Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
File: 515f7e85-9223-47e5-be2b-42ec6a12a88b.roa (raw, json)
Hash identifier: DJ6dFl/Oqes4F1CCgd8JSJs29FmyS3zqNV7XMJxM4+Y=
Subject key identifier: A0:AC:9A:3F:1B:1E:2F:E3:C7:06:F3:0A:F9:AC:B5:03:A8:25:59:08
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 188E2F6A9E564116F46211FCC6C5F4AFA57A68C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
Signing time: Tue 05 Aug 2025 19:40:11 +0000
ROA not before: Tue 05 Aug 2025 19:40:11 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:8e:2f:6a:9e:56:41:16:f4:62:11:fc:c6:c5:f4:af:a5:7a:68:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:40:11 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=acf825e075324873670204516ca12e1658f716b4b4bf97ee30c6708f274267cb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:fd:b0:82:1b:f0:df:08:44:12:8f:19:b4:04:
45:47:7c:71:c7:75:e2:7e:77:c5:c9:2c:4c:da:3b:
ca:9c:d5:b0:e0:d8:09:63:92:58:2b:76:17:95:9e:
ae:3c:a5:c6:be:54:e7:d9:db:34:03:31:42:39:2a:
67:93:7d:1a:ac:a4:2a:20:7b:a3:3d:4f:03:a9:21:
2b:d7:7f:0c:7b:f2:99:7f:7e:56:bc:0f:09:84:c9:
5f:6b:0e:03:97:8c:39:98:8f:e3:86:c7:eb:cf:59:
35:d1:50:f9:c1:8f:6c:20:d9:83:c9:69:16:20:fd:
3f:cb:9a:81:3f:51:25:cc:90:60:5a:68:a9:4e:88:
40:d7:cb:37:ab:e2:cb:78:6a:0e:b7:9f:b8:64:95:
eb:51:5e:14:e2:49:fb:fa:aa:06:5d:6d:60:15:7b:
2d:e7:06:d6:82:ae:e1:d3:63:a6:3e:96:e7:6e:0b:
b2:d8:01:ec:65:df:25:d5:42:32:c0:d9:0f:da:1f:
d3:06:25:53:7a:c6:f8:1b:95:ca:70:12:f0:53:a2:
19:46:ed:8e:9c:80:2b:5e:42:40:37:78:00:23:64:
9d:a4:3c:38:33:99:20:bb:d8:b2:5d:e9:20:c2:02:
ba:20:b4:01:29:60:52:d0:c0:c9:11:d2:7e:8c:61:
55:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:AC:9A:3F:1B:1E:2F:E3:C7:06:F3:0A:F9:AC:B5:03:A8:25:59:08
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/515f7e85-9223-47e5-be2b-42ec6a12a88b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:9000::/40
Signature Algorithm: sha256WithRSAEncryption
20:60:d1:9d:5b:93:a2:49:08:b1:dc:f7:a6:46:ab:ec:be:7d:
73:99:fa:9f:0a:5b:3a:c7:c8:b8:07:5e:a8:ff:c4:50:53:0e:
19:d6:8d:3a:a5:5b:14:7b:18:ef:72:8c:f1:3e:f4:c7:b6:bf:
eb:66:10:56:d6:a9:71:9f:de:f3:29:7d:84:cf:8d:da:f6:d6:
28:7c:ac:3b:2f:ff:3b:25:23:f3:22:7b:05:3f:98:ae:45:0d:
02:b7:3a:a5:c8:b4:55:5a:a6:8c:b1:df:70:d7:57:84:3c:78:
e8:aa:2d:c7:aa:ce:e4:36:bb:80:6a:9c:cf:c7:c1:af:83:ae:
12:f5:7f:ad:d6:27:f4:01:20:36:94:4d:9e:25:f3:e6:1d:62:
a2:dc:b0:e7:8d:2e:62:c9:8d:39:cc:de:51:cf:ec:57:07:37:
11:b7:ed:0a:ff:aa:26:72:49:9f:de:6f:30:b3:85:59:d5:ab:
36:19:6f:67:98:a5:b2:bb:6b:8f:b4:89:1c:4f:d6:0b:68:71:
3d:c5:52:11:6d:81:32:43:c4:02:0b:47:5b:89:ff:1f:5c:8c:
55:0a:6d:29:f1:09:bb:13:2a:c0:a6:64:eb:37:94:d8:0d:7c:
9b:15:94:62:45:7f:bb:0e:3b:e1:ab:b3:60:05:22:70:5d:3e:
b3:95:71:0f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGI4vap5WQRb0YhH8xsX0r6V6aMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQwMTFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjZjgyNWUwNzUzMjQ4NzM2NzAyMDQ1MTZjYTEyZTE2NThmNzE2YjRiNGJm
OTdlZTMwYzY3MDhmMjc0MjY3Y2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIT9sIIb8N8IRBKPGbQERUd8ccd14n53xcksTNo7ypzVsODYCWOSWCt2F5We
rjylxr5U59nbNAMxQjkqZ5N9GqykKiB7oz1PA6khK9d/DHvymX9+VrwPCYTJX2sO
A5eMOZiP44bH689ZNdFQ+cGPbCDZg8lpFiD9P8uagT9RJcyQYFpoqU6IQNfLN6vi
y3hqDrefuGSV61FeFOJJ+/qqBl1tYBV7LecG1oKu4dNjpj6W524LstgB7GXfJdVC
MsDZD9of0wYlU3rG+BuVynAS8FOiGUbtjpyAK15CQDd4ACNknaQ8ODOZILvYsl3p
IMICuiC0ASlgUtDAyRHSfoxhVdECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgrJo/
Gx4v48cG8wr5rLUDqCVZCDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTE1ZjdlODUtOTIyMy00N2U1LWJlMmItNDJlYzZhMTJhODhiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAgYNGdW5OiSQix3PemRqvsvn1zmfqfCls6x8i4
B16o/8RQUw4Z1o06pVsUexjvcozxPvTHtr/rZhBW1qlxn97zKX2Ez43a9tYofKw7
L/87JSPzInsFP5iuRQ0CtzqlyLRVWqaMsd9w11eEPHjoqi3Hqs7kNruAapzPx8Gv
g64S9X+t1if0ASA2lE2eJfPmHWKi3LDnjS5iyY05zN5Rz+xXBzcRt+0K/6omckmf
3m8ws4VZ1as2GW9nmKWyu2uPtIkcT9YLaHE9xVIRbYEyQ8QCC0dbif8fXIxVCm0p
8Qm7EyrApmTrN5TYDXybFZRiRX+7Djvhq7NgBSJwXT6zlXEP
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:29 2025 by rpki-client