Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d58dbbef-7392-498d-b094-189de828de57.roa
File: d58dbbef-7392-498d-b094-189de828de57.roa (raw, json)
Hash identifier: TrFzofZljU7C8e/WnqvQlu9+E3hijlykegbMY6WT3+8=
Subject key identifier: 70:3A:E9:9E:8D:65:6A:17:7A:96:B9:98:B3:67:22:53:23:74:C4:D7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2819DD89C1913C2030D9B1A25A204641C9AB33A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d58dbbef-7392-498d-b094-189de828de57.roa
Signing time: Mon 21 Jul 2025 16:40:08 +0000
ROA not before: Mon 21 Jul 2025 16:40:08 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:19:dd:89:c1:91:3c:20:30:d9:b1:a2:5a:20:46:41:c9:ab:33:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:40:08 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=08fbad9a1845cfcfe279827109a7371158a78161e4faf7a2f4c36b5b9a2a96ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:1f:e0:ba:78:a4:d6:55:68:bb:5d:a5:8d:c7:
40:4d:5e:4a:8b:94:79:ed:51:c1:23:c6:48:a5:46:
9e:9a:a7:f6:e0:c3:90:00:54:76:98:b1:df:42:e2:
c9:17:94:2c:b6:47:0c:2d:c5:53:69:e4:52:22:b8:
85:15:59:60:68:6e:ee:4d:cd:e0:b0:10:91:58:77:
2a:48:cc:f7:a2:f6:fd:1d:14:b6:68:f8:25:b2:1a:
a1:10:13:f9:83:b1:02:35:38:bc:22:5f:d4:5c:bb:
d3:d9:39:36:3d:fb:76:dc:c6:dd:25:32:36:65:ee:
f0:ee:a3:06:23:8b:0c:8f:8d:e0:0c:84:ee:87:20:
a7:fe:98:7d:f3:e8:20:6c:12:1e:a1:c9:9a:87:55:
4e:64:48:90:92:dd:1f:d5:54:a5:c8:60:7c:96:06:
18:d0:96:0e:a9:fe:21:fc:2a:56:9e:e6:11:5d:56:
41:f6:fb:f6:93:15:f0:11:de:d1:e9:4e:42:23:18:
98:dd:ad:c0:6f:16:9c:e6:6d:06:f0:76:23:2b:9c:
eb:61:94:b9:61:9f:94:cf:02:9c:8a:10:fb:99:68:
25:c2:9b:35:2b:3e:f3:c8:50:bd:14:b6:0f:58:b4:
5a:7c:f1:d1:b9:1f:60:7e:c6:c2:34:45:2e:f2:97:
fd:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:3A:E9:9E:8D:65:6A:17:7A:96:B9:98:B3:67:22:53:23:74:C4:D7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d58dbbef-7392-498d-b094-189de828de57.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c020::/48
Signature Algorithm: sha256WithRSAEncryption
c5:95:aa:1a:f7:c8:75:2e:ab:4d:7b:83:08:f6:3f:e5:05:3b:
9c:55:89:b2:21:3a:b7:cb:65:4e:91:43:ac:98:6d:07:2b:5b:
af:12:fa:0d:bd:b9:32:34:06:d4:2b:61:60:a6:88:22:05:d4:
89:a2:64:50:a8:60:9e:16:f6:73:c1:9a:f8:fe:a7:3e:e2:21:
19:f1:50:cd:5d:63:23:69:c4:a0:3f:ee:5c:2a:f3:00:8d:fb:
15:4c:0d:03:86:dd:4b:ba:5f:1e:1f:5e:e2:9b:ad:16:7c:7a:
bd:0d:a1:b2:e8:03:d3:41:ba:e1:65:da:31:2b:7a:be:3d:52:
fe:01:86:c1:d1:2c:97:d8:4a:81:29:1b:67:7c:f7:e1:77:01:
6d:52:87:43:c8:09:17:8e:e7:0e:cf:bd:f6:5c:26:a4:29:33:
ce:c2:2d:dd:05:5c:5f:09:fd:e2:87:1d:eb:c3:cd:17:b7:c9:
95:fc:82:05:90:d5:f4:bd:56:cf:e0:08:67:0c:77:6f:89:b3:
87:e6:7a:4c:22:d2:68:e5:7e:e7:6a:74:01:1f:3e:1b:07:6b:
34:4c:a1:ee:a7:fa:41:7d:9a:a9:a2:c0:84:b3:33:56:0c:23:
ed:3f:7e:ef:95:f7:9e:00:a1:db:b2:c2:76:c9:28:b9:8c:c6:
b8:d9:be:97
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKBndicGRPCAw2bGiWiBGQcmrM6AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjQwMDhaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4ZmJhZDlhMTg0NWNmY2ZlMjc5ODI3MTA5YTczNzExNThhNzgxNjFlNGZh
ZjdhMmY0YzM2YjViOWEyYTk2ZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOIf4Lp4pNZVaLtdpY3HQE1eSouUee1RwSPGSKVGnpqn9uDDkABUdpix30Li
yReULLZHDC3FU2nkUiK4hRVZYGhu7k3N4LAQkVh3KkjM96L2/R0Utmj4JbIaoRAT
+YOxAjU4vCJf1Fy709k5Nj37dtzG3SUyNmXu8O6jBiOLDI+N4AyE7ocgp/6YffPo
IGwSHqHJmodVTmRIkJLdH9VUpchgfJYGGNCWDqn+IfwqVp7mEV1WQfb79pMV8BHe
0elOQiMYmN2twG8WnOZtBvB2Iyuc62GUuWGflM8CnIoQ+5loJcKbNSs+88hQvRS2
D1i0Wnzx0bkfYH7GwjRFLvKX/UECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRwOume
jWVqF3qWuZizZyJTI3TE1zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDU4ZGJiZWYtNzM5Mi00OThkLWIwOTQtMTg5ZGU4MjhkZTU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
IDANBgkqhkiG9w0BAQsFAAOCAQEAxZWqGvfIdS6rTXuDCPY/5QU7nFWJsiE6t8tl
TpFDrJhtBytbrxL6Db25MjQG1CthYKaIIgXUiaJkUKhgnhb2c8Ga+P6nPuIhGfFQ
zV1jI2nEoD/uXCrzAI37FUwNA4bdS7pfHh9e4putFnx6vQ2hsugD00G64WXaMSt6
vj1S/gGGwdEsl9hKgSkbZ3z34XcBbVKHQ8gJF47nDs+99lwmpCkzzsIt3QVcXwn9
4ocd68PNF7fJlfyCBZDV9L1Wz+AIZwx3b4mzh+Z6TCLSaOV+52p0AR8+GwdrNEyh
7qf6QX2aqaLAhLMzVgwj7T9+75X3ngCh27LCdskouYzGuNm+lw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:18 2025 by rpki-client