Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
File: 455182aa-6d74-4447-81a6-6be09732e55d.roa (raw, json)
Hash identifier: LFvnMkNudc4EOfDoUdML9bAeJTdptZKoc0zQz1G3pZI=
Subject key identifier: 3F:64:BB:5E:38:E7:D7:67:7D:12:99:B1:17:7B:87:01:A1:8D:24:FA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0986FCA7EAF7C4FD570FA0B928CEDFB2B8ED9E2F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
Signing time: Tue 05 Aug 2025 20:00:11 +0000
ROA not before: Tue 05 Aug 2025 20:00:11 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:86:fc:a7:ea:f7:c4:fd:57:0f:a0:b9:28:ce:df:b2:b8:ed:9e:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:00:11 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=8e7377c41470e8d57310e201d05fd2607bcc1fdcb2c3e0663fdd2c9efcf5e74b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:10:94:b2:ac:4d:3a:89:58:ab:e1:b7:0d:15:
90:9f:17:94:a8:12:c8:64:1b:a4:db:45:2d:48:2e:
b2:4d:e1:11:70:d6:30:db:54:89:6e:ba:9d:cd:5d:
f9:37:f2:0a:20:cc:de:82:d4:f0:23:34:d9:8a:e8:
ae:9d:60:ec:e2:43:b6:fa:f9:5c:a4:93:b2:55:32:
9b:f2:73:e2:6f:f9:5c:41:df:32:88:23:39:24:da:
7b:3e:62:f8:77:6c:bf:bb:07:32:b2:bd:69:d5:4a:
9b:c4:05:3d:cc:a0:44:d1:23:01:99:9f:60:b1:24:
a5:f1:94:bc:d4:5b:12:b7:09:a6:40:e6:da:33:67:
be:cb:cc:5a:fc:da:1f:14:e4:87:4a:aa:c8:71:fe:
45:2a:79:e7:68:cd:5e:60:81:fa:76:26:c0:f0:17:
2d:7a:6f:2d:d6:03:b1:e9:30:fd:76:03:0e:0b:0f:
1c:06:79:4a:19:8a:5c:d4:3c:d9:f3:c5:00:f9:eb:
c1:74:ea:85:02:2c:38:c1:84:99:79:c3:2d:c9:9e:
33:29:cc:94:69:0f:77:0a:79:6b:ce:f4:58:9d:aa:
2a:d7:d5:65:3c:58:30:7a:2b:f6:0b:b2:ff:8a:52:
4a:2d:0b:35:5c:5a:ce:e7:b4:46:c8:3d:b9:d0:20:
75:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:64:BB:5E:38:E7:D7:67:7D:12:99:B1:17:7B:87:01:A1:8D:24:FA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:c00::/38
Signature Algorithm: sha256WithRSAEncryption
95:5a:75:35:fe:12:a2:fe:03:b7:e3:b9:e4:42:e9:20:19:ed:
d3:fc:00:bb:72:15:10:e2:87:79:3f:80:64:cf:f4:fb:ad:f0:
19:00:dd:b8:d5:ff:ea:09:6a:32:bd:14:d0:8b:46:77:1a:53:
f8:8a:34:5c:70:17:c9:8b:30:2f:3c:15:44:94:96:af:cb:e1:
c4:d7:42:39:07:71:4f:c8:32:87:6a:dc:f7:e4:bb:80:b7:8d:
54:80:c6:71:6b:5d:bc:be:55:32:05:94:0a:07:e1:e4:f7:1a:
a3:4e:43:d7:c3:6b:71:67:68:8a:cb:9a:f6:8a:97:ea:de:30:
11:3a:ee:e2:52:c9:20:7f:7e:9b:1f:c2:e3:c4:60:09:78:76:
c5:ee:49:b1:f1:17:23:0d:d8:90:a0:ee:61:09:11:7e:d2:63:
99:41:38:a1:06:3d:ca:8a:39:d5:f5:9c:94:b9:f1:5a:14:16:
08:a4:8c:90:cd:d5:00:c2:45:e0:de:31:db:18:08:19:f0:50:
52:40:6a:45:f5:76:5f:e1:74:21:88:a2:57:29:28:c8:a1:53:
57:11:0d:eb:76:1a:c1:fd:54:a9:bb:3c:3c:7c:c7:04:63:6d:
0b:22:1b:2f:34:c0:cc:4f:58:db:b2:13:f9:ee:bb:87:de:4b:
0a:97:85:57
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCYb8p+r3xP1XD6C5KM7fsrjtni8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAwMTFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlNzM3N2M0MTQ3MGU4ZDU3MzEwZTIwMWQwNWZkMjYwN2JjYzFmZGNiMmMz
ZTA2NjNmZGQyYzllZmNmNWU3NGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJMQlLKsTTqJWKvhtw0VkJ8XlKgSyGQbpNtFLUgusk3hEXDWMNtUiW66nc1d
+TfyCiDM3oLU8CM02Yrorp1g7OJDtvr5XKSTslUym/Jz4m/5XEHfMogjOSTaez5i
+Hdsv7sHMrK9adVKm8QFPcygRNEjAZmfYLEkpfGUvNRbErcJpkDm2jNnvsvMWvza
HxTkh0qqyHH+RSp552jNXmCB+nYmwPAXLXpvLdYDsekw/XYDDgsPHAZ5ShmKXNQ8
2fPFAPnrwXTqhQIsOMGEmXnDLcmeMynMlGkPdwp5a870WJ2qKtfVZTxYMHor9guy
/4pSSi0LNVxazue0Rsg9udAgdd0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ/ZLte
OOfXZ30SmbEXe4cBoY0k+jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1MTgyYWEtNmQ3NC00NDQ3LTgxYTYtNmJlMDk3MzJlNTVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4M
MA0GCSqGSIb3DQEBCwUAA4IBAQCVWnU1/hKi/gO347nkQukgGe3T/AC7chUQ4od5
P4Bkz/T7rfAZAN241f/qCWoyvRTQi0Z3GlP4ijRccBfJizAvPBVElJavy+HE10I5
B3FPyDKHatz35LuAt41UgMZxa128vlUyBZQKB+Hk9xqjTkPXw2txZ2iKy5r2ipfq
3jAROu7iUskgf36bH8LjxGAJeHbF7kmx8RcjDdiQoO5hCRF+0mOZQTihBj3KijnV
9ZyUufFaFBYIpIyQzdUAwkXg3jHbGAgZ8FBSQGpF9XZf4XQhiKJXKSjIoVNXEQ3r
dhrB/VSpuzw8fMcEY20LIhsvNMDMT1jbshP57ruH3ksKl4VX
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:01 2025 by rpki-client