Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa
File: 35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa (raw, json)
Hash identifier: RHwvlsTkhBl5AS9c4dGkoamt0JG9CDOGbWOQpwLuTpQ=
Subject key identifier: 45:E7:4C:8F:E3:FB:DF:4D:F7:F6:1D:CF:66:99:82:44:82:43:34:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E2636D13B7B26AE0B6A0BB493AD31FBC5319BC9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa
Signing time: Wed 06 Aug 2025 00:51:21 +0000
ROA not before: Wed 06 Aug 2025 00:51:21 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:26:36:d1:3b:7b:26:ae:0b:6a:0b:b4:93:ad:31:fb:c5:31:9b:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:51:21 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=ed23cc82ccdbdf74b784d511b0637902e5dd6f2891d470fe9f3741bd70ef3939, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a3:f2:76:ec:b1:04:44:f4:fc:b4:a3:2d:a2:
62:a1:b7:de:54:64:09:11:de:a7:ed:88:4d:0f:2a:
32:d1:53:df:1c:2b:01:13:7a:18:99:6a:2f:ff:15:
3d:15:ef:d8:2d:60:77:94:a3:8d:79:a8:94:74:ff:
72:06:ba:21:97:05:80:e8:1d:01:69:af:22:54:43:
35:3b:6f:fb:92:27:b2:ce:de:ef:fa:d1:90:d5:e1:
29:6f:70:ae:26:6a:c1:c6:3c:49:e7:1d:7a:77:7c:
42:c5:25:0a:21:5f:fb:a9:0f:78:e4:de:13:f8:ee:
4b:7b:fa:9f:39:fd:23:3b:52:3b:c8:93:46:67:3e:
f2:73:dd:b5:b7:eb:d4:5f:d6:89:15:61:f0:e4:e1:
e3:e5:e5:59:f3:d2:20:05:c4:5c:19:5f:88:e3:a2:
73:9b:17:98:a3:1d:51:91:16:1f:06:98:22:6f:bc:
97:cf:cd:50:7c:db:a6:d0:4d:33:a4:cf:48:18:25:
dd:69:e2:32:d8:42:2d:ed:4c:37:64:30:9a:f1:8c:
23:f4:96:fc:2b:af:0c:21:39:26:15:a1:0e:41:c3:
0d:ea:ff:24:00:16:d3:42:e7:8b:a7:68:10:65:01:
60:22:5a:74:b1:25:22:77:19:32:50:9d:0f:c9:86:
4c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E7:4C:8F:E3:FB:DF:4D:F7:F6:1D:CF:66:99:82:44:82:43:34:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:2000::/40
Signature Algorithm: sha256WithRSAEncryption
79:dc:54:46:34:67:d5:4b:ca:e0:b1:9c:68:0f:ad:90:bd:91:
fe:43:b8:4b:ee:f4:6e:6a:34:c8:e7:13:5a:ff:89:29:4a:68:
c3:f9:a2:e7:31:fc:7d:3a:d9:66:77:d9:86:ba:f1:56:e3:1e:
67:cb:1c:a0:38:85:78:e5:90:47:8b:69:0f:35:95:db:cd:76:
a8:d5:41:d6:0d:0f:0b:e9:0d:64:b2:0a:16:c5:b1:63:fe:38:
5a:28:6a:39:36:3d:a7:fd:ae:89:bb:89:20:f1:10:3a:5f:44:
04:9c:79:2d:b1:df:75:57:37:74:83:c6:69:3a:5d:68:5b:c4:
1c:b5:e3:ef:d8:09:9f:c6:5e:d3:84:4e:1d:d1:27:22:97:68:
c4:ad:ef:a4:c4:4a:c2:d7:44:a0:de:34:43:55:d0:53:37:08:
8e:5c:41:77:06:45:ff:38:38:2e:6a:97:87:8e:0f:a7:69:6f:
d3:19:35:c1:1d:c5:9f:45:1c:72:be:35:e0:e9:0f:96:68:8b:
f4:63:0a:c7:c4:5f:26:95:9e:f9:58:7a:0a:84:7f:8c:81:97:
1f:ca:61:19:6a:e8:7a:e9:ab:5a:bb:6a:98:61:31:a3:a1:d6:
1e:13:e5:df:a3:02:09:f2:64:a5:f1:e6:a6:79:5e:8f:13:1b:
d7:71:e2:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXiY20Tt7Jq4Lagu0k60x+8Uxm8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUxMjFaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkMjNjYzgyY2NkYmRmNzRiNzg0ZDUxMWIwNjM3OTAyZTVkZDZmMjg5MWQ0
NzBmZTlmMzc0MWJkNzBlZjM5MzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+j8nbssQRE9Py0oy2iYqG33lRkCRHep+2ITQ8qMtFT3xwrARN6GJlqL/8V
PRXv2C1gd5SjjXmolHT/cga6IZcFgOgdAWmvIlRDNTtv+5Inss7e7/rRkNXhKW9w
riZqwcY8Secdend8QsUlCiFf+6kPeOTeE/juS3v6nzn9IztSO8iTRmc+8nPdtbfr
1F/WiRVh8OTh4+XlWfPSIAXEXBlfiOOic5sXmKMdUZEWHwaYIm+8l8/NUHzbptBN
M6TPSBgl3WniMthCLe1MN2QwmvGMI/SW/CuvDCE5JhWhDkHDDer/JAAW00Lni6do
EGUBYCJadLElIncZMlCdD8mGTDkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRF50yP
4/vfTff2Hc9mmYJEgkM04zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVhODcxN2MtZWNmNi00Y2Y3LWE3M2MtZjU2NmY3ODg0YTE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fkg
MA0GCSqGSIb3DQEBCwUAA4IBAQB53FRGNGfVS8rgsZxoD62QvZH+Q7hL7vRuajTI
5xNa/4kpSmjD+aLnMfx9Otlmd9mGuvFW4x5nyxygOIV45ZBHi2kPNZXbzXao1UHW
DQ8L6Q1ksgoWxbFj/jhaKGo5Nj2n/a6Ju4kg8RA6X0QEnHktsd91Vzd0g8ZpOl1o
W8QctePv2Amfxl7ThE4d0Scil2jEre+kxErC10Sg3jRDVdBTNwiOXEF3BkX/ODgu
apeHjg+naW/TGTXBHcWfRRxyvjXg6Q+WaIv0YwrHxF8mlZ75WHoKhH+MgZcfymEZ
auh66atau2qYYTGjodYeE+XfowIJ8mSl8eameV6PExvXceKR
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:44:45 2025 by rpki-client