Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
File: d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa (raw, json)
Hash identifier: mqElDgYStWHlP8yjt2NQr7ve6P8CRjw8MoAIlwu5TbQ=
Subject key identifier: C5:01:04:F9:32:0F:6A:30:0D:5D:17:B6:FD:56:53:E4:55:B7:A4:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B3C93856439193CBAAEEA6803A256FF3F7BB74B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
Signing time: Mon 21 Jul 2025 16:50:44 +0000
ROA not before: Mon 21 Jul 2025 16:50:44 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:3c:93:85:64:39:19:3c:ba:ae:ea:68:03:a2:56:ff:3f:7b:b7:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:50:44 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=195e69192092a030a3d24b114a3bdd9878f1a769e93b7d8ba31ff86c60908fa9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:d4:cd:08:0f:d0:80:ac:8c:2b:2e:76:67:0e:
b7:50:4d:5c:48:f6:dd:70:23:e0:b7:af:6a:f8:e4:
9c:3a:47:00:58:93:31:34:16:99:1e:04:c0:6e:d1:
ac:7d:be:db:d1:6a:42:4d:b8:91:29:c3:94:ee:35:
83:dd:40:e8:fa:d8:31:d4:1e:d4:de:5e:22:be:99:
db:06:bf:77:b2:de:0f:90:dd:c9:d2:8d:85:2d:46:
71:6e:3f:ce:fc:42:72:70:cd:81:7f:fc:48:ca:de:
78:ba:2b:7a:f6:c5:4a:84:21:b2:3a:94:7f:c1:01:
1f:c9:00:85:ad:8d:be:db:0a:72:a3:ca:38:b1:a5:
4a:4f:4a:f0:dd:c5:da:e9:c2:30:eb:d6:46:35:ab:
88:e8:c1:52:ee:c9:ab:7b:53:93:cb:06:18:1f:1c:
75:e2:e0:ba:92:c6:5d:99:7a:6f:bb:88:39:af:c7:
40:3b:bd:e2:18:63:8b:c6:09:fb:2e:4f:6e:56:b9:
4b:ce:b4:48:95:c4:31:e9:34:a7:8c:33:b0:59:3a:
8d:96:86:75:e8:31:23:ac:ba:85:d1:32:ef:ff:ca:
6d:4e:c1:45:0d:be:0b:fa:87:ad:9b:3a:24:e6:42:
d2:95:d9:50:9a:82:aa:eb:2e:7a:7f:fd:9f:60:e8:
ab:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:01:04:F9:32:0F:6A:30:0D:5D:17:B6:FD:56:53:E4:55:B7:A4:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:840::/46
Signature Algorithm: sha256WithRSAEncryption
51:e5:2c:f3:49:d7:15:9f:89:35:86:ff:95:fb:90:c2:49:5a:
c1:78:0b:95:b7:05:39:68:0b:18:46:2d:1d:95:e5:9d:b0:fe:
be:ee:3d:38:3a:7f:3c:b9:b0:35:06:a3:74:ca:3f:7d:4b:d9:
48:8b:9f:66:9e:f7:4f:b5:ad:de:fa:da:e1:f9:f4:11:9e:ad:
2e:4e:94:f3:11:a5:73:b8:6f:71:f1:fc:b6:99:e6:be:d6:83:
56:51:fa:5f:ec:96:42:61:84:5c:d5:1f:dc:cc:bf:0c:db:1f:
93:14:bf:67:69:82:83:c8:0a:b7:fb:df:28:e2:4c:24:d0:94:
4d:91:c9:ce:1f:ae:ce:b2:f9:be:e0:61:79:a9:e4:ae:90:fe:
c5:5c:c8:e2:4a:71:57:fe:14:77:ce:90:1b:3f:1e:98:5a:79:
00:a4:56:12:aa:b7:d0:5c:33:6c:7e:5f:35:a7:0b:7a:30:2a:
a7:20:0e:5e:71:87:1d:79:e9:6c:b8:b9:e5:36:92:7b:e3:cd:
22:1c:84:5f:b6:62:92:3b:b6:80:07:25:55:d0:d8:77:37:9d:
92:47:80:b9:c5:1a:d3:88:68:51:e4:1a:99:44:7c:d1:8b:d5:
75:e7:8a:18:cc:2c:0a:41:56:9e:d9:a4:8f:69:71:f1:12:c5:
b3:c0:25:76
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWzyThWQ5GTy6rupoA6JW/z97t0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjUwNDRaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5NWU2OTE5MjA5MmEwMzBhM2QyNGIxMTRhM2JkZDk4NzhmMWE3NjllOTNi
N2Q4YmEzMWZmODZjNjA5MDhmYTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOzUzQgP0ICsjCsudmcOt1BNXEj23XAj4LevavjknDpHAFiTMTQWmR4EwG7R
rH2+29FqQk24kSnDlO41g91A6PrYMdQe1N5eIr6Z2wa/d7LeD5DdydKNhS1GcW4/
zvxCcnDNgX/8SMreeLorevbFSoQhsjqUf8EBH8kAha2NvtsKcqPKOLGlSk9K8N3F
2unCMOvWRjWriOjBUu7Jq3tTk8sGGB8cdeLgupLGXZl6b7uIOa/HQDu94hhji8YJ
+y5Pbla5S860SJXEMek0p4wzsFk6jZaGdegxI6y6hdEy7//KbU7BRQ2+C/qHrZs6
JOZC0pXZUJqCqusuen/9n2Doq9cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTFAQT5
Mg9qMA1dF7b9VlPkVbekYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDMxZTRiMWItMGZhOS00NTQ5LWE2ZmEtM2E2ZWI5NGVlZjJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMI
QDANBgkqhkiG9w0BAQsFAAOCAQEAUeUs80nXFZ+JNYb/lfuQwklawXgLlbcFOWgL
GEYtHZXlnbD+vu49ODp/PLmwNQajdMo/fUvZSIufZp73T7Wt3vra4fn0EZ6tLk6U
8xGlc7hvcfH8tpnmvtaDVlH6X+yWQmGEXNUf3My/DNsfkxS/Z2mCg8gKt/vfKOJM
JNCUTZHJzh+uzrL5vuBheankrpD+xVzI4kpxV/4Ud86QGz8emFp5AKRWEqq30Fwz
bH5fNacLejAqpyAOXnGHHXnpbLi55TaSe+PNIhyEX7Zikju2gAclVdDYdzedkkeA
ucUa04hoUeQamUR80YvVdeeKGMwsCkFWntmkj2lx8RLFs8Aldg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:13 2025 by rpki-client