Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/00150ff4-0ab9-428f-ae9a-ccd9dc669cb8.roa
File: 00150ff4-0ab9-428f-ae9a-ccd9dc669cb8.roa (raw, json)
Hash identifier: xF9uienEjg51q5ods9Z1X8292Kl50C8QgjX1QgiYkLA=
Subject key identifier: 46:1E:5A:85:6B:59:00:97:60:15:1E:06:11:E5:D7:DB:83:92:B2:C5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30854B7DF61E4F446F4D575F3C3E4B3AEE428607
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/00150ff4-0ab9-428f-ae9a-ccd9dc669cb8.roa
Signing time: Wed 06 Aug 2025 00:51:18 +0000
ROA not before: Wed 06 Aug 2025 00:51:18 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:85:4b:7d:f6:1e:4f:44:6f:4d:57:5f:3c:3e:4b:3a:ee:42:86:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:51:18 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=28e5f47bdb8f04228b5cf3e59a003f68ba2289cea128b69c1b88e74665dbf0ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ca:93:98:eb:1c:f9:04:56:72:f1:e3:8c:cd:
34:90:34:46:fd:f2:b4:04:dc:b4:45:ac:14:93:20:
ab:a5:b6:94:95:5d:48:23:01:95:00:6a:70:d8:70:
90:87:7c:f1:74:50:1a:a8:97:de:7e:78:b1:ba:21:
a6:b9:8c:54:d3:c5:bb:c5:0c:a1:20:99:0f:69:65:
03:87:14:ff:ad:d2:d6:80:3f:5d:3e:d9:70:a1:3a:
51:1f:66:a2:f7:94:36:d9:85:c0:28:e5:90:76:4f:
fe:0e:a8:ef:ef:f6:ee:12:8f:4e:f2:4e:bd:91:89:
25:cb:81:27:fa:c7:ab:9e:34:2e:8f:75:05:21:74:
99:0d:45:36:f5:f1:73:83:be:fe:2e:b2:7a:4a:0e:
98:ca:85:24:3a:04:3e:30:6c:c5:c9:00:8d:8a:a9:
a4:2e:48:56:f9:d7:ac:ec:b5:1a:0c:fc:aa:de:4c:
29:37:db:c8:84:07:c9:8c:1b:ff:35:23:4f:06:b6:
80:5a:07:de:52:2a:5f:20:a8:30:74:c4:67:51:58:
7d:10:9c:28:50:dc:72:54:2c:57:e5:2f:bf:ec:4c:
3f:30:ed:1d:8e:f7:50:8a:91:72:fa:4a:ca:a9:b8:
85:25:4c:31:99:cd:f5:90:96:c0:f4:8e:be:4e:05:
1e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:1E:5A:85:6B:59:00:97:60:15:1E:06:11:E5:D7:DB:83:92:B2:C5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/00150ff4-0ab9-428f-ae9a-ccd9dc669cb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:6000::/40
Signature Algorithm: sha256WithRSAEncryption
78:da:0b:86:4f:14:7d:da:b2:37:12:16:70:78:18:c5:94:1d:
5a:a8:80:50:f9:b5:5e:f9:92:8e:b4:e5:f2:d1:d2:be:60:fc:
55:d7:11:88:47:a3:c3:a7:08:bb:39:68:5e:97:63:09:bd:e4:
fa:00:cd:92:13:05:75:7f:d0:97:df:f1:b4:be:0c:23:21:ba:
d4:47:03:91:e2:8a:3e:ad:27:8e:9e:09:52:bf:a9:a8:6d:74:
58:22:6a:de:ee:6f:00:53:f1:cf:3e:df:25:5f:47:23:04:58:
a1:f9:04:72:49:7c:ad:bc:92:c1:e7:df:4b:ed:2d:9e:c3:92:
99:73:a0:44:9c:a2:24:2b:ec:44:85:c5:a2:36:32:88:a5:ae:
f4:44:86:aa:b7:c3:d2:ac:5b:36:40:f4:53:81:fd:02:da:80:
cd:3a:0a:1c:e5:0a:83:bc:04:2f:ea:fc:e0:06:a7:b3:2a:fd:
88:a8:ed:f3:09:01:81:99:4a:36:35:df:e6:c3:e4:22:e3:f1:
b2:1c:e3:81:39:30:00:ce:37:a3:a7:28:e4:de:ce:48:ac:80:
b4:51:ab:03:cd:b1:72:02:8e:f4:be:3d:c0:09:9a:2f:19:3e:
5a:88:12:fa:37:da:9d:32:43:8f:3f:ae:02:59:20:f7:a7:60:
11:c5:13:06
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMIVLffYeT0RvTVdfPD5LOu5ChgcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUxMThaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4ZTVmNDdiZGI4ZjA0MjI4YjVjZjNlNTlhMDAzZjY4YmEyMjg5Y2VhMTI4
YjY5YzFiODhlNzQ2NjVkYmYwYWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7Kk5jrHPkEVnLx44zNNJA0Rv3ytATctEWsFJMgq6W2lJVdSCMBlQBqcNhw
kId88XRQGqiX3n54sbohprmMVNPFu8UMoSCZD2llA4cU/63S1oA/XT7ZcKE6UR9m
oveUNtmFwCjlkHZP/g6o7+/27hKPTvJOvZGJJcuBJ/rHq540Lo91BSF0mQ1FNvXx
c4O+/i6yekoOmMqFJDoEPjBsxckAjYqppC5IVvnXrOy1Ggz8qt5MKTfbyIQHyYwb
/zUjTwa2gFoH3lIqXyCoMHTEZ1FYfRCcKFDcclQsV+Uvv+xMPzDtHY73UIqRcvpK
yqm4hSVMMZnN9ZCWwPSOvk4FHvUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRGHlqF
a1kAl2AVHgYR5dfbg5KyxTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDAxNTBmZjQtMGFiOS00MjhmLWFlOWEtY2NkOWRjNjY5Y2I4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9g
MA0GCSqGSIb3DQEBCwUAA4IBAQB42guGTxR92rI3EhZweBjFlB1aqIBQ+bVe+ZKO
tOXy0dK+YPxV1xGIR6PDpwi7OWhel2MJveT6AM2SEwV1f9CX3/G0vgwjIbrURwOR
4oo+rSeOnglSv6mobXRYImre7m8AU/HPPt8lX0cjBFih+QRySXytvJLB599L7S2e
w5KZc6BEnKIkK+xEhcWiNjKIpa70RIaqt8PSrFs2QPRTgf0C2oDNOgoc5QqDvAQv
6vzgBqezKv2IqO3zCQGBmUo2Nd/mw+Qi4/GyHOOBOTAAzjejpyjk3s5IrIC0UasD
zbFyAo70vj3ACZovGT5aiBL6N9qdMkOPP64CWSD3p2ARxRMG
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:22 2025 by rpki-client