Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa
File: 5fe931ae-e353-437d-9738-79004c5e9188.roa (raw, json)
Hash identifier: O4LF30ItuaDbyvfuYhf44trW393+3K4Qr3kO31pzrpE=
Subject key identifier: 61:F3:85:C8:51:3A:7A:E7:18:C2:A6:0A:4C:03:D4:AD:75:22:04:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 579A6787BA831D881A54F2CBE4829120D041CDD2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa
Signing time: Fri 11 Jul 2025 20:30:15 +0000
ROA not before: Fri 11 Jul 2025 20:30:15 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:9a:67:87:ba:83:1d:88:1a:54:f2:cb:e4:82:91:20:d0:41:cd:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:30:15 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a8d412f2b90627ebee702001f7851cb8ea01e0d3f1e17df428f6f3e9f8ba795c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e9:7a:84:b1:85:1a:2d:0a:72:48:71:e3:02:
d3:7d:65:47:44:f6:50:ca:7a:82:4e:6d:57:3c:be:
b1:03:3a:e2:a0:2a:51:68:af:76:87:cb:57:4a:c4:
ff:0a:67:89:43:67:e8:1d:97:54:81:44:3a:7e:9e:
07:eb:e4:cd:08:8e:86:54:98:e5:5b:75:92:6c:59:
c2:a6:d0:ef:88:96:9d:83:12:33:21:3c:95:d7:6c:
0e:6b:df:fd:0b:31:eb:3e:ed:6f:fc:a0:ab:ae:d8:
2c:2d:2d:28:c8:09:fb:9a:3e:9b:a9:e4:8c:18:02:
79:f3:8d:e5:38:91:26:07:41:68:33:19:a1:0e:fb:
66:eb:c7:9a:b0:43:1e:50:44:8a:81:33:5d:c4:66:
19:8e:fb:41:47:66:b0:9a:a6:f5:55:98:c5:1c:10:
e8:3a:5e:83:97:d3:a3:0d:88:f7:c4:dc:69:f8:ed:
61:66:ee:f9:68:6e:28:bf:0b:b2:c7:1e:af:44:d5:
7d:b3:32:88:29:b0:7c:08:02:35:e8:d7:c6:0f:6a:
04:8d:10:64:f0:af:4a:a5:72:f4:e9:60:f0:02:ed:
19:a4:bc:b4:84:e2:d2:d7:4b:20:ab:9b:61:91:06:
d7:fe:d3:e7:84:36:80:18:a2:77:03:e6:82:26:47:
1c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F3:85:C8:51:3A:7A:E7:18:C2:A6:0A:4C:03:D4:AD:75:22:04:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:c000::/40
Signature Algorithm: sha256WithRSAEncryption
a7:36:17:50:e4:70:fa:2d:3f:0d:d9:8a:5a:4c:36:f2:c2:cb:
ec:14:cf:14:7f:b1:a3:ac:a3:0f:60:0e:04:2b:4a:0c:c6:c9:
5d:51:2b:a7:2b:48:93:ab:23:ee:7c:b6:64:63:39:99:a3:20:
dd:07:f2:97:93:49:49:7b:f6:d9:15:02:b8:46:d2:f8:30:16:
e9:e2:86:bb:15:0c:98:b5:3c:dd:8e:dd:a9:a6:75:1d:6b:b0:
a4:25:17:13:44:2c:42:80:7e:ed:14:22:d2:43:39:aa:95:24:
b3:49:25:38:61:60:fe:9a:83:2b:b2:cf:9f:21:7a:ed:3b:95:
c8:77:ef:8b:5d:a2:2b:0e:aa:d3:91:99:32:a5:4f:8a:97:34:
d1:19:f6:14:bb:2b:b4:a5:d2:56:0e:09:7c:a4:0c:f7:2d:f9:
83:15:39:c1:90:46:f1:31:e9:42:be:67:c1:62:d1:c4:97:ff:
26:c2:96:02:81:ab:d4:c0:d7:0a:2a:4d:68:55:f9:df:d6:47:
1d:88:a9:b2:da:5e:c0:ab:dc:cc:05:2e:a8:e5:bb:3d:3b:c7:
2d:cd:26:90:94:bd:26:4f:fd:11:b5:b6:9b:ba:5e:a2:a3:be:
10:c4:d6:c9:e3:fd:8e:67:05:3a:94:5b:db:d5:6c:fc:b7:5e:
a0:b1:c9:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUV5pnh7qDHYgaVPLL5IKRINBBzdIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMwMTVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4ZDQxMmYyYjkwNjI3ZWJlZTcwMjAwMWY3ODUxY2I4ZWEwMWUwZDNmMWUx
N2RmNDI4ZjZmM2U5ZjhiYTc5NWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLpeoSxhRotCnJIceMC031lR0T2UMp6gk5tVzy+sQM64qAqUWivdofLV0rE
/wpniUNn6B2XVIFEOn6eB+vkzQiOhlSY5Vt1kmxZwqbQ74iWnYMSMyE8lddsDmvf
/Qsx6z7tb/ygq67YLC0tKMgJ+5o+m6nkjBgCefON5TiRJgdBaDMZoQ77ZuvHmrBD
HlBEioEzXcRmGY77QUdmsJqm9VWYxRwQ6Dpeg5fTow2I98TcafjtYWbu+WhuKL8L
sscer0TVfbMyiCmwfAgCNejXxg9qBI0QZPCvSqVy9Olg8ALtGaS8tITi0tdLIKub
YZEG1/7T54Q2gBiidwPmgiZHHFECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRh84XI
UTp65xjCpgpMA9StdSIEbzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWZlOTMxYWUtZTM1My00MzdkLTk3MzgtNzkwMDRjNWU5MTg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DTA
MA0GCSqGSIb3DQEBCwUAA4IBAQCnNhdQ5HD6LT8N2YpaTDbywsvsFM8Uf7GjrKMP
YA4EK0oMxsldUSunK0iTqyPufLZkYzmZoyDdB/KXk0lJe/bZFQK4RtL4MBbp4oa7
FQyYtTzdjt2ppnUda7CkJRcTRCxCgH7tFCLSQzmqlSSzSSU4YWD+moMrss+fIXrt
O5XId++LXaIrDqrTkZkypU+KlzTRGfYUuyu0pdJWDgl8pAz3LfmDFTnBkEbxMelC
vmfBYtHEl/8mwpYCgavUwNcKKk1oVfnf1kcdiKmy2l7Aq9zMBS6o5bs9O8ctzSaQ
lL0mT/0Rtbabul6io74QxNbJ4/2OZwU6lFvb1Wz8t16gscm2
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:59:31 2025 by rpki-client