Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa
File: 8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa (raw, json)
Hash identifier: SIfGrZXImjytqq02vI7Xq47WHWjoebQ/ftxQARwnNZ4=
Subject key identifier: AA:84:0F:BB:89:51:7D:A5:DE:1A:75:E3:08:EA:E8:14:EE:D9:8C:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5DE80945FBDA5600F86B1DBFF5713D090350FCD8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa
Signing time: Mon 21 Jul 2025 16:50:53 +0000
ROA not before: Mon 21 Jul 2025 16:50:53 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:9040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:e8:09:45:fb:da:56:00:f8:6b:1d:bf:f5:71:3d:09:03:50:fc:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:50:53 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=654ad4d3d6b64719edb7d8a4360123788fac40365ca9a0301876afcb719efdd4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:bd:0a:3a:85:ba:ef:20:5d:df:02:80:78:71:
86:83:e4:f8:9b:db:ac:37:d8:c8:a0:6b:88:4d:0b:
0b:18:0c:1b:13:0b:19:7f:df:b7:8a:89:3e:a9:67:
d2:e2:c3:cb:90:e3:18:49:1a:e6:a2:85:b3:df:0a:
d2:94:a9:06:cf:a7:ac:f2:60:12:99:f2:b4:5f:04:
bb:bb:eb:b7:1f:78:3a:cc:80:7f:be:ce:0a:a0:9c:
45:e7:0b:e6:23:b2:0c:e9:1e:8f:81:92:74:8a:f6:
d2:78:03:f3:74:b5:05:19:f9:99:2d:0c:02:90:95:
ab:84:54:72:a5:97:18:1a:a1:27:22:cf:09:c0:9b:
96:c6:ae:a4:05:22:5c:55:96:1b:43:ad:9f:79:72:
22:3e:39:01:f4:a7:1a:99:cd:ea:cb:03:85:e6:a6:
6e:22:c4:ae:95:46:47:05:9d:42:4a:46:65:1b:8b:
9c:9f:cc:1c:83:41:7b:b2:fe:aa:67:08:99:50:cc:
19:b2:db:5d:aa:b6:e0:73:63:33:aa:d2:14:59:13:
75:36:e7:75:a6:e4:f8:21:c8:db:dd:7f:b4:74:08:
48:53:2b:4b:45:73:f7:3d:b6:0f:f2:3e:45:43:69:
0f:78:c5:df:ab:94:de:b5:d0:63:bc:a4:29:e1:3f:
38:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:84:0F:BB:89:51:7D:A5:DE:1A:75:E3:08:EA:E8:14:EE:D9:8C:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:9040::/46
Signature Algorithm: sha256WithRSAEncryption
87:f2:65:fc:af:17:eb:4d:7d:f8:17:67:cb:74:22:14:28:5d:
6e:40:e3:b9:70:53:63:c6:a1:eb:e4:cc:a5:40:81:be:30:a7:
33:18:6f:81:19:dd:1f:fc:fe:40:99:0e:21:ca:78:ef:d4:a7:
db:01:4d:99:ed:a4:84:5c:13:88:56:99:68:3b:ae:ce:96:99:
fb:8d:53:c5:23:7b:97:29:30:4e:84:43:c6:f9:8f:c3:06:b7:
40:bd:96:a0:59:20:a3:c2:87:c8:73:22:94:c1:79:68:41:8e:
01:a8:e6:79:19:73:96:60:38:9c:39:c2:2b:95:c3:21:7a:56:
ed:c4:15:d2:52:09:0b:0c:ea:bc:e6:4b:fb:0d:f6:42:45:0c:
a4:9a:c0:1d:ce:67:18:2c:2a:48:4d:2b:cd:72:4d:1c:23:f4:
7a:e5:82:1d:6d:f6:a9:58:a4:e7:cc:5f:ba:11:34:2f:5b:e5:
1e:85:10:57:fe:2e:8f:f0:f7:09:a0:a8:90:70:3b:88:c2:8c:
de:4e:6e:87:d9:5d:6f:57:af:45:a5:a7:0b:ce:7f:f4:7f:fc:
e7:2f:60:9b:2a:61:22:8e:e4:ab:3e:79:a0:cf:a8:14:ea:57:
d1:52:a9:4e:66:2b:5d:32:8c:05:94:2a:64:04:20:b0:97:8c:
59:cf:13:60
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXegJRfvaVgD4ax2/9XE9CQNQ/NgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjUwNTNaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1NGFkNGQzZDZiNjQ3MTllZGI3ZDhhNDM2MDEyMzc4OGZhYzQwMzY1Y2E5
YTAzMDE4NzZhZmNiNzE5ZWZkZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMG9CjqFuu8gXd8CgHhxhoPk+JvbrDfYyKBriE0LCxgMGxMLGX/ft4qJPqln
0uLDy5DjGEka5qKFs98K0pSpBs+nrPJgEpnytF8Eu7vrtx94OsyAf77OCqCcRecL
5iOyDOkej4GSdIr20ngD83S1BRn5mS0MApCVq4RUcqWXGBqhJyLPCcCblsaupAUi
XFWWG0Otn3lyIj45AfSnGpnN6ssDheambiLErpVGRwWdQkpGZRuLnJ/MHINBe7L+
qmcImVDMGbLbXaq24HNjM6rSFFkTdTbndabk+CHI291/tHQISFMrS0Vz9z22D/I+
RUNpD3jF36uU3rXQY7ykKeE/OPcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSqhA+7
iVF9pd4adeMI6ugU7tmM0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODUxOGI4MWQtYzcwMC00ZDNmLThlZjQtNWFiZThkMzQ4ZDNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAh/Jl/K8X6019+Bdny3QiFChdbkDjuXBTY8ah
6+TMpUCBvjCnMxhvgRndH/z+QJkOIcp479Sn2wFNme2khFwTiFaZaDuuzpaZ+41T
xSN7lykwToRDxvmPwwa3QL2WoFkgo8KHyHMilMF5aEGOAajmeRlzlmA4nDnCK5XD
IXpW7cQV0lIJCwzqvOZL+w32QkUMpJrAHc5nGCwqSE0rzXJNHCP0euWCHW32qVik
58xfuhE0L1vlHoUQV/4uj/D3CaCokHA7iMKM3k5uh9ldb1evRaWnC85/9H/85y9g
myphIo7kqz55oM+oFOpX0VKpTmYrXTKMBZQqZAQgsJeMWc8TYA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:34 2025 by rpki-client