Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/301d1d15-dd00-41e7-9f44-49159e46a51a.roa
File: 301d1d15-dd00-41e7-9f44-49159e46a51a.roa (raw, json)
Hash identifier: G8L+miskf+eXq7TuxBqYE8gvvCePdLSp6Yj8ZuLYVpI=
Subject key identifier: 69:93:90:B3:84:E2:C0:92:CC:62:74:FC:91:BE:46:F8:A7:52:BC:D8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A7868B13089C07F7315230BE7EBA772CDB367B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/301d1d15-dd00-41e7-9f44-49159e46a51a.roa
Signing time: Tue 05 Aug 2025 19:00:11 +0000
ROA not before: Tue 05 Aug 2025 19:00:11 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:78:68:b1:30:89:c0:7f:73:15:23:0b:e7:eb:a7:72:cd:b3:67:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:00:11 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=8e96a2cd63d1af9cee48cf9632cbe600e812e5f3257e6df39498f000e3dacd4f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b5:91:79:d2:f3:fb:00:06:12:8c:69:aa:34:
a0:d7:3c:90:a8:9b:e2:e6:57:25:5b:76:c9:cc:d8:
74:69:3c:b2:ec:8d:5e:f9:7d:19:f4:09:65:d6:42:
37:9f:a2:34:a4:a3:b2:94:f7:9d:c5:f2:d6:7e:a2:
5e:89:0f:4c:78:09:42:f0:cc:cb:a7:3b:8a:91:6c:
0f:30:83:c4:ae:41:34:8d:7c:57:ef:32:b2:be:88:
7a:5d:c5:f3:34:ad:92:71:ae:76:d4:b9:f1:22:1f:
07:f0:f6:a4:66:09:9d:45:c2:ba:e1:19:1f:cf:06:
61:8e:3e:28:a1:75:29:98:78:10:fc:db:0a:24:6b:
a9:7f:9f:b0:8a:1f:d1:d5:57:e4:b3:c9:0e:19:4e:
c4:61:bb:a8:f6:db:82:0e:2f:ab:a9:7a:3e:11:8a:
64:d8:0e:77:85:34:39:a5:88:41:03:00:14:86:7b:
ce:39:e1:c1:d8:3e:cb:d2:a1:93:c3:d2:d9:45:f7:
f8:70:d3:e4:35:d9:2c:63:e1:2d:ac:17:c5:0e:c0:
d6:0b:00:b9:28:50:17:6b:48:f2:5f:35:6b:77:cc:
3a:af:57:92:99:50:ce:0b:a1:97:02:80:3f:cf:a1:
ce:d6:96:ad:06:e7:76:c8:23:06:9e:f2:93:a9:e9:
fa:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:93:90:B3:84:E2:C0:92:CC:62:74:FC:91:BE:46:F8:A7:52:BC:D8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/301d1d15-dd00-41e7-9f44-49159e46a51a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8040::/48
Signature Algorithm: sha256WithRSAEncryption
a9:94:b7:a1:9e:9e:f9:08:73:5c:a4:de:a3:8b:19:1f:57:d5:
bf:21:5d:c2:ea:96:25:d3:98:81:da:63:a9:11:b3:18:6f:64:
bd:d3:ce:d5:4d:97:75:2e:3d:8e:67:38:61:df:53:d5:da:e4:
d8:0c:60:77:fe:5c:90:21:f3:c3:9c:69:3d:c3:76:ba:d3:fb:
b5:b4:c4:f1:2a:f5:b7:01:68:9b:a0:fa:16:b9:2f:ea:73:67:
8e:e5:1c:f2:76:83:94:08:99:d3:01:1a:7d:06:90:4f:27:47:
a3:21:84:06:a2:b8:84:54:2e:7e:0c:3c:56:7f:13:ff:d6:c1:
dc:19:a1:80:85:f3:d4:8e:67:e9:21:58:a5:9d:99:bb:77:60:
a2:b6:85:0f:03:7b:68:fa:cc:37:e7:3e:7a:7b:f9:60:43:67:
59:16:a1:2c:84:f6:42:17:e4:dd:6a:a8:4c:4f:90:f8:b0:70:
c1:dd:01:a9:83:9b:a1:5a:8f:9a:a8:a2:d8:ce:e9:0d:8c:20:
53:5f:3d:f6:8d:6c:79:71:8a:30:dd:51:dc:45:36:96:cd:75:
1c:b7:39:c7:30:8d:b3:42:68:b7:85:5e:89:65:10:ee:8a:aa:
8c:7b:e6:02:50:ab:48:c4:4e:c3:2c:20:fa:76:ee:c6:67:e1:
f3:a3:c2:c1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWnhosTCJwH9zFSML5+uncs2zZ7YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAwMTFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlOTZhMmNkNjNkMWFmOWNlZTQ4Y2Y5NjMyY2JlNjAwZTgxMmU1ZjMyNTdl
NmRmMzk0OThmMDAwZTNkYWNkNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ21kXnS8/sABhKMaao0oNc8kKib4uZXJVt2yczYdGk8suyNXvl9GfQJZdZC
N5+iNKSjspT3ncXy1n6iXokPTHgJQvDMy6c7ipFsDzCDxK5BNI18V+8ysr6Iel3F
8zStknGudtS58SIfB/D2pGYJnUXCuuEZH88GYY4+KKF1KZh4EPzbCiRrqX+fsIof
0dVX5LPJDhlOxGG7qPbbgg4vq6l6PhGKZNgOd4U0OaWIQQMAFIZ7zjnhwdg+y9Kh
k8PS2UX3+HDT5DXZLGPhLawXxQ7A1gsAuShQF2tI8l81a3fMOq9XkplQzguhlwKA
P8+hztaWrQbndsgjBp7yk6np+pUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRpk5Cz
hOLAksxidPyRvkb4p1K82DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzAxZDFkMTUtZGQwMC00MWU3LTlmNDQtNDkxNTllNDZhNTFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
QDANBgkqhkiG9w0BAQsFAAOCAQEAqZS3oZ6e+QhzXKTeo4sZH1fVvyFdwuqWJdOY
gdpjqRGzGG9kvdPO1U2XdS49jmc4Yd9T1drk2Axgd/5ckCHzw5xpPcN2utP7tbTE
8Sr1twFom6D6Frkv6nNnjuUc8naDlAiZ0wEafQaQTydHoyGEBqK4hFQufgw8Vn8T
/9bB3BmhgIXz1I5n6SFYpZ2Zu3dgoraFDwN7aPrMN+c+env5YENnWRahLIT2Qhfk
3WqoTE+Q+LBwwd0BqYOboVqPmqii2M7pDYwgU1899o1seXGKMN1R3EU2ls11HLc5
xzCNs0Jot4VeiWUQ7oqqjHvmAlCrSMROwywg+nbuxmfh86PCwQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:09 2025 by rpki-client