Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
File: 1a961f3a-fb71-4357-a4fc-28c4024b0441.roa (raw, json)
Hash identifier: Ie5iLfJjJVsiq1CDhPF640Gvaq+HRO4E3taY3OjPjag=
Subject key identifier: 21:72:B0:21:69:DC:84:14:D0:66:38:49:AB:BF:31:52:B5:37:D8:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5126BDB932D6B020A916F40E0A29660AD79B8697
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
Signing time: Fri 22 Aug 2025 15:11:02 +0000
ROA not before: Fri 22 Aug 2025 15:11:02 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000::/25 maxlen: 25
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:26:bd:b9:32:d6:b0:20:a9:16:f4:0e:0a:29:66:0a:d7:9b:86:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:11:02 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=ff3121de80098fea48a449063f66e9eaf0d5f9a5bccdfdc9b1b74536c54def2b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0f:b8:3d:37:2b:d6:eb:e3:34:ad:81:60:34:
58:05:7e:d9:cd:3a:54:08:c4:b9:30:ff:f6:a5:f6:
02:4c:e8:ff:aa:a2:64:31:28:e4:30:4a:15:27:72:
63:e0:6c:16:06:1d:d0:df:d5:92:c2:03:64:fe:b4:
14:41:db:16:a1:fb:c5:4f:ad:0a:52:a1:d8:3e:89:
07:61:9b:83:79:2d:39:60:5f:63:f6:4d:fc:6a:31:
03:f1:9a:0e:87:84:00:90:bd:8f:3d:8b:ff:fb:80:
c4:05:52:e6:42:3e:27:bf:59:c8:26:55:3b:4f:aa:
5f:14:32:0c:56:c1:c8:0a:d1:12:16:b9:1d:c8:d5:
2c:10:a6:a7:c6:0a:34:a3:bf:7c:70:06:de:fe:f9:
14:d3:44:88:90:13:fd:62:ce:ca:5f:67:08:b0:cf:
58:29:a5:1b:e0:97:b4:83:b5:68:5d:b5:c5:7e:86:
c2:73:20:0a:c1:31:7a:3a:a0:d7:e1:3a:4d:1d:bd:
f4:64:6e:c0:72:c5:6b:55:22:17:f6:8e:c5:70:ef:
18:68:be:6c:37:ef:4d:39:23:b6:70:63:a5:31:c9:
e4:6b:34:f9:b0:14:78:48:42:45:71:5d:8e:0c:01:
32:e6:f5:39:36:16:19:7f:f9:81:d2:96:c2:4c:6e:
ad:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:72:B0:21:69:DC:84:14:D0:66:38:49:AB:BF:31:52:B5:37:D8:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000::/25
Signature Algorithm: sha256WithRSAEncryption
36:29:39:5b:95:64:a4:0e:1c:0c:c6:d7:09:31:d2:5c:81:55:
59:3e:45:01:38:4e:eb:e7:b4:a5:06:02:13:4a:b6:a5:e2:91:
14:ff:94:d2:60:d7:37:ce:68:72:b1:3b:29:70:db:a9:12:c6:
5c:5d:36:e7:37:0e:e6:08:34:74:9b:e3:d5:db:07:9d:14:63:
d6:43:db:c2:94:48:3b:03:5f:49:3c:e2:45:07:e1:28:79:05:
76:b6:e8:b4:20:95:0d:d0:d0:11:f5:dc:6a:73:0a:fb:70:95:
de:d6:50:87:99:fd:64:0c:b5:a6:fd:50:c3:31:03:81:d8:ad:
00:ec:76:bf:80:06:90:0e:38:c0:58:5d:e5:eb:af:26:81:75:
91:c7:1b:c1:ed:ae:9f:e2:ee:10:ad:02:cf:b3:70:3f:40:53:
7f:3f:4c:94:59:97:b5:fa:ff:54:a2:24:d0:9a:69:fd:2b:74:
2e:f0:8d:cd:86:ee:eb:68:b4:a7:ad:e2:99:1f:39:61:40:d2:
4c:04:72:b6:7f:b4:36:26:55:ef:47:7c:76:3e:f1:e3:66:1a:
25:d9:14:2b:96:d2:65:d8:38:89:7e:40:37:53:4a:25:e4:e3:
5e:3b:29:49:d9:e9:9c:8f:65:81:8c:7a:9b:99:3d:b8:7e:1a:
28:10:17:d9
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUUSa9uTLWsCCpFvQOCilmCtebhpcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTExMDJaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmMzEyMWRlODAwOThmZWE0OGE0NDkwNjNmNjZlOWVhZjBkNWY5YTViY2Nk
ZmRjOWIxYjc0NTM2YzU0ZGVmMmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJUPuD03K9br4zStgWA0WAV+2c06VAjEuTD/9qX2Akzo/6qiZDEo5DBKFSdy
Y+BsFgYd0N/VksIDZP60FEHbFqH7xU+tClKh2D6JB2Gbg3ktOWBfY/ZN/GoxA/Ga
DoeEAJC9jz2L//uAxAVS5kI+J79ZyCZVO0+qXxQyDFbByArREha5HcjVLBCmp8YK
NKO/fHAG3v75FNNEiJAT/WLOyl9nCLDPWCmlG+CXtIO1aF21xX6GwnMgCsExejqg
1+E6TR299GRuwHLFa1UiF/aOxXDvGGi+bDfvTTkjtnBjpTHJ5Gs0+bAUeEhCRXFd
jgwBMub1OTYWGX/5gdKWwkxurScCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQhcrAh
adyEFNBmOEmrvzFStTfYgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE5NjFmM2EtZmI3MS00MzU3LWE0ZmMtMjhjNDAyNGIwNDQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFByoF0AAw
DQYJKoZIhvcNAQELBQADggEBADYpOVuVZKQOHAzG1wkx0lyBVVk+RQE4TuvntKUG
AhNKtqXikRT/lNJg1zfOaHKxOylw26kSxlxdNuc3DuYINHSb49XbB50UY9ZD28KU
SDsDX0k84kUH4Sh5BXa26LQglQ3Q0BH13GpzCvtwld7WUIeZ/WQMtab9UMMxA4HY
rQDsdr+ABpAOOMBYXeXrryaBdZHHG8Htrp/i7hCtAs+zcD9AU38/TJRZl7X6/1Si
JNCaaf0rdC7wjc2G7utotKet4pkfOWFA0kwEcrZ/tDYmVe9HfHY+8eNmGiXZFCuW
0mXYOIl+QDdTSiXk4147KUnZ6ZyPZYGMepuZPbh+GigQF9k=
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:36 2025 by rpki-client