Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
File: 50b60672-d484-48a0-9016-474bafea8912.roa (raw, json)
Hash identifier: ot1tX81KtXfxZOmQhSWtIrjlallDyWyx8pESmVtaj4U=
Subject key identifier: 1D:2F:0E:32:8D:E4:74:48:59:60:34:AB:FF:02:5E:F7:BA:C5:C6:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 57F04E253B495134B33A71570577B2B0F598E7B9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
Signing time: Tue 05 Aug 2025 20:11:38 +0000
ROA not before: Tue 05 Aug 2025 20:11:38 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:f0:4e:25:3b:49:51:34:b3:3a:71:57:05:77:b2:b0:f5:98:e7:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:11:38 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=9acc982f8546dd81d1afdbba85303524fbdc156ee01c74319b7d54b780042f26, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b9:63:98:b8:17:94:8e:f0:80:d3:30:f9:a5:
7d:c9:a9:ab:ab:8f:4c:33:7e:35:95:48:4d:a3:d0:
d4:91:01:53:ba:e4:10:5a:13:ed:17:54:e9:ec:dc:
4b:2f:50:8f:c6:7b:1d:97:10:25:68:56:7c:b6:e7:
1d:8c:4c:bc:c6:e9:0f:24:74:e9:e1:a3:24:17:da:
fd:be:1e:a2:f3:c7:16:e6:29:fa:5b:f3:c3:e4:52:
32:79:85:8f:7a:ea:c2:14:9d:62:d8:81:2c:48:1f:
d6:a4:9b:16:59:55:9b:4c:3d:3f:e7:03:58:a3:23:
ae:ca:8f:25:ee:d8:1a:80:93:31:f8:60:83:b2:36:
ec:f9:1b:7c:58:bb:c4:cc:43:8a:e3:2f:fd:b5:ee:
74:64:36:e9:d5:68:d1:da:42:af:1a:17:6e:70:6d:
8a:a3:53:2a:30:4e:42:4c:62:ad:e9:0d:96:63:5d:
16:72:c0:45:2d:a4:ac:88:53:4b:e5:4d:ec:49:6e:
7b:b2:0f:83:5a:58:32:5d:34:3e:a8:a2:6b:ec:7f:
6f:ea:65:78:1b:33:64:54:4b:ae:9d:59:93:87:30:
c4:6c:08:4d:26:46:42:1b:7e:69:ac:8e:b8:b5:99:
64:f0:76:39:e8:3f:d0:43:85:d0:3f:bb:2e:3c:70:
fc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:2F:0E:32:8D:E4:74:48:59:60:34:AB:FF:02:5E:F7:BA:C5:C6:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/36
Signature Algorithm: sha256WithRSAEncryption
4b:ff:47:67:9d:40:57:e0:aa:2f:c3:af:fc:a2:d4:01:e4:f6:
4f:14:d5:e1:23:4f:cb:ad:35:51:86:cc:2b:35:17:87:b0:1a:
72:3c:a0:7c:a0:c1:19:22:0b:70:f6:4c:9f:4c:f3:a2:1a:ac:
ce:08:63:89:7e:0b:75:2c:e7:fb:b1:4e:15:5f:48:ae:9e:e9:
67:b8:1f:2f:35:e0:3f:89:88:8f:ef:1c:99:5c:1f:8c:b4:10:
ad:64:ce:47:80:b4:4d:25:17:fb:fa:bc:66:4a:71:0d:02:aa:
74:0e:f9:f7:04:9c:a6:74:cd:1b:9a:cb:43:48:7f:ca:56:c4:
21:5a:ac:33:a2:ea:4a:bc:a6:a4:96:ca:07:36:d9:13:26:64:
8b:0a:33:52:5c:2e:df:f2:35:89:a8:6d:0f:ed:cd:68:05:83:
ff:8d:94:73:0b:f6:de:0e:16:6f:27:3a:89:9b:81:eb:11:44:
93:87:1c:e0:2f:74:30:34:3c:bb:79:23:00:13:0c:1f:ec:49:
40:fd:bd:e0:8e:b6:2a:b0:50:ba:4a:44:f0:50:82:15:10:cf:
e4:a4:2e:cc:38:32:b6:ed:51:8a:2b:f2:f3:81:84:77:05:8a:
df:a1:58:e8:33:b3:f7:82:f3:28:1e:0e:7b:c8:30:6b:a4:c1:
63:2f:d4:6a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUV/BOJTtJUTSzOnFXBXeysPWY57kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDExMzhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhY2M5ODJmODU0NmRkODFkMWFmZGJiYTg1MzAzNTI0ZmJkYzE1NmVlMDFj
NzQzMTliN2Q1NGI3ODAwNDJmMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMq5Y5i4F5SO8IDTMPmlfcmpq6uPTDN+NZVITaPQ1JEBU7rkEFoT7RdU6ezc
Sy9Qj8Z7HZcQJWhWfLbnHYxMvMbpDyR06eGjJBfa/b4eovPHFuYp+lvzw+RSMnmF
j3rqwhSdYtiBLEgf1qSbFllVm0w9P+cDWKMjrsqPJe7YGoCTMfhgg7I27PkbfFi7
xMxDiuMv/bXudGQ26dVo0dpCrxoXbnBtiqNTKjBOQkxirekNlmNdFnLARS2krIhT
S+VN7Elue7IPg1pYMl00Pqiia+x/b+pleBszZFRLrp1Zk4cwxGwITSZGQht+aayO
uLWZZPB2Oeg/0EOF0D+7Ljxw/FcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQdLw4y
jeR0SFlgNKv/Al73usXGgDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTBiNjA2NzItZDQ4NC00OGEwLTkwMTYtNDc0YmFmZWE4OTEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQBL/0dnnUBX4Kovw6/8otQB5PZPFNXhI0/LrTVR
hswrNReHsBpyPKB8oMEZIgtw9kyfTPOiGqzOCGOJfgt1LOf7sU4VX0iunulnuB8v
NeA/iYiP7xyZXB+MtBCtZM5HgLRNJRf7+rxmSnENAqp0Dvn3BJymdM0bmstDSH/K
VsQhWqwzoupKvKaklsoHNtkTJmSLCjNSXC7f8jWJqG0P7c1oBYP/jZRzC/beDhZv
JzqJm4HrEUSThxzgL3QwNDy7eSMAEwwf7ElA/b3gjrYqsFC6SkTwUIIVEM/kpC7M
ODK27VGKK/LzgYR3BYrfoVjoM7P3gvMoHg57yDBrpMFjL9Rq
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:06:29 2025 by rpki-client