0b:48:aa:3d:af:da:6f:98:93:d4:7b:9f:e7:e1:fa:d7:f7:6b:
36:11:41:df:8e:45:9f:aa:b2:45:64:85:65:a4:e2:ba:80:86:
dc:73:4d:33:f6:08:1b:a3:0e:11:be:0c:dd:2c:2e:09:72:81:
79:c6:0c:7d:31:d9:1b:ad:e5:48:88:f7:06:e1:df:db:e7:44:
02:04:c4:70:b1:55:d3:23:69:13:c1:f6:ad:24:db:b9:98:c4:
55:1f:e5:96:56:16:06:1c:5c:05:15:71:df:2b:c1:41:72:08:
b1:75:c1:1f:24:9c:76:a7:df:55:12:27:07:4c:3f:bd:8a:32:
2c:1a:31:6b:38:a1:24:07:4d:df:c2:56:95:2d:6a:30:23:38:
33:ca:c8:f4:2b:72:85:84:c6:ed:62:4d:c5:a1:b8:64:15:cf:
b7:96:4d:61:03:4f:d0:fe:52:9c:54:9b:da:99:e4:c2:bc:6b:
09:61:20:5c:0f:1b:49:c7:71:c7:ff:e7:ed:b9:28:ac:86:b2:
04:58:5d:00:d4:22:a0:70:73:30:d1:4d:75:a8:01:1f:30:6d:
82:26:27:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW1yFMMtEGl8epOor1v6XXzTsY8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjExMDBaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3MzMyMjJhNzVlZTMxYWY2ODg1NjlmMjg1NDdiN2VmYjQ4MDU0ZTQ4ZDkw
MGJlNmFlNTZmNWVlODBiNjc5NTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMTd1EzrAeABg9HkEZSZHp5wjKcoZ4rjpwZPx3qmOUGZUVPTBwn/FSgIRFM
fXsZQDuMzEQyvdIJEVtrKbU/bf/HU2oyeZ3aI1lgX9hmJZmV31zNm9ieTn7hSxfN
3QJkw/OLwrs6/lrHQAs5qK+1cgJ9I6AEcv2OSoRAub+kI5UBYvdq0rrTBsRpgqDf
1xiM9YslMzJDzlyXLXizAMpRrF2fK3+sfgBHsNM5qtPhh9MhVnP4MXp4Y7K8+15I
qI2FhytNQVo21TrHHbBjCBpUw2uH8vgFGvyRTyLJpzEwP8n2acauOJHXHefdIw7Z
DB+uuXlOJaKIsEPNLa1UNZnfFeMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSqG094
uaD/IvpTdXR9fTdKG6VZejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWI2NWI0MTUtYTM5Ny00MWQzLTk5ZGMtMjA3Yzg2ODlkMGVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZg
MA0GCSqGSIb3DQEBCwUAA4IBAQA9eo5x1ur7N6XW/boY0+Vm95eDacNmyvNE83Ep
teXdPRdQM4wLSKo9r9pvmJPUe5/n4frX92s2EUHfjkWfqrJFZIVlpOK6gIbcc00z
9ggbow4RvgzdLC4JcoF5xgx9MdkbreVIiPcG4d/b50QCBMRwsVXTI2kTwfatJNu5
mMRVH+WWVhYGHFwFFXHfK8FBcgixdcEfJJx2p99VEicHTD+9ijIsGjFrOKEkB03f
wlaVLWowIzgzysj0K3KFhMbtYk3FobhkFc+3lk1hA0/Q/lKcVJvameTCvGsJYSBc
DxtJx3HH/+ftuSishrIEWF0A1CKgcHMw0U11qAEfMG2CJifQ
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:30 2025 by rpki-client