Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa
File: 5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa (raw, json)
Hash identifier: 87N/eGPFiRA8BbyTEdl3biDXzt8DNCUcZBHEXWIQOjE=
Subject key identifier: B5:84:FD:24:91:C5:56:B8:EA:0A:F7:DB:13:7A:EB:68:B0:0C:FB:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25BAD16CB643F8544C00AFAF84128D408CB633CE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa
Signing time: Fri 25 Jul 2025 16:50:21 +0000
ROA not before: Fri 25 Jul 2025 16:50:21 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:ba:d1:6c:b6:43:f8:54:4c:00:af:af:84:12:8d:40:8c:b6:33:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 25 16:50:21 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=d779f4b4fcb85f5c1b8b8ba32acd647f2047b728213a5e6970c10f2ac3661f5d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:60:b1:fd:12:41:33:d6:ba:d5:32:e9:a2:fb:
13:26:0f:ce:2b:fc:84:cf:f3:cc:de:a6:4f:a5:4f:
04:88:10:f0:5b:1a:71:e9:12:7d:88:f4:ab:e6:d3:
4b:a0:23:00:45:34:d0:97:11:af:49:68:01:0f:25:
f5:f1:22:c2:81:42:a1:92:3f:5f:7f:63:9c:83:3b:
37:cb:05:26:95:cd:44:22:02:2e:f7:14:8b:ef:cc:
a1:25:47:b7:0d:20:22:26:52:c4:d7:74:b9:51:fd:
c7:41:13:03:aa:e7:aa:18:48:55:44:89:2b:f7:bf:
33:b5:da:1d:66:b7:ee:23:a7:fb:33:55:3a:17:8e:
5f:49:09:7d:9f:b6:11:bc:f1:a2:83:81:e6:80:34:
90:bb:2a:68:10:04:fa:7b:c6:ad:7e:66:5f:0d:c4:
46:60:1a:c5:91:14:43:bd:d7:e6:79:24:8e:54:0f:
70:4c:95:3b:80:93:4d:82:01:72:86:4c:09:0e:98:
07:41:3a:58:8f:ca:f3:1f:2f:3b:a1:cc:6e:79:88:
e4:73:ee:b8:59:56:e2:e0:8d:92:96:f8:d8:97:2f:
3e:84:aa:34:b5:38:3a:0b:2f:cb:70:04:0e:9a:33:
7c:40:72:a3:b3:41:f6:56:e1:60:4a:c1:65:6e:7e:
96:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:84:FD:24:91:C5:56:B8:EA:0A:F7:DB:13:7A:EB:68:B0:0C:FB:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:9000::/40
Signature Algorithm: sha256WithRSAEncryption
28:46:d8:53:f6:a3:eb:1d:04:a2:b8:47:59:22:ad:84:b2:da:
2f:f6:57:20:73:99:6d:8a:02:86:6c:5c:69:56:9d:3c:29:29:
90:97:10:3f:9b:a6:35:c2:ab:e4:28:20:12:36:1e:fb:83:13:
50:4c:aa:56:13:b5:32:af:a2:3e:2d:5f:38:f6:ad:c2:9f:25:
6c:98:f6:21:3c:f1:ce:62:a7:db:a7:e4:a0:19:e0:49:5e:06:
20:6b:eb:3a:e3:45:81:da:a3:89:54:65:d9:29:98:35:83:3e:
13:6a:06:04:83:cc:c1:15:ea:4d:a7:18:6d:4a:b5:4e:1e:76:
e9:d2:aa:f2:5f:64:f3:c5:21:c8:ab:9c:8c:c6:ac:24:d0:1c:
01:a0:61:d7:fe:d8:4e:ea:ba:6e:17:3e:a7:d5:f9:d3:14:18:
8a:4d:e7:94:bb:8a:13:9e:7e:a5:08:4f:c6:fc:be:50:44:cd:
81:62:0b:55:7f:37:13:af:48:c7:58:af:3c:66:2c:85:d2:e1:
2f:bd:ca:74:a7:93:9c:cf:d5:19:e1:64:7b:3e:9a:4a:dd:9c:
83:b5:13:99:0d:09:36:b2:a5:6c:3c:47:95:11:bf:e5:0c:7d:
b9:3c:16:72:61:1d:83:32:db:84:19:06:05:23:cf:44:1e:9e:
13:88:49:32
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJbrRbLZD+FRMAK+vhBKNQIy2M84wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjUxNjUwMjFaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3NzlmNGI0ZmNiODVmNWMxYjhiOGJhMzJhY2Q2NDdmMjA0N2I3MjgyMTNh
NWU2OTcwYzEwZjJhYzM2NjFmNWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtgsf0SQTPWutUy6aL7EyYPziv8hM/zzN6mT6VPBIgQ8FsacekSfYj0q+bT
S6AjAEU00JcRr0loAQ8l9fEiwoFCoZI/X39jnIM7N8sFJpXNRCICLvcUi+/MoSVH
tw0gIiZSxNd0uVH9x0ETA6rnqhhIVUSJK/e/M7XaHWa37iOn+zNVOheOX0kJfZ+2
EbzxooOB5oA0kLsqaBAE+nvGrX5mXw3ERmAaxZEUQ73X5nkkjlQPcEyVO4CTTYIB
coZMCQ6YB0E6WI/K8x8vO6HMbnmI5HPuuFlW4uCNkpb42JcvPoSqNLU4Ogsvy3AE
DpozfEByo7NB9lbhYErBZW5+locCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS1hP0k
kcVWuOoK99sTeutosAz7aTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQzN2RjMTUtMTIyNC00OTAxLWFhYjEtN2Y3ZjMwZmU2MWM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAoRthT9qPrHQSiuEdZIq2Estov9lcgc5ltigKG
bFxpVp08KSmQlxA/m6Y1wqvkKCASNh77gxNQTKpWE7Uyr6I+LV849q3CnyVsmPYh
PPHOYqfbp+SgGeBJXgYga+s640WB2qOJVGXZKZg1gz4TagYEg8zBFepNpxhtSrVO
Hnbp0qryX2TzxSHIq5yMxqwk0BwBoGHX/thO6rpuFz6n1fnTFBiKTeeUu4oTnn6l
CE/G/L5QRM2BYgtVfzcTr0jHWK88ZiyF0uEvvcp0p5Ocz9UZ4WR7PppK3ZyDtROZ
DQk2sqVsPEeVEb/lDH25PBZyYR2DMtuEGQYFI89EHp4TiEky
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:59:00 2025 by rpki-client