Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
File: 5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa (raw, json)
Hash identifier: sUiDBjctPajFaN8f0L5FfGvA42nsvZgtuELsSJwrRzI=
Subject key identifier: 41:94:6B:D0:35:F3:A2:AB:BA:F1:FF:46:F0:7F:CC:5B:51:EE:76:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1CF3D4E6FA5F079D72939BCF468A54CABCFA5E19
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
Signing time: Fri 01 Aug 2025 17:10:31 +0000
ROA not before: Fri 01 Aug 2025 17:10:31 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:f3:d4:e6:fa:5f:07:9d:72:93:9b:cf:46:8a:54:ca:bc:fa:5e:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:10:31 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=6b288c69349871ae338612090f1f3392a68ac3950d51c1dc731564e15c4c9c3d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f2:be:b3:ee:df:7f:0e:65:53:e6:a2:29:ec:
63:25:2a:1c:5b:8b:de:12:f0:d6:09:38:ae:58:4c:
f7:d8:a5:1a:76:91:fd:66:c9:9c:a5:ab:4c:0f:85:
27:2a:85:b2:c6:d5:40:09:c8:33:1e:7d:a0:06:8a:
30:3d:57:52:86:6d:b3:69:a4:86:b1:35:72:75:92:
a8:6e:f3:b5:e4:9c:1c:7e:28:82:df:d4:2b:47:49:
36:95:c1:8b:9a:bf:64:2e:df:45:d7:3f:a2:17:5a:
29:8e:40:19:25:4d:ed:ce:a1:91:66:b3:f9:c5:0a:
cf:8d:45:9c:a0:f4:e5:d1:1f:83:b5:4a:f7:92:e2:
d4:66:d6:05:17:0a:94:fe:eb:3a:37:8e:36:ed:30:
ff:99:db:10:f6:91:7f:0d:d9:52:f1:6a:e2:5f:82:
fe:22:33:22:f2:25:25:20:bc:ab:ea:cb:ad:38:c9:
6d:a8:c8:db:4b:33:7f:18:74:ca:5f:23:3a:bb:a8:
53:e6:70:89:51:62:2c:67:8e:44:5e:68:92:61:ac:
67:f8:c7:ae:5d:da:4c:2a:17:94:a2:8f:68:aa:eb:
cc:f2:b5:28:80:90:63:8b:df:10:51:48:37:50:47:
88:3a:7a:ef:7d:5f:52:45:8e:29:30:e0:94:e6:1e:
08:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:94:6B:D0:35:F3:A2:AB:BA:F1:FF:46:F0:7F:CC:5B:51:EE:76:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:880::/48
Signature Algorithm: sha256WithRSAEncryption
b2:ac:d8:01:b2:78:e5:fd:a7:56:e9:bb:c7:bf:c3:ed:91:dc:
c2:92:f8:e5:c2:46:11:d8:ba:e5:2a:5a:1f:b3:a2:51:29:78:
2a:6f:ab:cd:0e:92:d6:c6:df:06:44:f2:3d:fe:60:57:11:65:
af:74:64:f6:fe:33:41:8d:3f:53:35:99:49:4d:4b:70:b3:64:
8a:2b:3d:07:37:6b:1f:36:2e:27:ac:3c:20:6a:5b:9a:c1:bf:
44:63:a7:11:20:5f:94:8b:06:a4:02:b5:d0:be:e4:66:78:4b:
c6:a2:db:d0:a7:9e:a3:eb:2c:07:41:39:ae:c7:96:d8:14:8c:
39:ce:d4:10:91:d6:3a:73:3f:de:6c:6d:e8:fe:da:f4:1e:a7:
a7:ed:1f:33:1f:a6:7e:c8:17:47:97:60:8e:bf:89:bb:c9:ef:
5f:53:1c:eb:2e:8a:19:92:16:6a:26:35:00:1b:3f:33:c6:00:
3a:4d:b0:a4:88:77:07:36:23:6a:ac:b0:b1:65:fe:d2:d3:14:
4f:fe:3f:95:ca:d3:64:c8:1a:3e:4a:97:e3:06:3c:48:b4:75:
27:f8:18:f1:d8:79:40:db:b4:3e:a6:2f:a3:00:50:6f:c3:11:
a0:5b:40:50:32:fa:77:fd:8f:f5:08:4b:df:63:32:48:31:cb:
91:22:cf:21
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHPPU5vpfB51yk5vPRopUyrz6XhkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzEwMzFaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiMjg4YzY5MzQ5ODcxYWUzMzg2MTIwOTBmMWYzMzkyYTY4YWMzOTUwZDUx
YzFkYzczMTU2NGUxNWM0YzljM2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/yvrPu338OZVPmoinsYyUqHFuL3hLw1gk4rlhM99ilGnaR/WbJnKWrTA+F
JyqFssbVQAnIMx59oAaKMD1XUoZts2mkhrE1cnWSqG7zteScHH4ogt/UK0dJNpXB
i5q/ZC7fRdc/ohdaKY5AGSVN7c6hkWaz+cUKz41FnKD05dEfg7VK95Li1GbWBRcK
lP7rOjeONu0w/5nbEPaRfw3ZUvFq4l+C/iIzIvIlJSC8q+rLrTjJbajI20szfxh0
yl8jOruoU+ZwiVFiLGeORF5okmGsZ/jHrl3aTCoXlKKPaKrrzPK1KICQY4vfEFFI
N1BHiDp6731fUkWOKTDglOYeCHECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRBlGvQ
NfOiq7rx/0bwf8xbUe52vDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM4YmUxYjEtNWNjOS00MGRjLWEwYzEtOTg5MjBjYzI5M2JkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII
gDANBgkqhkiG9w0BAQsFAAOCAQEAsqzYAbJ45f2nVum7x7/D7ZHcwpL45cJGEdi6
5SpaH7OiUSl4Km+rzQ6S1sbfBkTyPf5gVxFlr3Rk9v4zQY0/UzWZSU1LcLNkiis9
BzdrHzYuJ6w8IGpbmsG/RGOnESBflIsGpAK10L7kZnhLxqLb0Keeo+ssB0E5rseW
2BSMOc7UEJHWOnM/3mxt6P7a9B6np+0fMx+mfsgXR5dgjr+Ju8nvX1Mc6y6KGZIW
aiY1ABs/M8YAOk2wpIh3BzYjaqywsWX+0tMUT/4/lcrTZMgaPkqX4wY8SLR1J/gY
8dh5QNu0PqYvowBQb8MRoFtAUDL6d/2P9QhL32MySDHLkSLPIQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:59:17 2025 by rpki-client