Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
File: 0b28278f-4fad-45f4-a194-c2e785f1c443.roa (raw, json)
Hash identifier: bnPnw02S/RQd78xIzfs22MT9zn5qcIKLfksTahgwO0s=
Subject key identifier: 61:30:F7:CC:47:6C:AC:02:BD:CB:50:5B:5A:8C:60:0B:D3:C1:72:F6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52086EEDE8D9A829405992E3877BA30ADEA68799
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
Signing time: Tue 05 Aug 2025 20:00:51 +0000
ROA not before: Tue 05 Aug 2025 20:00:51 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:08:6e:ed:e8:d9:a8:29:40:59:92:e3:87:7b:a3:0a:de:a6:87:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:00:51 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=db54deff08f1091d25796588b75676d9355d5970940cf21a66307aec3687d404, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:69:36:a6:71:d2:a7:55:22:13:7b:d7:f1:f3:
dd:70:72:05:24:16:39:db:fa:c4:3d:a8:e5:e0:9d:
84:ae:ac:79:3b:8b:40:3e:2c:1b:4a:74:5e:17:0f:
04:61:bf:1c:3d:41:b2:a6:fc:7f:5d:99:83:a5:49:
69:08:88:8f:3f:e3:52:d4:4f:b6:54:64:08:05:26:
ac:ea:71:30:e2:4a:f6:a3:82:2a:b5:82:e4:79:f9:
8c:30:a2:d1:05:1b:a2:2c:6f:14:db:9e:1d:ca:5e:
f9:bc:8b:23:8c:76:c1:e7:3a:72:9e:65:ad:da:38:
51:0a:a5:15:88:b2:5b:a9:31:f1:76:7f:3c:75:85:
04:de:82:e9:62:e3:ea:41:cf:35:ed:0e:8c:c5:c9:
b0:0e:c8:2d:22:09:23:bb:d3:b9:a5:77:2d:b5:b2:
d2:cf:31:6b:22:bc:3c:db:04:09:91:6f:bf:7e:ed:
a1:d8:2e:17:07:91:71:44:ca:46:ef:e6:3f:c8:29:
2b:4d:c6:f0:3b:63:96:37:6d:f8:c0:25:db:f5:1f:
0a:d2:8c:1a:58:a7:64:02:cf:27:9e:e2:ef:29:a6:
e3:fb:0a:b5:2e:a5:85:dc:b2:93:ed:cb:c7:f3:5b:
38:31:95:42:26:c6:ed:ea:b6:a2:f2:8d:99:38:f8:
48:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:30:F7:CC:47:6C:AC:02:BD:CB:50:5B:5A:8C:60:0B:D3:C1:72:F6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019:800::/38
Signature Algorithm: sha256WithRSAEncryption
4b:68:39:13:d0:9a:09:26:83:9b:9e:ae:cf:ff:5b:59:5c:87:
bc:51:c4:7a:d6:68:a3:12:d0:17:28:59:57:98:5d:2d:d0:09:
04:a8:a0:34:dc:b0:c0:9f:26:f0:4e:15:bd:35:67:47:b0:da:
f6:7d:53:5c:1e:8f:35:ec:f1:28:dd:5a:52:37:60:44:dc:01:
31:5b:36:67:94:09:55:14:96:a4:03:be:57:bd:19:db:d3:6e:
2a:4e:02:a8:af:e5:23:ee:47:b9:cd:1a:7e:06:2d:07:3e:68:
01:c7:24:ef:1c:e3:8a:8a:2a:85:2e:65:91:db:85:25:5e:6f:
34:c9:48:d9:ff:3b:d2:43:4d:69:58:43:f3:3b:2e:40:ca:27:
61:6a:89:10:79:2c:ad:f5:2a:62:d3:51:13:54:dd:7c:19:23:
c7:64:49:39:1a:0c:23:62:44:ca:c7:3e:e2:18:cf:bb:07:92:
de:de:9e:58:93:bb:7f:8a:fe:9f:7d:1a:68:a9:5c:c6:50:94:
a5:40:8f:d6:73:32:ca:a4:a6:a0:23:45:8d:25:35:53:a5:9a:
6f:26:e0:52:70:38:85:5b:9f:5d:5c:ae:6e:38:d8:73:af:bf:
5a:1a:00:77:37:1c:d1:3e:9e:34:15:42:77:12:6b:72:88:18:
2f:fb:92:6f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUghu7ejZqClAWZLjh3ujCt6mh5kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAwNTFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiNTRkZWZmMDhmMTA5MWQyNTc5NjU4OGI3NTY3NmQ5MzU1ZDU5NzA5NDBj
ZjIxYTY2MzA3YWVjMzY4N2Q0MDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAONpNqZx0qdVIhN71/Hz3XByBSQWOdv6xD2o5eCdhK6seTuLQD4sG0p0XhcP
BGG/HD1Bsqb8f12Zg6VJaQiIjz/jUtRPtlRkCAUmrOpxMOJK9qOCKrWC5Hn5jDCi
0QUboixvFNueHcpe+byLI4x2wec6cp5lrdo4UQqlFYiyW6kx8XZ/PHWFBN6C6WLj
6kHPNe0OjMXJsA7ILSIJI7vTuaV3LbWy0s8xayK8PNsECZFvv37todguFweRcUTK
Ru/mP8gpK03G8Dtjljdt+MAl2/UfCtKMGlinZALPJ57i7ymm4/sKtS6lhdyyk+3L
x/NbODGVQibG7eq2ovKNmTj4SF8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRhMPfM
R2ysAr3LUFtajGAL08Fy9jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIyODI3OGYtNGZhZC00NWY0LWExOTQtYzJlNzg1ZjFjNDQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkI
MA0GCSqGSIb3DQEBCwUAA4IBAQBLaDkT0JoJJoObnq7P/1tZXIe8UcR61mijEtAX
KFlXmF0t0AkEqKA03LDAnybwThW9NWdHsNr2fVNcHo817PEo3VpSN2BE3AExWzZn
lAlVFJakA75XvRnb024qTgKor+Uj7ke5zRp+Bi0HPmgBxyTvHOOKiiqFLmWR24Ul
Xm80yUjZ/zvSQ01pWEPzOy5AyidhaokQeSyt9Spi01ETVN18GSPHZEk5GgwjYkTK
xz7iGM+7B5Le3p5Yk7t/iv6ffRpoqVzGUJSlQI/WczLKpKagI0WNJTVTpZpvJuBS
cDiFW59dXK5uONhzr79aGgB3NxzRPp40FUJ3EmtyiBgv+5Jv
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:00 2025 by rpki-client