Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
File: 1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa (raw, json)
Hash identifier: sr8DGoSNQs5RxjOEo6kSpGIsV7hy14tJCZgfogrGPLY=
Subject key identifier: 0E:EA:28:B1:14:A6:2F:D9:DA:70:D2:95:4A:A0:6C:29:45:79:0E:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1571BF760D7E926BCD541D7E5008CE51E0E546BA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
Signing time: Tue 05 Aug 2025 20:10:53 +0000
ROA not before: Tue 05 Aug 2025 20:10:53 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:71:bf:76:0d:7e:92:6b:cd:54:1d:7e:50:08:ce:51:e0:e5:46:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:10:53 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=452d4f1372bbf01634f203f5da3be145bacb532009cfa2fe9372c1bae3df40a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:95:77:c0:79:54:20:f4:be:5f:6b:43:e0:bf:
7f:9f:3e:1a:f7:12:a5:9b:b4:e9:ae:f4:68:68:63:
7d:ca:cd:8e:72:85:72:e3:a3:21:3d:fe:a0:e9:8c:
2f:92:0c:dc:4a:19:55:84:a0:09:02:e7:1c:a0:8d:
e8:b0:dd:10:10:8c:f6:26:7c:f3:98:9a:55:cb:c5:
b5:ab:5e:cb:5d:fd:d3:84:d3:2d:1c:b4:d8:27:f3:
21:6f:71:78:2c:e9:7f:1d:44:04:83:0a:83:dd:d9:
b0:d3:97:4b:99:5b:74:03:36:5e:da:e5:03:43:96:
ec:ba:41:b2:68:4b:66:2e:48:f3:14:f1:8d:b1:9e:
14:d2:e2:44:aa:3b:75:62:17:ee:a2:be:d2:a0:b1:
fc:6c:67:53:82:3d:73:38:df:98:09:b4:1b:64:31:
d5:6d:9f:68:cf:e5:25:2b:f2:e0:2b:75:9f:38:d0:
7c:df:04:97:eb:49:de:53:98:5d:99:4f:7a:8f:4c:
7c:80:f7:9d:d1:24:9b:c0:a6:7d:fd:24:ed:ec:f2:
4b:4a:c8:57:a1:1f:f0:d5:10:90:39:17:78:c7:aa:
97:b8:95:44:71:6f:34:89:aa:69:f7:c3:42:f2:c2:
4a:67:a0:f5:d9:36:cd:06:e7:e2:38:9c:fe:ff:cb:
f5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:EA:28:B1:14:A6:2F:D9:DA:70:D2:95:4A:A0:6C:29:45:79:0E:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d:800::/37
Signature Algorithm: sha256WithRSAEncryption
57:a1:78:33:c4:10:69:78:b4:29:ae:3e:93:43:6b:e8:0f:d7:
81:e3:5c:43:74:19:77:ac:d0:5b:6f:74:63:b8:28:06:3d:c3:
cf:df:58:59:7e:28:92:75:42:00:45:9a:29:a6:fc:8f:cd:3d:
4a:af:f5:de:47:80:3b:37:f8:ca:d5:91:1c:e7:3b:a9:17:9d:
cc:8d:ea:53:bf:18:d5:8d:84:1b:d4:0b:41:b7:73:81:68:25:
88:8a:fe:1e:d2:60:8f:9f:b7:03:b6:59:1c:e8:0d:fd:72:1d:
b2:f1:bc:17:3e:9b:69:79:36:97:f1:97:d0:91:ce:d9:28:42:
32:60:2c:02:63:05:b9:11:99:77:25:ad:07:c9:6b:f3:27:19:
66:d7:a7:96:8e:01:47:4e:39:21:30:b8:a1:b8:62:4e:3a:f1:
e2:ec:25:ee:5f:9f:d3:0c:7e:4d:cc:2b:bd:4a:ea:7d:0f:38:
08:11:2f:d7:db:64:4a:4b:8e:d8:8c:a2:c3:d0:bb:20:4c:16:
8d:98:a1:12:cc:ba:f4:69:aa:40:96:e1:89:bb:1e:6b:0c:61:
1f:b6:81:6c:82:9f:7a:3d:15:80:09:74:3d:c7:9d:a8:51:e9:
98:5d:d8:45:cb:0b:e8:96:b9:6b:6d:79:6b:b2:2f:49:9a:68:
f1:07:ff:93
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFXG/dg1+kmvNVB1+UAjOUeDlRrowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDEwNTNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1MmQ0ZjEzNzJiYmYwMTYzNGYyMDNmNWRhM2JlMTQ1YmFjYjUzMjAwOWNm
YTJmZTkzNzJjMWJhZTNkZjQwYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOaVd8B5VCD0vl9rQ+C/f58+GvcSpZu06a70aGhjfcrNjnKFcuOjIT3+oOmM
L5IM3EoZVYSgCQLnHKCN6LDdEBCM9iZ885iaVcvFtatey13904TTLRy02CfzIW9x
eCzpfx1EBIMKg93ZsNOXS5lbdAM2XtrlA0OW7LpBsmhLZi5I8xTxjbGeFNLiRKo7
dWIX7qK+0qCx/GxnU4I9czjfmAm0G2Qx1W2faM/lJSvy4Ct1nzjQfN8El+tJ3lOY
XZlPeo9MfID3ndEkm8Cmff0k7ezyS0rIV6Ef8NUQkDkXeMeql7iVRHFvNImqaffD
QvLCSmeg9dk2zQbn4jic/v/L9Y8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQO6iix
FKYv2dpw0pVKoGwpRXkOPzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQ0ODBiNmQtMjVmYy00ZjM3LWIxMjUtZjQ1Y2UyMzZmNGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0I
MA0GCSqGSIb3DQEBCwUAA4IBAQBXoXgzxBBpeLQprj6TQ2voD9eB41xDdBl3rNBb
b3RjuCgGPcPP31hZfiiSdUIARZoppvyPzT1Kr/XeR4A7N/jK1ZEc5zupF53MjepT
vxjVjYQb1AtBt3OBaCWIiv4e0mCPn7cDtlkc6A39ch2y8bwXPptpeTaX8ZfQkc7Z
KEIyYCwCYwW5EZl3Ja0HyWvzJxlm16eWjgFHTjkhMLihuGJOOvHi7CXuX5/TDH5N
zCu9Sup9DzgIES/X22RKS47YjKLD0LsgTBaNmKESzLr0aapAluGJux5rDGEftoFs
gp96PRWACXQ9x52oUemYXdhFywvolrlrbXlrsi9JmmjxB/+T
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:07 2025 by rpki-client