Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
File: 09a66d07-54a4-4c26-8a49-e43710070e4d.roa (raw, json)
Hash identifier: p/pIgBYWiKyCemkV8TjCajIzE/Zandtz6a5hUu12CBU=
Subject key identifier: A3:5A:02:53:4B:1F:57:3C:6B:59:3A:4A:83:29:E8:38:96:43:3E:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 513F2695F4F36FCFDAA98FDF8D937B7BB610327A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
Signing time: Tue 05 Aug 2025 19:10:11 +0000
ROA not before: Tue 05 Aug 2025 19:10:11 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:3f:26:95:f4:f3:6f:cf:da:a9:8f:df:8d:93:7b:7b:b6:10:32:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:10:11 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=e63d3780d701986fcf7b0bb2cc0763d84cabbc6d9a20bf076b8f00d111220c62, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c2:87:fa:90:bf:32:bb:f4:ab:a8:b4:f4:0c:
07:80:b1:0a:12:18:02:ed:3d:74:b8:6f:30:6f:17:
4a:6c:a1:1f:40:ea:0a:5e:97:99:d5:19:0b:68:7f:
6e:ba:e6:94:4b:af:64:e3:c6:9a:66:5d:e5:ad:3a:
de:4b:d8:29:66:b7:4d:37:c8:4f:f9:5a:46:93:f3:
d5:61:bc:8b:a2:d6:37:3a:27:b1:dd:dc:fd:c0:7e:
c6:c9:ba:35:81:a6:1e:8c:67:a5:f9:2e:1f:16:ed:
7d:4f:6b:c3:cc:e3:de:48:6e:54:f1:91:66:b7:4a:
45:6a:00:74:d2:25:af:14:c1:33:12:91:d2:df:96:
a6:41:31:78:5f:8c:ea:b3:1e:63:a1:31:41:bc:11:
3c:fd:6e:08:59:34:b8:a5:4c:05:2a:b7:c6:49:2b:
28:7e:17:bd:95:17:7a:27:9e:ed:23:49:27:b5:a0:
fe:6f:c9:65:e3:ab:74:38:1c:53:75:63:c2:15:58:
7c:ff:1b:be:b8:a5:11:01:e7:ce:1b:c0:f9:fe:da:
d0:c7:a8:c0:d4:90:1c:ed:c4:cb:ba:5c:27:dc:e0:
1f:9a:0d:30:bd:67:59:39:69:dd:24:bd:90:c1:0c:
83:c1:e8:7b:91:2f:8b:4a:b5:8d:7d:81:b3:cb:19:
19:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:5A:02:53:4B:1F:57:3C:6B:59:3A:4A:83:29:E8:38:96:43:3E:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1080::/48
Signature Algorithm: sha256WithRSAEncryption
3a:11:f5:6f:c2:2f:27:67:09:78:38:29:53:6b:6b:fe:79:e0:
9a:fd:33:66:54:b2:f5:8b:d5:d1:b4:38:b4:8b:e7:60:a6:78:
c2:19:44:37:6c:9f:c6:fe:ae:24:ed:4f:58:89:51:8b:d2:75:
e4:a7:30:0a:77:65:2b:78:51:5f:5a:14:63:d0:ea:f2:b3:4a:
18:74:51:93:e1:9d:02:a0:ea:c8:3f:a5:64:af:c4:a5:7f:f7:
02:b5:e6:63:46:b6:37:9f:f8:42:83:3f:3e:9b:ec:0e:7b:a6:
c6:d7:53:97:71:26:87:b3:49:a8:c0:c5:3a:e0:36:eb:60:bf:
12:b0:8c:0b:04:ff:94:83:74:29:c6:0c:d7:ef:b2:f2:c3:26:
81:57:49:b3:28:b3:eb:60:83:63:d7:ee:42:39:03:57:01:0d:
9b:60:e9:b0:15:b6:f9:4e:fc:a8:b6:66:2f:5f:4f:e1:4f:28:
84:c8:93:bf:6f:a8:e5:3a:63:66:6f:b5:0a:bd:78:79:7f:8b:
d9:90:b8:27:b7:cb:2a:ac:40:8d:6c:12:15:d5:f3:f9:b8:ad:
7a:05:51:30:e1:84:13:b4:65:49:17:12:ac:d1:4a:b8:0e:87:
db:0c:ca:6f:58:14:90:ff:53:4c:d8:c3:25:25:84:51:86:d0:
21:46:69:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUT8mlfTzb8/aqY/fjZN7e7YQMnowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTEwMTFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2M2QzNzgwZDcwMTk4NmZjZjdiMGJiMmNjMDc2M2Q4NGNhYmJjNmQ5YTIw
YmYwNzZiOGYwMGQxMTEyMjBjNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/Ch/qQvzK79KuotPQMB4CxChIYAu09dLhvMG8XSmyhH0DqCl6XmdUZC2h/
brrmlEuvZOPGmmZd5a063kvYKWa3TTfIT/laRpPz1WG8i6LWNzonsd3c/cB+xsm6
NYGmHoxnpfkuHxbtfU9rw8zj3khuVPGRZrdKRWoAdNIlrxTBMxKR0t+WpkExeF+M
6rMeY6ExQbwRPP1uCFk0uKVMBSq3xkkrKH4XvZUXeiee7SNJJ7Wg/m/JZeOrdDgc
U3VjwhVYfP8bvrilEQHnzhvA+f7a0MeowNSQHO3Ey7pcJ9zgH5oNML1nWTlp3SS9
kMEMg8Hoe5Evi0q1jX2Bs8sZGXMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSjWgJT
Sx9XPGtZOkqDKeg4lkM+jjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDlhNjZkMDctNTRhNC00YzI2LThhNDktZTQzNzEwMDcwZTRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
gDANBgkqhkiG9w0BAQsFAAOCAQEAOhH1b8IvJ2cJeDgpU2tr/nngmv0zZlSy9YvV
0bQ4tIvnYKZ4whlEN2yfxv6uJO1PWIlRi9J15KcwCndlK3hRX1oUY9Dq8rNKGHRR
k+GdAqDqyD+lZK/EpX/3ArXmY0a2N5/4QoM/PpvsDnumxtdTl3Emh7NJqMDFOuA2
62C/ErCMCwT/lIN0KcYM1++y8sMmgVdJsyiz62CDY9fuQjkDVwENm2DpsBW2+U78
qLZmL19P4U8ohMiTv2+o5TpjZm+1Cr14eX+L2ZC4J7fLKqxAjWwSFdXz+bitegVR
MOGEE7RlSRcSrNFKuA6H2wzKb1gUkP9TTNjDJSWEUYbQIUZpjw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:41 2025 by rpki-client