Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
File: 5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa (raw, json)
Hash identifier: bTFSdMgoGvoHqt++4BPmO1eb6Tp8BwUvarvc6Z6XUzQ=
Subject key identifier: 10:AD:13:C3:22:52:FB:21:7B:76:1D:A1:33:75:88:3B:F9:BC:7B:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1177F2ED9CB13D8A22CDD298BBDAF6199C80951C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
Signing time: Fri 11 Jul 2025 20:30:17 +0000
ROA not before: Fri 11 Jul 2025 20:30:17 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:77:f2:ed:9c:b1:3d:8a:22:cd:d2:98:bb:da:f6:19:9c:80:95:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:30:17 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=4d53f746f5b722e21bba796e7e45d3970ce1476dd13ad160fd9dec4ebb950d8c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:54:2c:76:30:05:f7:38:29:fe:3b:21:d8:fa:
17:79:d3:ef:24:8b:39:c9:de:e2:c9:1f:a5:af:fc:
b3:90:6f:7c:f2:cb:0f:35:be:89:73:81:3c:6d:e4:
40:f7:38:b9:d4:32:ec:43:18:12:c6:42:31:61:12:
27:90:de:da:43:27:3f:7c:d5:87:9b:7b:55:78:ae:
6a:68:f5:87:16:02:2f:8a:fc:19:ab:04:ee:df:a4:
b2:44:b7:a7:8b:0e:ed:8c:0c:04:ac:1d:e8:01:a3:
13:dd:7e:e9:6b:96:10:15:3c:0b:25:e3:04:43:ee:
c3:50:65:ef:f5:9e:f6:d5:3c:84:b3:6d:56:5c:cf:
33:91:27:45:1a:0a:2e:bc:9a:a6:e0:b2:16:ab:44:
60:78:56:f1:32:c9:14:b7:9e:1f:1e:5a:3f:5b:50:
e2:9d:ff:41:b3:b2:da:41:b4:27:42:e9:74:11:c3:
80:9d:38:fb:8d:27:29:94:8f:b2:b9:40:f7:9e:76:
07:a3:2c:31:0e:cf:ee:fe:37:1b:64:7b:f1:1d:ab:
b7:ec:af:68:f8:05:76:ec:14:3a:1b:01:71:5c:0f:
65:ea:ca:e7:63:fc:dd:60:ec:29:4e:d7:fd:68:37:
18:52:bb:71:2d:72:c2:88:55:b0:52:2f:54:3d:4a:
9a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:AD:13:C3:22:52:FB:21:7B:76:1D:A1:33:75:88:3B:F9:BC:7B:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f3054b8-54ee-4b8b-afc8-531f24d59fa7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:8000::/40
Signature Algorithm: sha256WithRSAEncryption
3a:28:fa:a1:70:7b:35:7e:ac:12:f1:f5:1f:89:47:11:d7:2b:
5d:99:3e:b6:f9:a0:36:cb:c2:8a:f0:31:69:5c:64:42:3b:95:
99:61:33:3b:22:cc:78:2a:2e:23:9c:06:1f:b4:33:37:11:1f:
73:2d:7e:8d:05:47:a3:d0:fc:b1:d2:ab:92:20:1f:61:31:53:
21:ad:cc:15:f9:a4:f4:dd:8c:d1:e4:90:66:0b:71:98:55:ae:
b1:1d:17:8d:01:b4:13:b9:f0:46:4b:24:5f:32:f6:aa:d3:6b:
a9:bc:7b:e2:fb:d2:9e:34:db:c5:cd:f5:b8:5e:44:82:0b:17:
ac:52:eb:3f:69:38:26:44:29:82:ab:eb:13:a6:98:bb:4b:31:
b3:96:78:4d:b0:fb:eb:3c:54:55:98:e0:63:52:7f:10:cd:c0:
e5:35:f8:91:04:23:c7:57:40:25:1c:45:47:50:9c:c3:25:ea:
a4:88:79:74:d1:f2:25:84:a1:24:a5:be:56:e4:b1:7d:47:65:
36:34:a6:f6:11:5b:15:22:c8:48:69:e5:ca:a3:4f:f4:4a:5f:
7b:8e:ae:7f:5f:5c:b0:e2:13:ef:bb:04:d5:92:a1:ec:28:81:
10:79:7c:f2:33:71:aa:83:de:80:ba:f7:df:f4:ce:dc:c9:00:
da:e6:35:c0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEXfy7ZyxPYoizdKYu9r2GZyAlRwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMwMTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkNTNmNzQ2ZjViNzIyZTIxYmJhNzk2ZTdlNDVkMzk3MGNlMTQ3NmRkMTNh
ZDE2MGZkOWRlYzRlYmI5NTBkOGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFULHYwBfc4Kf47Idj6F3nT7ySLOcne4skfpa/8s5BvfPLLDzW+iXOBPG3k
QPc4udQy7EMYEsZCMWESJ5De2kMnP3zVh5t7VXiuamj1hxYCL4r8GasE7t+kskS3
p4sO7YwMBKwd6AGjE91+6WuWEBU8CyXjBEPuw1Bl7/We9tU8hLNtVlzPM5EnRRoK
LryapuCyFqtEYHhW8TLJFLeeHx5aP1tQ4p3/QbOy2kG0J0LpdBHDgJ04+40nKZSP
srlA9552B6MsMQ7P7v43G2R78R2rt+yvaPgFduwUOhsBcVwPZerK52P83WDsKU7X
/Wg3GFK7cS1ywohVsFIvVD1KmvcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQQrRPD
IlL7IXt2HaEzdYg7+bx7mTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWYzMDU0YjgtNTRlZS00YjhiLWFmYzgtNTMxZjI0ZDU5ZmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSA
MA0GCSqGSIb3DQEBCwUAA4IBAQA6KPqhcHs1fqwS8fUfiUcR1ytdmT62+aA2y8KK
8DFpXGRCO5WZYTM7Isx4Ki4jnAYftDM3ER9zLX6NBUej0Pyx0quSIB9hMVMhrcwV
+aT03YzR5JBmC3GYVa6xHReNAbQTufBGSyRfMvaq02upvHvi+9KeNNvFzfW4XkSC
CxesUus/aTgmRCmCq+sTppi7SzGzlnhNsPvrPFRVmOBjUn8QzcDlNfiRBCPHV0Al
HEVHUJzDJeqkiHl00fIlhKEkpb5W5LF9R2U2NKb2EVsVIshIaeXKo0/0Sl97jq5/
X1yw4hPvuwTVkqHsKIEQeXzyM3Gqg96Auvff9M7cyQDa5jXA
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:33 2025 by rpki-client