Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
File: 35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa (raw, json)
Hash identifier: x3X7C9qjy0I0zN6oe4Fk6dpNgQHwOeKHoTt7e2ntsf4=
Subject key identifier: 00:64:B6:59:C1:56:7F:FD:03:17:92:5D:F3:95:0C:B7:C7:07:8D:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E7935AA23CA40344E03B92B1C98CEEBFFED078B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
Signing time: Tue 05 Aug 2025 18:51:13 +0000
ROA not before: Tue 05 Aug 2025 18:51:13 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:40a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:79:35:aa:23:ca:40:34:4e:03:b9:2b:1c:98:ce:eb:ff:ed:07:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:51:13 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=2e49700dc0011b7af4c87f7d8612d1ad96d219c5ff63897b3bdbf73da59ce0a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:85:51:40:3b:7e:56:cb:27:98:92:7a:13:d6:
7b:2c:2b:67:ce:fa:0e:fe:6f:ad:80:33:81:c5:6e:
47:ef:00:61:bb:b4:50:20:f4:b9:a4:36:4a:92:63:
18:f6:82:06:5b:f0:9d:ad:66:4a:9e:30:d5:2a:47:
12:7b:f9:13:2b:e4:e7:63:39:b6:9a:f3:67:87:bc:
2b:c3:20:97:4b:af:d7:55:21:af:1c:29:f1:c9:ee:
82:7b:2b:90:da:f7:fd:00:db:55:cf:ed:e8:e1:30:
e0:d7:52:de:5f:da:c9:16:de:da:5e:9a:fb:e2:6f:
80:55:67:33:39:0a:eb:f5:1c:7d:8e:12:02:20:02:
6b:67:ce:bb:7e:53:ce:a3:d3:44:11:59:37:ec:cb:
49:9e:4a:f2:a3:b9:bd:ba:b8:c8:2c:25:8b:96:fe:
57:2c:6a:0d:25:a5:a6:2b:6b:70:d7:80:7a:78:73:
51:2d:8e:e7:41:90:57:68:bc:af:7a:6b:89:5d:46:
d8:1d:95:10:f1:af:8c:76:33:6f:08:61:27:46:21:
34:70:03:f7:1e:d3:eb:02:ff:9a:d0:81:01:ff:df:
3b:94:99:85:7f:f2:2a:4a:86:ce:f3:e7:e6:22:43:
85:23:a0:3c:cb:71:89:9c:1a:fc:df:c7:c7:bc:56:
4f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:64:B6:59:C1:56:7F:FD:03:17:92:5D:F3:95:0C:B7:C7:07:8D:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:40a0::/48
Signature Algorithm: sha256WithRSAEncryption
47:cd:ac:70:35:80:20:31:ba:13:ff:74:e1:05:0e:66:7b:f4:
61:ea:11:27:f3:a0:a8:f8:34:67:6b:98:c8:6f:d1:51:82:c5:
fe:8e:67:52:57:06:16:00:77:bc:c4:ac:af:4e:1d:d8:1b:b4:
38:0b:25:6c:72:5b:c8:52:0b:9b:0f:2b:bf:eb:ba:c1:4c:42:
a1:43:b4:49:af:50:e5:9e:4c:23:54:2c:d8:db:15:35:9a:a1:
ae:37:b0:27:c4:34:5e:48:5f:b3:b1:b3:a6:ad:98:61:71:50:
5a:e6:82:0b:48:c7:a6:33:f7:0a:89:bf:a0:24:eb:5c:29:cd:
e4:c3:34:5f:a4:e9:4f:08:96:d1:3b:b0:bb:60:d8:48:cb:64:
b7:ac:d1:20:e0:55:0c:68:35:bc:74:5f:af:55:bc:ec:a0:df:
96:25:a2:40:8b:65:b4:33:4f:29:51:bb:bc:f5:30:0b:e2:14:
99:9e:68:55:ea:e9:5d:50:81:f9:03:8b:49:36:1b:8c:27:51:
7f:7a:6a:59:e7:50:72:6e:fb:c8:a9:1b:ce:2b:be:07:48:0d:
40:6d:32:87:93:62:28:26:c2:5a:13:d8:dd:9c:7d:c6:36:b7:
5e:25:1c:74:fe:d7:e3:82:84:22:d7:40:61:b1:b0:2e:ed:62:
8c:6f:a9:a6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDnk1qiPKQDROA7krHJjO6//tB4swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODUxMTNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlNDk3MDBkYzAwMTFiN2FmNGM4N2Y3ZDg2MTJkMWFkOTZkMjE5YzVmZjYz
ODk3YjNiZGJmNzNkYTU5Y2UwYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6FUUA7flbLJ5iSehPWeywrZ876Dv5vrYAzgcVuR+8AYbu0UCD0uaQ2SpJj
GPaCBlvwna1mSp4w1SpHEnv5Eyvk52M5tprzZ4e8K8Mgl0uv11Uhrxwp8cnugnsr
kNr3/QDbVc/t6OEw4NdS3l/ayRbe2l6a++JvgFVnMzkK6/UcfY4SAiACa2fOu35T
zqPTRBFZN+zLSZ5K8qO5vbq4yCwli5b+VyxqDSWlpitrcNeAenhzUS2O50GQV2i8
r3priV1G2B2VEPGvjHYzbwhhJ0YhNHAD9x7T6wL/mtCBAf/fO5SZhX/yKkqGzvPn
5iJDhSOgPMtxiZwa/N/Hx7xWT5ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQAZLZZ
wVZ//QMXkl3zlQy3xweNczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVhZTBhYTEtYmI0Zi00OGQzLTk5MjYtMWU1ODUyZDU0YzZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
oDANBgkqhkiG9w0BAQsFAAOCAQEAR82scDWAIDG6E/904QUOZnv0YeoRJ/OgqPg0
Z2uYyG/RUYLF/o5nUlcGFgB3vMSsr04d2Bu0OAslbHJbyFILmw8rv+u6wUxCoUO0
Sa9Q5Z5MI1Qs2NsVNZqhrjewJ8Q0Xkhfs7Gzpq2YYXFQWuaCC0jHpjP3Com/oCTr
XCnN5MM0X6TpTwiW0Tuwu2DYSMtkt6zRIOBVDGg1vHRfr1W87KDfliWiQItltDNP
KVG7vPUwC+IUmZ5oVerpXVCB+QOLSTYbjCdRf3pqWedQcm77yKkbziu+B0gNQG0y
h5NiKCbCWhPY3Zx9xja3XiUcdP7X44KEItdAYbGwLu1ijG+ppg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:20 2025 by rpki-client