Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
File: 14c60b75-8947-47da-9c6d-7045cbbbea55.roa (raw, json)
Hash identifier: 0t3DydXr9PkfoBDmD4l9HLm3etgV9x4XeWIAB44iuYY=
Subject key identifier: 52:5E:DD:B4:0F:21:BE:D0:03:32:9D:F0:ED:42:7B:06:28:22:B7:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E144F422F05CD1847E1B4E0AFAEE6894E7EC8D2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
Signing time: Wed 06 Aug 2025 00:50:46 +0000
ROA not before: Wed 06 Aug 2025 00:50:46 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:14:4f:42:2f:05:cd:18:47:e1:b4:e0:af:ae:e6:89:4e:7e:c8:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:46 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=54d6670670bb0fc423556d1334e14b85cbad7a4a75e28374b179953eaa31fca2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:14:94:f9:ec:64:c8:16:7e:c0:1f:70:72:a8:
f4:5b:4d:6b:67:ca:3e:dd:bf:6f:f3:3b:e9:7c:cb:
9b:66:69:dc:ff:0a:40:d0:fd:19:dd:4b:83:6e:de:
a5:86:53:d6:50:a6:cf:90:36:70:43:f6:7f:87:76:
7b:8d:35:14:67:19:4b:0d:48:80:18:23:d3:8d:c1:
0a:97:a2:66:25:85:ff:ba:75:0c:c5:91:00:11:0e:
6d:e9:fa:b4:c5:c4:c5:f1:31:ba:cf:bc:0e:79:df:
78:56:e3:ae:15:f1:5c:93:4c:af:17:56:9e:7d:06:
6c:25:28:51:3c:21:2e:3f:19:28:4c:f0:3f:0a:5d:
4f:22:56:2a:9f:38:3c:9a:07:85:2e:f5:28:5e:e1:
b5:6a:61:40:44:d8:2d:78:0b:e1:07:45:9f:ee:ec:
9a:1d:80:9d:db:d7:88:56:94:a1:ab:92:e0:0c:4c:
cd:42:f7:b0:fb:c7:39:80:8b:a1:e4:26:96:08:21:
2c:bb:40:12:55:e0:2d:04:05:4e:c0:c6:ce:ed:ef:
03:20:9d:3d:8e:31:a4:6e:85:f4:ed:7b:62:b3:33:
99:d2:fc:81:a9:d8:1c:9d:68:c7:ff:40:9e:d0:b7:
ea:84:b5:13:71:4b:1a:ad:e8:5f:5b:ec:73:11:24:
76:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:5E:DD:B4:0F:21:BE:D0:03:32:9D:F0:ED:42:7B:06:28:22:B7:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/14c60b75-8947-47da-9c6d-7045cbbbea55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:1000::/40
Signature Algorithm: sha256WithRSAEncryption
42:7a:9a:cb:28:b6:53:1e:86:4c:58:6c:66:8b:34:96:ed:05:
08:13:f7:7f:6a:a6:b4:7e:dc:ed:8f:74:b3:5e:6c:f4:bb:48:
a2:9e:06:6b:a1:d7:f3:c2:67:da:5d:c9:7d:94:26:ca:e9:fc:
c9:c2:06:ed:46:a2:9d:f1:ae:79:c0:8d:41:cf:b3:90:9e:55:
38:a1:f8:c5:63:bf:10:bc:e9:f7:9d:44:41:be:8d:64:ea:27:
30:47:89:46:61:b9:e4:5a:5a:dd:df:1a:85:6d:19:a7:39:5f:
e5:c0:5c:8a:b5:ca:f4:86:2c:19:23:6a:c9:e1:de:a2:d2:3f:
01:00:50:e6:98:08:90:c1:ba:58:93:bb:56:91:f2:41:2f:ce:
66:62:7c:d1:99:17:28:02:b4:ff:47:bc:ae:26:d3:92:b0:b1:
a2:6d:c0:28:31:dd:83:eb:f6:5f:4a:e8:42:a0:74:c4:2a:e3:
82:34:52:57:98:3b:3c:50:cf:e9:24:f3:1d:5e:02:fa:2b:3d:
18:72:b3:f2:65:6d:93:4d:ca:51:68:01:6b:9b:f7:3b:dc:b0:
86:5c:b7:2c:de:fa:36:c7:85:0b:68:cb:30:90:01:b7:04:96:
d0:1d:0e:53:94:89:9d:a1:8f:2c:db:6e:18:f4:59:6d:2b:16:
d5:29:46:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXhRPQi8FzRhH4bTgr67miU5+yNIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwNDZaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0ZDY2NzA2NzBiYjBmYzQyMzU1NmQxMzM0ZTE0Yjg1Y2JhZDdhNGE3NWUy
ODM3NGIxNzk5NTNlYWEzMWZjYTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIUlPnsZMgWfsAfcHKo9FtNa2fKPt2/b/M76XzLm2Zp3P8KQND9Gd1Lg27e
pYZT1lCmz5A2cEP2f4d2e401FGcZSw1IgBgj043BCpeiZiWF/7p1DMWRABEOben6
tMXExfExus+8DnnfeFbjrhXxXJNMrxdWnn0GbCUoUTwhLj8ZKEzwPwpdTyJWKp84
PJoHhS71KF7htWphQETYLXgL4QdFn+7smh2AndvXiFaUoauS4AxMzUL3sPvHOYCL
oeQmlgghLLtAElXgLQQFTsDGzu3vAyCdPY4xpG6F9O17YrMzmdL8ganYHJ1ox/9A
ntC36oS1E3FLGq3oX1vscxEkdnECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRSXt20
DyG+0AMynfDtQnsGKCK3hTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTRjNjBiNzUtODk0Ny00N2RhLTljNmQtNzA0NWNiYmJlYTU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBCeprLKLZTHoZMWGxmizSW7QUIE/d/aqa0ftzt
j3SzXmz0u0iingZrodfzwmfaXcl9lCbK6fzJwgbtRqKd8a55wI1Bz7OQnlU4ofjF
Y78QvOn3nURBvo1k6icwR4lGYbnkWlrd3xqFbRmnOV/lwFyKtcr0hiwZI2rJ4d6i
0j8BAFDmmAiQwbpYk7tWkfJBL85mYnzRmRcoArT/R7yuJtOSsLGibcAoMd2D6/Zf
SuhCoHTEKuOCNFJXmDs8UM/pJPMdXgL6Kz0YcrPyZW2TTcpRaAFrm/c73LCGXLcs
3vo2x4ULaMswkAG3BJbQHQ5TlImdoY8s224Y9FltKxbVKUZZ
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:20 2025 by rpki-client