Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
File: cb352ba2-1c61-4993-802d-895dc73880c2.roa (raw, json)
Hash identifier: Kfu/s4YitOGHlVOe+FNwhqVJ4hhSYk7DdrYy0EI85Ns=
Subject key identifier: EB:A1:86:80:50:CB:50:0C:A8:E5:E7:82:BA:A5:56:EF:C1:6A:67:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A641B65D8E3691275E845EAE07EEE2DAB18FB62
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
Signing time: Fri 01 Aug 2025 17:11:11 +0000
ROA not before: Fri 01 Aug 2025 17:11:11 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:64:1b:65:d8:e3:69:12:75:e8:45:ea:e0:7e:ee:2d:ab:18:fb:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:11:11 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=34b1b73cb3340945af81ed86d87cb3a6a7c2ff0fa3a749bf6155911166dbaa3a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ae:4a:71:a5:9d:5c:d7:18:c0:9d:64:53:28:
0d:a6:7d:4f:be:5c:6f:76:5c:d0:fd:9e:4d:fa:c7:
54:99:b5:9b:81:dc:5b:fc:fe:2c:de:39:f5:dd:a4:
37:62:aa:36:34:38:7c:e0:90:45:60:03:88:e1:b3:
6d:73:fd:d6:df:7b:97:f3:9e:4f:17:5d:1b:2b:ff:
71:d2:b9:74:9c:bc:4e:74:4e:75:13:41:09:e3:df:
41:50:3f:a9:17:90:0c:85:c2:a1:aa:ea:18:f9:54:
33:3e:ca:b0:f4:7a:bf:80:56:4e:b7:d0:a6:94:44:
92:61:51:c1:3b:f5:30:e3:09:4f:0c:c5:e3:4e:e4:
9c:30:ec:53:20:f7:be:ba:2b:5d:28:cc:18:0a:bd:
8f:ba:87:30:86:41:a9:72:55:63:51:0d:f8:73:02:
c4:33:17:1a:15:73:80:0a:8b:18:ad:38:d8:12:e9:
0e:07:ae:89:92:80:d1:ff:2e:68:d2:9f:30:fd:da:
34:94:cf:53:db:f2:98:46:df:95:3d:c9:84:1d:9a:
a1:e7:87:3f:d5:7e:01:ee:13:96:49:32:91:1a:62:
26:1f:c3:a0:d9:fa:de:13:7c:4b:78:a2:ae:9b:39:
6c:e4:05:9a:a4:4b:9f:24:4a:66:b5:ff:a2:4a:b3:
0b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:A1:86:80:50:CB:50:0C:A8:E5:E7:82:BA:A5:56:EF:C1:6A:67:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:800::/40
Signature Algorithm: sha256WithRSAEncryption
0d:b1:dd:64:74:ba:cf:b9:77:79:41:48:23:7f:da:de:3c:2c:
df:3f:1d:87:e4:6f:4f:2f:52:38:b7:dd:06:6e:16:e3:45:bd:
d3:65:6f:ae:85:b1:c8:e2:e5:5e:3e:f8:36:d4:f4:13:7c:8d:
ad:9a:d6:08:9e:b0:fe:88:a0:14:fd:60:ed:ff:b2:47:e9:fd:
0d:3d:bf:da:07:1f:c4:3e:07:b9:2d:22:25:6f:43:e5:4a:c6:
5b:ed:1f:5f:a0:92:73:64:ad:c1:48:9a:81:6b:15:c2:8b:56:
e0:cd:0d:46:e1:54:3c:4f:4e:56:ab:b3:b4:07:af:fe:a3:ad:
90:58:5e:b3:30:e6:5d:56:e0:b6:db:e1:bb:ea:f1:b0:c2:14:
9a:75:d8:aa:0a:aa:0b:37:e7:c5:53:96:12:ba:cc:4f:4e:fa:
20:dc:24:4d:0f:58:bc:ef:62:52:93:82:83:0d:c7:24:af:cb:
e2:00:15:15:1d:a1:4f:36:98:9c:56:31:cc:c6:14:b8:ca:63:
a0:63:bb:be:f4:ee:7f:d0:dc:52:99:3b:cd:5d:b3:ab:c0:6d:
08:56:08:f5:a6:64:aa:89:61:e7:63:df:05:7a:da:52:d4:d7:
e1:30:77:46:8e:0b:84:d4:9b:4d:c2:76:09:a4:6a:14:e8:9a:
24:58:15:fb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKmQbZdjjaRJ16EXq4H7uLasY+2IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzExMTFaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0YjFiNzNjYjMzNDA5NDVhZjgxZWQ4NmQ4N2NiM2E2YTdjMmZmMGZhM2E3
NDliZjYxNTU5MTExNjZkYmFhM2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMiuSnGlnVzXGMCdZFMoDaZ9T75cb3Zc0P2eTfrHVJm1m4HcW/z+LN459d2k
N2KqNjQ4fOCQRWADiOGzbXP91t97l/OeTxddGyv/cdK5dJy8TnROdRNBCePfQVA/
qReQDIXCoarqGPlUMz7KsPR6v4BWTrfQppREkmFRwTv1MOMJTwzF407knDDsUyD3
vrorXSjMGAq9j7qHMIZBqXJVY1EN+HMCxDMXGhVzgAqLGK042BLpDgeuiZKA0f8u
aNKfMP3aNJTPU9vymEbflT3JhB2aoeeHP9V+Ae4TlkkykRpiJh/DoNn63hN8S3ii
rps5bOQFmqRLnyRKZrX/okqzC1kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTroYaA
UMtQDKjl54K6pVbvwWpnGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2IzNTJiYTItMWM2MS00OTkzLTgwMmQtODk1ZGM3Mzg4MGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYI
MA0GCSqGSIb3DQEBCwUAA4IBAQANsd1kdLrPuXd5QUgjf9rePCzfPx2H5G9PL1I4
t90GbhbjRb3TZW+uhbHI4uVePvg21PQTfI2tmtYInrD+iKAU/WDt/7JH6f0NPb/a
Bx/EPge5LSIlb0PlSsZb7R9foJJzZK3BSJqBaxXCi1bgzQ1G4VQ8T05Wq7O0B6/+
o62QWF6zMOZdVuC22+G76vGwwhSaddiqCqoLN+fFU5YSusxPTvog3CRND1i872JS
k4KDDcckr8viABUVHaFPNpicVjHMxhS4ymOgY7u+9O5/0NxSmTvNXbOrwG0IVgj1
pmSqiWHnY98FetpS1NfhMHdGjguE1JtNwnYJpGoU6JokWBX7
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:49 2025 by rpki-client