Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
File: 1af8ee5d-0148-4672-a9da-a1980cfe4768.roa (raw, json)
Hash identifier: vKqiO/HQ7HVNxh/8yvmZa0bQUxuO51xrX5f5ocJNo6k=
Subject key identifier: CA:B3:19:9D:68:C3:76:F5:64:C9:91:83:F0:E3:8E:BD:53:18:9E:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5451FC8449380A840D2C7002738D290200915D7D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
Signing time: Tue 05 Aug 2025 19:22:08 +0000
ROA not before: Tue 05 Aug 2025 19:22:08 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:51:fc:84:49:38:0a:84:0d:2c:70:02:73:8d:29:02:00:91:5d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:22:08 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=fb0f8e3064eeaabbb6d077a6bdfb9e3e9f9a595102c158165e7640e32a99a36b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:05:af:c7:f3:f2:92:57:97:4f:b3:1d:17:72:
9d:de:fe:b0:d9:17:de:5b:66:cd:71:77:28:3a:cb:
eb:f8:cf:f7:fc:78:64:c9:6e:e2:94:2c:2b:4a:8c:
ca:16:bc:05:4c:d1:9c:7a:5d:76:54:e4:e6:ef:64:
25:5b:71:7f:f1:2b:ec:99:44:6f:ea:b4:b6:e3:04:
bb:7c:17:4a:b7:22:e2:03:dd:89:49:ef:20:f1:28:
74:c1:84:e6:85:4c:56:45:b0:46:61:e8:e0:8a:88:
39:c2:a3:ca:f0:c5:64:2d:62:00:c6:8f:3e:8a:fe:
52:c3:b7:3f:0d:f3:36:dc:37:53:92:b5:af:af:e0:
60:e4:e3:5e:be:5a:2a:6a:35:36:f2:4a:e3:01:fd:
17:e5:57:26:bc:0a:d4:43:6c:0b:cb:0b:e6:d5:c6:
85:bd:85:27:6a:79:89:c6:e9:9b:b7:d4:2e:5c:bb:
19:95:63:88:17:16:39:5f:20:81:97:1c:a1:9f:71:
87:8a:6a:fa:ff:0e:f4:dc:23:ff:9c:63:26:ab:46:
5e:93:21:32:fa:d0:08:ae:5d:91:ca:db:fa:d4:e5:
90:df:b1:b0:36:a9:0f:d2:1b:b7:af:00:13:65:46:
8d:2f:f4:7d:d5:15:41:25:72:90:ee:6a:01:52:b8:
45:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B3:19:9D:68:C3:76:F5:64:C9:91:83:F0:E3:8E:BD:53:18:9E:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8080::/48
Signature Algorithm: sha256WithRSAEncryption
ca:1d:59:07:c0:d5:50:b9:1d:bd:70:8b:e8:e6:1a:93:7c:0c:
a3:63:60:1b:a6:3a:5e:49:f9:82:99:52:25:af:65:d8:9a:82:
e3:5f:4e:61:61:da:ed:ec:65:cf:47:36:c0:d5:d7:24:f8:0a:
18:4f:51:24:90:99:0f:00:08:4c:e1:bf:7f:57:7a:92:b2:45:
30:f8:7d:0a:c7:08:7c:ea:6d:b1:6e:ca:25:08:22:2d:63:d2:
f5:ad:bb:d4:37:cb:6b:40:c4:0f:9e:aa:6c:f0:67:22:a8:d6:
db:c5:83:9d:ff:6a:13:93:f2:89:4e:f5:bc:d1:a5:7e:52:7f:
22:45:41:1f:52:e6:21:04:dd:b9:82:85:11:cd:a5:53:b7:c3:
ba:4c:46:ed:de:52:90:25:b8:5c:95:84:76:8d:a6:52:f7:ea:
f3:12:43:1c:b8:63:09:ea:d4:a8:be:70:83:1a:44:2b:b1:5d:
e5:7b:a7:79:88:be:a9:12:e9:cd:89:9b:55:92:67:02:2f:99:
ee:8a:2d:d5:a1:75:b9:c8:5d:c0:be:e3:a8:6f:a0:da:69:f7:
01:b0:4f:d9:2e:4b:6d:fc:c0:46:8c:ce:5f:50:13:f2:71:e5:
49:e2:d9:fb:41:16:1c:2e:b3:bb:ae:48:2b:d3:1c:46:57:58:
e2:79:d6:65
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVFH8hEk4CoQNLHACc40pAgCRXX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIyMDhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiMGY4ZTMwNjRlZWFhYmJiNmQwNzdhNmJkZmI5ZTNlOWY5YTU5NTEwMmMx
NTgxNjVlNzY0MGUzMmE5OWEzNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAP0Fr8fz8pJXl0+zHRdynd7+sNkX3ltmzXF3KDrL6/jP9/x4ZMlu4pQsK0qM
yha8BUzRnHpddlTk5u9kJVtxf/Er7JlEb+q0tuMEu3wXSrci4gPdiUnvIPEodMGE
5oVMVkWwRmHo4IqIOcKjyvDFZC1iAMaPPor+UsO3Pw3zNtw3U5K1r6/gYOTjXr5a
Kmo1NvJK4wH9F+VXJrwK1ENsC8sL5tXGhb2FJ2p5icbpm7fULly7GZVjiBcWOV8g
gZccoZ9xh4pq+v8O9Nwj/5xjJqtGXpMhMvrQCK5dkcrb+tTlkN+xsDapD9Ibt68A
E2VGjS/0fdUVQSVykO5qAVK4RfECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTKsxmd
aMN29WTJkYPw4469UxiedTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWFmOGVlNWQtMDE0OC00NjcyLWE5ZGEtYTE5ODBjZmU0NzY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
gDANBgkqhkiG9w0BAQsFAAOCAQEAyh1ZB8DVULkdvXCL6OYak3wMo2NgG6Y6Xkn5
gplSJa9l2JqC419OYWHa7exlz0c2wNXXJPgKGE9RJJCZDwAITOG/f1d6krJFMPh9
CscIfOptsW7KJQgiLWPS9a271DfLa0DED56qbPBnIqjW28WDnf9qE5PyiU71vNGl
flJ/IkVBH1LmIQTduYKFEc2lU7fDukxG7d5SkCW4XJWEdo2mUvfq8xJDHLhjCerU
qL5wgxpEK7Fd5XuneYi+qRLpzYmbVZJnAi+Z7oot1aF1uchdwL7jqG+g2mn3AbBP
2S5LbfzARozOX1AT8nHlSeLZ+0EWHC6zu65IK9McRldY4nnWZQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:28 2025 by rpki-client