Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
File: 50253a85-74b2-4a74-ab18-15a98f3496b2.roa (raw, json)
Hash identifier: YACsEmNm1gl1XZ7DP9rWwhfuxkKSbioz26jX5c+J4iU=
Subject key identifier: 41:7D:B0:95:21:4C:03:2D:8C:3E:EF:80:15:9E:FD:43:5E:1D:9A:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F3A888B06CFDE0C286184826B009825C389BA02
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
Signing time: Tue 05 Aug 2025 19:40:06 +0000
ROA not before: Tue 05 Aug 2025 19:40:06 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:3a:88:8b:06:cf:de:0c:28:61:84:82:6b:00:98:25:c3:89:ba:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:40:06 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=a33198934bd4dd956c8473967c0e0dc37488194e948c272b41d45f076c1dbbd3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:84:eb:ff:1d:20:12:c1:92:bb:3a:37:cf:08:
12:27:c0:9f:e2:ab:f3:7d:6d:51:5a:0e:58:c2:85:
95:11:a4:d0:30:c2:c7:17:13:17:91:77:51:a4:0b:
77:3e:92:46:59:fd:1c:00:fe:1d:92:15:59:5b:73:
04:ea:fc:59:af:e3:c2:8c:fb:fd:76:e1:59:05:19:
31:4f:23:da:85:ca:4f:33:c8:94:ee:63:5b:ba:43:
28:fd:8a:d8:e4:e3:86:9c:36:73:41:56:8c:86:b4:
11:88:c7:44:82:43:a0:50:67:d3:25:92:71:9b:38:
aa:71:8b:fd:96:29:34:8e:85:40:fd:6b:c5:6b:c4:
2f:6f:00:5c:08:29:b1:ce:eb:db:5b:1e:05:46:2c:
98:9e:85:53:98:c0:8e:11:1c:b9:49:9c:f5:a9:a0:
65:fa:26:84:a5:a8:47:6d:e6:7d:75:da:1e:5c:29:
86:34:b1:e0:cc:6b:73:c4:34:a1:c5:b8:99:79:e0:
a9:eb:5e:aa:45:83:38:f4:db:25:51:ac:7c:89:38:
18:65:a0:c9:23:3f:6c:4b:e7:c3:3c:d9:e6:1c:cd:
c7:6f:e9:97:7b:54:55:33:88:bb:48:8b:4d:b1:ce:
2f:71:4b:87:cd:5e:f5:87:e2:36:28:1f:8a:88:b2:
bc:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:7D:B0:95:21:4C:03:2D:8C:3E:EF:80:15:9E:FD:43:5E:1D:9A:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:8000::/40
Signature Algorithm: sha256WithRSAEncryption
2f:36:bf:95:a0:a6:e6:3d:58:45:9c:09:17:7b:5e:c5:9e:b8:
0c:17:ee:13:16:aa:7e:4d:f6:89:6e:24:a2:bb:7b:08:02:84:
7f:f7:5a:16:35:7d:99:b1:5b:af:93:8d:2e:c3:81:05:dd:10:
23:8a:a5:d4:a3:06:c5:8b:6f:1c:05:db:f0:71:ac:e6:13:21:
a0:38:2d:76:d6:08:98:40:ef:6a:d4:de:8d:2d:3b:df:69:6c:
39:e0:6a:f0:75:c8:6b:65:0b:74:e5:10:51:fc:35:d5:40:dc:
f3:a8:b8:0f:54:53:cb:1c:43:06:73:a0:6c:ec:a2:15:be:4a:
03:a6:7e:30:77:08:37:f6:89:42:88:9d:e7:13:c7:9f:f0:d8:
46:54:31:69:4d:dc:69:83:22:3b:e2:01:5e:43:a7:33:a8:b4:
27:69:a8:0e:85:29:42:be:6d:cc:62:66:d0:b0:a8:56:3f:05:
7e:d7:ff:53:6c:b5:17:63:92:bf:04:ea:a1:5b:f5:8c:6b:05:
7d:b8:35:94:1b:18:eb:a9:e1:37:66:a1:25:16:39:66:ae:cb:
1d:71:fd:de:43:19:69:15:0e:f8:1d:77:8b:a2:d5:02:c8:a9:
da:ca:13:95:32:1b:89:dc:91:ea:75:f9:cb:09:53:52:39:f0:
6d:8c:c9:be
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDzqIiwbP3gwoYYSCawCYJcOJugIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQwMDZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzMzE5ODkzNGJkNGRkOTU2Yzg0NzM5NjdjMGUwZGMzNzQ4ODE5NGU5NDhj
MjcyYjQxZDQ1ZjA3NmMxZGJiZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIyE6/8dIBLBkrs6N88IEifAn+Kr831tUVoOWMKFlRGk0DDCxxcTF5F3UaQL
dz6SRln9HAD+HZIVWVtzBOr8Wa/jwoz7/XbhWQUZMU8j2oXKTzPIlO5jW7pDKP2K
2OTjhpw2c0FWjIa0EYjHRIJDoFBn0yWScZs4qnGL/ZYpNI6FQP1rxWvEL28AXAgp
sc7r21seBUYsmJ6FU5jAjhEcuUmc9amgZfomhKWoR23mfXXaHlwphjSx4Mxrc8Q0
ocW4mXngqeteqkWDOPTbJVGsfIk4GGWgySM/bEvnwzzZ5hzNx2/pl3tUVTOIu0iL
TbHOL3FLh81e9YfiNigfioiyvLECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRBfbCV
IUwDLYw+74AVnv1DXh2arzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTAyNTNhODUtNzRiMi00YTc0LWFiMTgtMTVhOThmMzQ5NmIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWA
MA0GCSqGSIb3DQEBCwUAA4IBAQAvNr+VoKbmPVhFnAkXe17FnrgMF+4TFqp+TfaJ
biSiu3sIAoR/91oWNX2ZsVuvk40uw4EF3RAjiqXUowbFi28cBdvwcazmEyGgOC12
1giYQO9q1N6NLTvfaWw54GrwdchrZQt05RBR/DXVQNzzqLgPVFPLHEMGc6Bs7KIV
vkoDpn4wdwg39olCiJ3nE8ef8NhGVDFpTdxpgyI74gFeQ6czqLQnaagOhSlCvm3M
YmbQsKhWPwV+1/9TbLUXY5K/BOqhW/WMawV9uDWUGxjrqeE3ZqElFjlmrssdcf3e
QxlpFQ74HXeLotUCyKnayhOVMhuJ3JHqdfnLCVNSOfBtjMm+
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:09 2025 by rpki-client