Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/655038e8-ae62-4d89-86ef-c5f745dc0c17.roa
File: 655038e8-ae62-4d89-86ef-c5f745dc0c17.roa (raw, json)
Hash identifier: y/LzOn6/oynsRJrZ9ZEQg1/2LzqOdCAfix2DJKaepM4=
Subject key identifier: AB:68:05:87:BA:85:78:0F:13:CE:E5:56:CC:30:EB:3B:DC:CF:57:BF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 678A2ED896D26A1936C844618E1EC751DCD89444
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/655038e8-ae62-4d89-86ef-c5f745dc0c17.roa
Signing time: Fri 01 Aug 2025 17:10:33 +0000
ROA not before: Fri 01 Aug 2025 17:10:33 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:8a:2e:d8:96:d2:6a:19:36:c8:44:61:8e:1e:c7:51:dc:d8:94:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:10:33 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=d2a85dd1cb4f2b0bb27f3251f1bfbf259e540cbf2e4b31916407cffd6ad8af9a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:08:cc:86:06:58:f8:53:34:18:aa:37:0f:36:
7a:95:cd:e4:a9:c9:f5:de:03:87:1d:05:2d:cb:15:
99:f0:f1:af:5f:6f:ee:a1:be:0e:61:e6:06:e8:00:
24:9b:3e:2b:f6:a6:83:d9:47:c7:ae:e5:be:34:5f:
de:2f:ee:0f:39:e6:ac:75:3c:4a:24:30:8f:d8:a7:
cb:19:50:13:da:88:8a:93:9f:45:c7:7b:75:ae:85:
f1:79:d1:62:8d:52:1e:04:c9:f8:33:63:b7:77:4e:
c2:c0:dc:6c:85:f9:7f:e0:2a:2b:69:a1:4c:71:3a:
28:76:f6:91:6d:1a:bb:4f:18:d1:f0:21:c8:d5:c5:
41:e0:76:a1:fe:98:c4:84:77:32:de:9c:48:4c:53:
c7:a3:81:cd:a0:ba:51:db:5a:11:d5:6f:2b:25:97:
73:02:c9:2b:4b:c3:27:ab:19:51:85:90:45:a9:de:
c3:6f:89:3d:50:9e:36:eb:f1:5e:d2:2a:76:04:b7:
ae:da:ae:fc:4c:7f:ac:f7:6d:66:b4:46:03:d5:26:
d3:31:e8:17:9f:95:fc:8d:b6:02:6e:dc:a0:d3:22:
ad:90:be:ca:c0:d9:0d:40:fe:3a:42:43:1e:31:f0:
10:50:92:8b:c7:c4:74:5b:00:5d:ba:82:7e:57:57:
b2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:68:05:87:BA:85:78:0F:13:CE:E5:56:CC:30:EB:3B:DC:CF:57:BF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/655038e8-ae62-4d89-86ef-c5f745dc0c17.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:840::/48
Signature Algorithm: sha256WithRSAEncryption
5e:a2:a7:44:f5:a3:47:84:10:2c:5c:22:51:d9:08:1b:b6:36:
37:e5:5e:ac:bc:d0:72:fb:de:e9:63:d7:8a:4a:ad:61:d3:8c:
d1:c7:e6:89:29:25:af:66:33:51:f7:fb:3e:0f:64:60:25:62:
43:81:18:64:b7:f6:56:38:12:a6:55:bd:9e:81:aa:66:67:b3:
b1:53:3e:2f:25:02:eb:a6:ca:45:e3:f9:f6:3b:e2:13:e4:d6:
28:b1:ea:0a:13:e7:ed:30:36:9d:d1:8e:ff:0b:43:87:37:0c:
3e:b3:28:59:31:d7:1b:24:42:13:60:b7:97:ac:c5:c9:54:dd:
3c:f6:42:07:19:81:94:7b:a8:95:d9:9f:c5:d5:11:ff:bd:af:
af:68:b2:ba:1d:37:ef:e9:64:7c:ee:4b:a8:30:07:6c:ca:db:
c3:66:86:23:a0:98:ab:26:16:5f:02:a9:04:9f:c7:4c:c9:2a:
1a:57:d5:05:a0:c6:a3:a8:60:a0:5e:af:48:f8:35:d2:c2:98:
58:84:99:2d:7f:a3:ab:15:8b:46:92:c5:d0:91:fe:71:54:98:
1c:0b:3a:07:2f:39:c5:09:ba:39:07:e3:c7:00:e8:52:ed:06:
42:3d:24:bd:b3:6b:c9:ad:21:8c:a1:9e:c7:44:f4:fb:d6:9c:
3f:de:00:70
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZ4ou2JbSahk2yERhjh7HUdzYlEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzEwMzNaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyYTg1ZGQxY2I0ZjJiMGJiMjdmMzI1MWYxYmZiZjI1OWU1NDBjYmYyZTRi
MzE5MTY0MDdjZmZkNmFkOGFmOWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANAIzIYGWPhTNBiqNw82epXN5KnJ9d4Dhx0FLcsVmfDxr19v7qG+DmHmBugA
JJs+K/amg9lHx67lvjRf3i/uDznmrHU8SiQwj9inyxlQE9qIipOfRcd7da6F8XnR
Yo1SHgTJ+DNjt3dOwsDcbIX5f+AqK2mhTHE6KHb2kW0au08Y0fAhyNXFQeB2of6Y
xIR3Mt6cSExTx6OBzaC6UdtaEdVvKyWXcwLJK0vDJ6sZUYWQRanew2+JPVCeNuvx
XtIqdgS3rtqu/Ex/rPdtZrRGA9Um0zHoF5+V/I22Am7coNMirZC+ysDZDUD+OkJD
HjHwEFCSi8fEdFsAXbqCfldXsl0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSraAWH
uoV4DxPO5VbMMOs73M9XvzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjU1MDM4ZTgtYWU2Mi00ZDg5LTg2ZWYtYzVmNzQ1ZGMwYzE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8I
QDANBgkqhkiG9w0BAQsFAAOCAQEAXqKnRPWjR4QQLFwiUdkIG7Y2N+VerLzQcvve
6WPXikqtYdOM0cfmiSklr2YzUff7Pg9kYCViQ4EYZLf2VjgSplW9noGqZmezsVM+
LyUC66bKReP59jviE+TWKLHqChPn7TA2ndGO/wtDhzcMPrMoWTHXGyRCE2C3l6zF
yVTdPPZCBxmBlHuoldmfxdUR/72vr2iyuh037+lkfO5LqDAHbMrbw2aGI6CYqyYW
XwKpBJ/HTMkqGlfVBaDGo6hgoF6vSPg10sKYWISZLX+jqxWLRpLF0JH+cVSYHAs6
By85xQm6OQfjxwDoUu0GQj0kvbNrya0hjKGex0T0+9acP94AcA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:18 2025 by rpki-client