Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
File: 04593af5-4653-4d6a-8bb5-65270db84a4f.roa (raw, json)
Hash identifier: pwIJvEsSXyhz3/rTMq/f+ohWJ1YwsCZ3pZLgHK/yfUc=
Subject key identifier: CA:99:99:D3:7D:BA:7D:B5:27:C7:83:A2:ED:B9:73:CB:7C:10:10:33
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1068C66E41B558FF40632492D5DA02D9C2489A47
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
Signing time: Tue 05 Aug 2025 20:20:14 +0000
ROA not before: Tue 05 Aug 2025 20:20:14 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02d::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:68:c6:6e:41:b5:58:ff:40:63:24:92:d5:da:02:d9:c2:48:9a:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:20:14 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=5061d9332d1331c7f7c6b43bf6255862128e821feac9a2d2995024176fe9f798, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7e:73:4b:14:5e:33:15:42:75:f7:42:f0:17:
aa:c3:86:c5:d7:91:96:e3:53:09:5f:5e:1f:16:a7:
2e:c0:ef:04:f8:f0:d8:d0:2f:5d:29:92:a1:5e:09:
98:e0:a8:6f:00:80:19:1a:14:b4:6d:7b:5b:32:99:
45:67:55:f3:80:c0:1b:19:5a:94:f7:ff:e1:10:29:
14:4b:be:1d:8d:27:37:7b:8e:16:32:51:5a:1c:86:
86:cb:2d:f2:f4:d2:b4:6c:dd:26:a3:1f:8a:5d:7b:
4e:9f:ce:03:03:c7:43:35:33:9d:78:27:35:06:d2:
9a:18:bc:55:26:a0:ac:b6:e1:95:23:f7:bd:36:39:
67:ce:de:78:77:c5:20:00:00:09:7e:ad:ca:45:63:
9a:e4:5d:83:ef:b9:3e:ca:04:7f:fe:ac:b7:39:f1:
c5:df:c6:bf:8c:93:1c:8c:2f:56:ac:10:62:fb:91:
85:d6:89:e6:a7:42:0e:6d:c9:35:95:72:a5:13:e0:
e7:8f:d8:cf:c2:ce:2c:ef:7c:68:2d:e6:14:fe:9f:
66:0e:6a:98:50:e8:1d:c9:92:bb:b0:9c:dc:5b:81:
d7:60:d6:ed:cc:92:fc:b7:02:99:6f:4f:a2:c9:b5:
88:f8:2a:81:8e:70:87:fc:93:0e:a3:43:3c:79:01:
31:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:99:99:D3:7D:BA:7D:B5:27:C7:83:A2:ED:B9:73:CB:7C:10:10:33
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02d::/36
Signature Algorithm: sha256WithRSAEncryption
3a:8a:20:46:5f:62:af:71:83:ca:bb:4f:96:b6:db:f7:55:18:
9b:51:e2:54:a3:04:83:9c:87:aa:f9:03:7d:a9:00:78:d3:fe:
18:d2:b3:50:4d:b9:70:1a:30:e7:6a:07:8a:a9:ee:61:6c:65:
06:0e:c0:5f:dd:cd:58:15:2d:2c:70:bf:41:57:e0:0d:cc:ba:
e0:f1:e8:1a:d9:cd:84:97:51:20:2e:5f:3d:1f:5a:ba:57:4a:
d0:04:c7:f6:e1:62:f1:1b:88:da:64:3a:e2:7b:26:5c:04:0c:
86:9d:78:51:c8:be:c7:37:45:29:c0:a0:99:50:59:0a:db:13:
68:21:cc:4b:11:b9:d5:a2:6f:a7:a4:6d:37:d3:e7:90:4c:94:
68:90:44:95:3c:c9:ff:fd:40:49:1d:6e:33:1b:e1:11:c6:8c:
83:26:f6:6a:ce:1a:a9:13:bf:b2:25:53:d8:20:ff:ac:37:ba:
ff:07:9c:c7:60:ff:25:4a:df:b5:25:f5:dd:6f:da:66:58:6b:
c7:41:13:3d:c8:a0:53:81:92:e5:14:6b:e4:ca:d8:48:10:a9:
56:77:ed:63:61:dd:79:8a:ec:b5:20:61:f1:a7:db:71:99:83:
44:e9:69:40:3f:7e:14:16:60:93:16:39:98:a0:fa:0c:85:7b:
e2:89:71:ff
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEGjGbkG1WP9AYySS1doC2cJImkcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDIwMTRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwNjFkOTMzMmQxMzMxYzdmN2M2YjQzYmY2MjU1ODYyMTI4ZTgyMWZlYWM5
YTJkMjk5NTAyNDE3NmZlOWY3OTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALV+c0sUXjMVQnX3QvAXqsOGxdeRluNTCV9eHxanLsDvBPjw2NAvXSmSoV4J
mOCobwCAGRoUtG17WzKZRWdV84DAGxlalPf/4RApFEu+HY0nN3uOFjJRWhyGhsst
8vTStGzdJqMfil17Tp/OAwPHQzUznXgnNQbSmhi8VSagrLbhlSP3vTY5Z87eeHfF
IAAACX6tykVjmuRdg++5PsoEf/6stznxxd/Gv4yTHIwvVqwQYvuRhdaJ5qdCDm3J
NZVypRPg54/Yz8LOLO98aC3mFP6fZg5qmFDoHcmSu7Cc3FuB12DW7cyS/LcCmW9P
osm1iPgqgY5wh/yTDqNDPHkBMUcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTKmZnT
fbp9tSfHg6LtuXPLfBAQMzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQ1OTNhZjUtNDY1My00ZDZhLThiYjUtNjUyNzBkYjg0YTRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C0A
MA0GCSqGSIb3DQEBCwUAA4IBAQA6iiBGX2KvcYPKu0+Wttv3VRibUeJUowSDnIeq
+QN9qQB40/4Y0rNQTblwGjDnageKqe5hbGUGDsBf3c1YFS0scL9BV+ANzLrg8ega
2c2El1EgLl89H1q6V0rQBMf24WLxG4jaZDrieyZcBAyGnXhRyL7HN0UpwKCZUFkK
2xNoIcxLEbnVom+npG030+eQTJRokESVPMn//UBJHW4zG+ERxoyDJvZqzhqpE7+y
JVPYIP+sN7r/B5zHYP8lSt+1JfXdb9pmWGvHQRM9yKBTgZLlFGvkythIEKlWd+1j
Yd15iuy1IGHxp9txmYNE6WlAP34UFmCTFjmYoPoMhXviiXH/
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:46 2025 by rpki-client