Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b360e2c-382b-4420-8550-330a58e946ee.roa
File: 0b360e2c-382b-4420-8550-330a58e946ee.roa (raw, json)
Hash identifier: Wgj+SGbVYdtmyTKC8F14o+VaQ09JS4oWv0Rov0gNulY=
Subject key identifier: 55:F7:81:63:E9:E1:76:E4:69:74:B3:8B:B3:18:8D:15:6A:74:C4:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0EF41C0578ED6B0E60FC6E19492FD65C636CE8AD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b360e2c-382b-4420-8550-330a58e946ee.roa
Signing time: Tue 05 Aug 2025 20:01:25 +0000
ROA not before: Tue 05 Aug 2025 20:01:25 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:f4:1c:05:78:ed:6b:0e:60:fc:6e:19:49:2f:d6:5c:63:6c:e8:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:01:25 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=61bec1d24663623d4f8d7193bace99f172b18be7e91272233977eda76d055ce1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:89:a6:ed:ea:12:e2:dd:22:a8:9d:6b:d1:7d:
88:12:d5:d6:7c:4f:35:28:61:32:2e:16:11:9d:e6:
76:43:52:96:77:c9:c5:09:e7:bd:d7:60:57:e7:9c:
83:5e:e1:12:3f:d7:b9:27:65:67:5e:b4:da:0d:84:
a3:ef:a4:2e:da:43:50:7e:0e:03:39:17:2a:cf:28:
eb:da:02:0f:9e:cf:9f:2d:9f:7d:6e:f3:cf:ae:80:
42:37:a3:b1:0d:88:bb:46:4e:f0:e7:7f:62:3d:df:
c2:f7:20:d1:37:e1:6c:81:91:54:a4:59:22:d2:db:
49:fd:67:d1:8b:e8:03:ce:c3:9b:53:2f:a2:8b:a2:
58:39:81:b0:f0:bb:b8:1c:0f:87:35:2e:0f:98:29:
73:1c:65:de:1b:c1:26:31:dd:fa:dd:7f:dc:17:85:
b9:a0:95:78:ed:f9:a4:7b:9c:96:e1:e2:33:b4:f1:
52:ca:bc:e9:31:ba:69:5a:68:fe:5e:5c:39:e9:89:
37:50:8c:6b:98:21:7c:43:8e:5b:42:7c:26:07:ac:
3f:3f:21:07:a5:1b:ac:ff:03:78:1c:2e:d5:79:77:
a0:6a:59:7f:79:c5:2d:77:37:5b:08:c0:3c:a4:fd:
9c:03:5c:5d:e5:aa:e2:5d:0c:f1:7e:41:a3:d1:d3:
94:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:F7:81:63:E9:E1:76:E4:69:74:B3:8B:B3:18:8D:15:6A:74:C4:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b360e2c-382b-4420-8550-330a58e946ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:6000::/40
Signature Algorithm: sha256WithRSAEncryption
77:a8:0f:29:0f:aa:61:ac:ae:b3:9c:48:e7:8c:57:57:bd:0e:
ab:3d:d8:fa:2f:31:a2:00:5a:25:7a:43:a2:05:d3:c2:7c:ee:
b3:9f:61:9b:f9:f2:bf:39:95:b0:8e:ce:8c:75:61:85:c1:d0:
b3:bf:1e:ae:56:97:d1:93:9c:a8:39:e5:fc:81:92:de:23:e1:
48:68:12:63:0e:6c:7a:4c:80:57:49:ce:bd:2a:58:f7:d4:a7:
aa:25:a8:79:bb:01:b1:70:16:a1:90:dd:75:e0:8f:b1:6f:50:
cf:b4:84:80:27:d1:e1:97:dd:43:50:c8:7e:22:c4:53:b7:6b:
98:2c:ce:10:c5:70:a1:02:0a:86:92:43:7a:59:2c:86:93:9c:
72:5c:74:30:be:9b:bf:77:67:d5:33:3b:53:f6:94:95:9d:46:
1d:ae:ac:f1:fc:d8:b4:b9:a6:8f:96:d8:da:78:ed:60:e8:b8:
9e:09:7d:43:02:4b:f1:45:f2:e5:4d:01:d2:77:28:36:a2:65:
db:41:36:24:a6:96:68:52:a6:99:f1:07:9b:4b:7f:d2:bf:44:
3c:42:c6:fe:05:cc:34:3b:94:b3:7b:08:f2:96:f4:48:14:27:
41:d0:b4:a2:14:eb:2f:d6:86:23:de:9d:83:04:87:1a:86:29:
01:0b:b8:77
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDvQcBXjtaw5g/G4ZSS/WXGNs6K0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAxMjVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxYmVjMWQyNDY2MzYyM2Q0ZjhkNzE5M2JhY2U5OWYxNzJiMThiZTdlOTEy
NzIyMzM5NzdlZGE3NmQwNTVjZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI+Jpu3qEuLdIqida9F9iBLV1nxPNShhMi4WEZ3mdkNSlnfJxQnnvddgV+ec
g17hEj/XuSdlZ1602g2Eo++kLtpDUH4OAzkXKs8o69oCD57Pny2ffW7zz66AQjej
sQ2Iu0ZO8Od/Yj3fwvcg0TfhbIGRVKRZItLbSf1n0YvoA87Dm1MvoouiWDmBsPC7
uBwPhzUuD5gpcxxl3hvBJjHd+t1/3BeFuaCVeO35pHucluHiM7TxUsq86TG6aVpo
/l5cOemJN1CMa5ghfEOOW0J8JgesPz8hB6UbrP8DeBwu1Xl3oGpZf3nFLXc3WwjA
PKT9nANcXeWq4l0M8X5Bo9HTlI8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRV94Fj
6eF25Gl0s4uzGI0VanTEJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIzNjBlMmMtMzgyYi00NDIwLTg1NTAtMzMwYTU4ZTk0NmVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fhg
MA0GCSqGSIb3DQEBCwUAA4IBAQB3qA8pD6phrK6znEjnjFdXvQ6rPdj6LzGiAFol
ekOiBdPCfO6zn2Gb+fK/OZWwjs6MdWGFwdCzvx6uVpfRk5yoOeX8gZLeI+FIaBJj
Dmx6TIBXSc69Klj31KeqJah5uwGxcBahkN114I+xb1DPtISAJ9Hhl91DUMh+IsRT
t2uYLM4QxXChAgqGkkN6WSyGk5xyXHQwvpu/d2fVMztT9pSVnUYdrqzx/Ni0uaaP
ltjaeO1g6LieCX1DAkvxRfLlTQHSdyg2omXbQTYkppZoUqaZ8QebS3/Sv0Q8Qsb+
Bcw0O5SzewjylvRIFCdB0LSiFOsv1oYj3p2DBIcahikBC7h3
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:07 2025 by rpki-client