Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a1a25d7-6935-420c-a949-4a9d0e6a95d7.roa
File: 0a1a25d7-6935-420c-a949-4a9d0e6a95d7.roa (raw, json)
Hash identifier: jGf4dywPzQkypERv4Ek0+02uK+onNWxM8kIAXqVoLmw=
Subject key identifier: 7A:DB:E1:BC:D0:CB:3A:E1:18:2A:EF:08:1A:28:B8:61:E6:34:58:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 566C524195C19713415275675EA16FDC8148199E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a1a25d7-6935-420c-a949-4a9d0e6a95d7.roa
Signing time: Tue 05 Aug 2025 19:11:26 +0000
ROA not before: Tue 05 Aug 2025 19:11:26 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:6c:52:41:95:c1:97:13:41:52:75:67:5e:a1:6f:dc:81:48:19:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:11:26 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=9dda87db6c43084419d2cc9ebb8dbf2eaacfb92312cc4da5ebb3322c27066d90, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1e:2b:96:d3:ac:fc:10:38:a8:76:f4:4a:e7:
10:d4:fd:82:9f:d7:79:39:94:af:b2:e5:2b:2b:24:
ef:b4:e6:56:9b:a3:8a:48:6b:3f:ec:64:bf:9d:d2:
8b:62:e0:a2:c8:54:83:69:ef:4f:4f:66:39:03:9d:
88:ea:6c:fc:3d:de:98:c8:0e:d1:2a:fa:50:48:6d:
1d:56:0e:dd:39:b3:5e:5b:6c:f8:e9:81:00:4d:39:
12:7c:93:f7:c5:df:38:7e:a2:98:13:38:83:6f:8c:
a2:56:18:ac:80:34:c7:4c:99:76:e0:d3:13:18:d4:
dd:77:13:cc:67:27:b6:f8:f6:1e:cd:7e:4b:e2:ab:
75:ae:19:f4:1d:3c:ce:e1:88:bc:59:f7:40:a9:45:
90:4c:ed:ab:db:0c:91:bf:86:5f:00:88:0d:09:d1:
6e:43:f1:28:33:03:00:98:fe:d0:56:d2:7e:c3:e3:
a9:e5:97:7f:f5:5c:3f:09:9d:e1:08:ef:bf:c4:14:
48:40:b6:0c:af:f9:3d:3d:8b:42:c1:b3:04:e1:5d:
94:62:4c:6d:7e:26:3a:f6:9e:b4:45:69:61:12:dc:
53:0e:9a:99:ab:00:f6:b1:d2:66:a5:65:e5:b4:ae:
66:ff:ff:fd:f4:58:d7:19:51:d6:79:30:f7:66:75:
e2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:DB:E1:BC:D0:CB:3A:E1:18:2A:EF:08:1A:28:B8:61:E6:34:58:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a1a25d7-6935-420c-a949-4a9d0e6a95d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a040::/48
Signature Algorithm: sha256WithRSAEncryption
8b:ca:9f:b1:6f:00:55:a0:1c:e1:f1:da:29:23:7b:2d:0d:bb:
27:ab:65:56:19:4e:a1:a4:63:71:ce:05:fb:66:9c:bc:30:81:
cb:97:4a:dd:c5:07:89:6c:f4:9b:a2:26:22:75:a2:a3:96:cc:
65:03:16:cf:d3:f6:72:29:65:d9:1d:d4:e9:41:8b:b9:6c:8f:
61:8c:d1:97:40:18:1c:63:26:0d:d8:3a:9f:1f:76:7e:7d:bc:
ef:b4:24:30:7b:38:25:5e:f9:a2:1f:1a:f2:14:16:b7:c8:76:
60:b6:11:82:83:3b:e4:4a:21:be:60:5c:28:c6:ce:9c:08:1e:
16:98:fd:b1:45:40:70:fb:58:d9:e3:c4:71:8e:ee:5f:97:f7:
6d:a9:64:30:3a:a9:2d:f2:11:9d:02:bf:7b:e1:bf:28:fe:4d:
7e:0c:f1:16:9f:32:c9:e7:80:fc:5e:b1:de:96:f2:d9:04:95:
a0:a7:d5:39:c3:31:f3:35:e2:a6:e6:1e:48:8f:ad:a3:b0:36:
49:7f:85:41:62:6e:cc:3b:c7:0d:58:ef:c0:91:1d:c7:95:a3:
b8:d1:c2:82:7d:d7:80:d1:c6:b4:b2:73:48:47:96:f7:2b:9d:
2a:6b:97:9b:64:f3:d2:30:81:25:57:44:a0:9b:fc:e4:46:2d:
5e:ba:0b:71
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVmxSQZXBlxNBUnVnXqFv3IFIGZ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTExMjZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkZGE4N2RiNmM0MzA4NDQxOWQyY2M5ZWJiOGRiZjJlYWFjZmI5MjMxMmNj
NGRhNWViYjMzMjJjMjcwNjZkOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8eK5bTrPwQOKh29ErnENT9gp/XeTmUr7LlKysk77TmVpujikhrP+xkv53S
i2LgoshUg2nvT09mOQOdiOps/D3emMgO0Sr6UEhtHVYO3TmzXlts+OmBAE05EnyT
98XfOH6imBM4g2+MolYYrIA0x0yZduDTExjU3XcTzGcntvj2Hs1+S+Krda4Z9B08
zuGIvFn3QKlFkEztq9sMkb+GXwCIDQnRbkPxKDMDAJj+0FbSfsPjqeWXf/VcPwmd
4Qjvv8QUSEC2DK/5PT2LQsGzBOFdlGJMbX4mOvaetEVpYRLcUw6amasA9rHSZqVl
5bSuZv///fRY1xlR1nkw92Z14p8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR62+G8
0Ms64Rgq7wgaKLhh5jRYqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGExYTI1ZDctNjkzNS00MjBjLWE5NDktNGE5ZDBlNmE5NWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGg
QDANBgkqhkiG9w0BAQsFAAOCAQEAi8qfsW8AVaAc4fHaKSN7LQ27J6tlVhlOoaRj
cc4F+2acvDCBy5dK3cUHiWz0m6ImInWio5bMZQMWz9P2cill2R3U6UGLuWyPYYzR
l0AYHGMmDdg6nx92fn2877QkMHs4JV75oh8a8hQWt8h2YLYRgoM75EohvmBcKMbO
nAgeFpj9sUVAcPtY2ePEcY7uX5f3balkMDqpLfIRnQK/e+G/KP5NfgzxFp8yyeeA
/F6x3pby2QSVoKfVOcMx8zXipuYeSI+to7A2SX+FQWJuzDvHDVjvwJEdx5WjuNHC
gn3XgNHGtLJzSEeW9yudKmuXm2Tz0jCBJVdEoJv85EYtXroLcQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:55:24 2025 by rpki-client