Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
File: 3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa (raw, json)
Hash identifier: +6adEq/iwUvb6wz7fx1gg8iIOA0q7sx3neJ2InjhxoE=
Subject key identifier: 58:E9:73:5E:68:74:63:AF:31:B5:A7:2E:36:39:E5:E3:D2:A0:88:8B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E0D0D1CDA47DFEB627E9B65996369CBF6091261
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
Signing time: Sat 09 Aug 2025 00:20:03 +0000
ROA not before: Sat 09 Aug 2025 00:20:03 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d020::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:0d:0d:1c:da:47:df:eb:62:7e:9b:65:99:63:69:cb:f6:09:12:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 9 00:20:03 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=8bc76a3133c12ef0e5865498e84977c4d00c1f77713553289ae69dfcbe8b74a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:45:2d:c9:3c:27:c7:c6:fb:c4:6e:b0:b0:83:
95:4e:09:ce:40:d2:fc:73:f3:71:6a:eb:de:ab:93:
45:3a:78:9e:bd:ed:21:f6:62:76:c6:8f:6f:81:69:
1c:27:01:af:18:5b:4e:55:0c:88:f4:2c:42:12:0e:
82:72:22:92:b2:94:d9:81:f7:2c:23:93:6e:5d:9c:
81:3a:1c:51:4c:a9:9f:dd:07:07:27:75:c6:1c:f2:
4a:bf:29:e4:d7:9b:42:4b:7b:7e:f1:33:43:d3:b9:
ef:2d:ca:0f:aa:81:6e:63:db:b3:9f:88:8d:f9:42:
ef:c0:d8:38:9c:1d:84:67:0a:7f:9f:57:0c:0b:47:
1f:47:22:59:18:34:62:31:7f:c4:f0:93:05:a5:a8:
27:1b:9f:8c:c7:22:76:0c:a5:eb:f5:23:30:26:62:
61:9d:f0:90:8e:87:9b:14:cc:38:e5:42:40:c4:34:
39:f5:f3:5c:8c:3a:0d:df:85:11:ef:c3:00:d9:2c:
cc:ed:c4:f8:5f:2d:4d:11:ac:12:93:5d:0c:b6:6d:
29:19:d5:96:4e:c7:25:3b:62:73:25:48:d9:26:b2:
99:0b:33:94:67:f9:9c:57:4d:d0:19:e9:12:13:b5:
0a:fb:6a:4b:da:cb:14:9b:7c:fc:79:59:37:54:6d:
f0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:E9:73:5E:68:74:63:AF:31:B5:A7:2E:36:39:E5:E3:D2:A0:88:8B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d020::/28
Signature Algorithm: sha256WithRSAEncryption
c5:27:bc:10:a0:a1:5e:b8:be:02:4a:ea:72:55:eb:6b:d4:3d:
28:c8:e8:41:c6:39:67:f6:c1:94:10:23:c9:b1:a7:e7:58:c8:
a8:47:43:c7:3e:14:1e:8b:63:9f:3f:04:75:3e:22:2f:7c:e1:
0e:db:02:b8:64:95:b7:0b:c2:31:ec:04:3b:91:b6:7f:8d:b4:
03:4b:cb:5f:80:f5:1f:47:c9:82:e6:f2:2c:9d:90:15:6f:32:
60:ef:e6:e8:fe:96:f5:13:f0:22:fd:5f:c0:67:03:ec:96:fc:
a3:19:02:7c:00:c7:14:13:07:f8:6d:fc:39:e0:26:24:0b:74:
90:b5:0a:25:62:1e:4f:5f:8d:c3:1f:b8:3e:ec:da:8a:81:e3:
e2:bb:ba:dd:29:cb:2c:f5:eb:fd:d5:3b:5a:f9:de:40:a6:52:
af:9a:81:68:e2:4e:02:f2:d1:4d:58:6d:33:59:a1:dd:f1:0f:
4a:4b:a5:c3:ff:24:4a:9a:92:13:e2:4a:6c:c1:59:b0:e8:02:
bd:ce:2e:57:a2:96:bc:48:53:2f:54:fc:01:37:bf:b7:fc:a1:
8f:f9:e1:ca:1a:36:87:5b:28:06:44:b8:89:4d:93:73:57:13:
fb:43:51:d0:23:a4:0f:d0:44:7f:99:cb:2b:4a:cf:a2:07:86:
70:e1:0a:2d
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUXg0NHNpH3+tifptlmWNpy/YJEmEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDkwMDIwMDNaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiYzc2YTMxMzNjMTJlZjBlNTg2NTQ5OGU4NDk3N2M0ZDAwYzFmNzc3MTM1
NTMyODlhZTY5ZGZjYmU4Yjc0YTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZFLck8J8fG+8RusLCDlU4JzkDS/HPzcWrr3quTRTp4nr3tIfZidsaPb4Fp
HCcBrxhbTlUMiPQsQhIOgnIikrKU2YH3LCOTbl2cgTocUUypn90HByd1xhzySr8p
5NebQkt7fvEzQ9O57y3KD6qBbmPbs5+IjflC78DYOJwdhGcKf59XDAtHH0ciWRg0
YjF/xPCTBaWoJxufjMcidgyl6/UjMCZiYZ3wkI6HmxTMOOVCQMQ0OfXzXIw6Dd+F
Ee/DANkszO3E+F8tTRGsEpNdDLZtKRnVlk7HJTticyVI2SaymQszlGf5nFdN0Bnp
EhO1CvtqS9rLFJt8/HlZN1Rt8DsCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRY6XNe
aHRjrzG1py42OeXj0qCIizAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzEzNmEzMjItZjlkNC00Yzc3LWI0OGItM2E0YTViMmQzZDU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBCoF0CAw
DQYJKoZIhvcNAQELBQADggEBAMUnvBCgoV64vgJK6nJV62vUPSjI6EHGOWf2wZQQ
I8mxp+dYyKhHQ8c+FB6LY58/BHU+Ii984Q7bArhklbcLwjHsBDuRtn+NtANLy1+A
9R9HyYLm8iydkBVvMmDv5uj+lvUT8CL9X8BnA+yW/KMZAnwAxxQTB/ht/DngJiQL
dJC1CiViHk9fjcMfuD7s2oqB4+K7ut0pyyz16/3VO1r53kCmUq+agWjiTgLy0U1Y
bTNZod3xD0pLpcP/JEqakhPiSmzBWbDoAr3OLleilrxIUy9U/AE3v7f8oY/54coa
NodbKAZEuIlNk3NXE/tDUdAjpA/QRH+ZyytKz6IHhnDhCi0=
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:45 2025 by rpki-client