Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa
File: 51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa (raw, json)
Hash identifier: awrCE29Ros+Yz2w1aRA2MWcGk78lNydg78V3zG3Ze50=
Subject key identifier: 0D:FC:E4:DD:65:1B:67:77:85:37:0A:58:9C:7F:13:E4:E8:64:C5:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16159F4F76C28D50BAD796AD121D6C8E5A615EB9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa
Signing time: Tue 05 Aug 2025 19:22:06 +0000
ROA not before: Tue 05 Aug 2025 19:22:06 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:15:9f:4f:76:c2:8d:50:ba:d7:96:ad:12:1d:6c:8e:5a:61:5e:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:22:06 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=29e21dfd0605168f85e48178e530b3cdaa7c4b3a98929328cfc41a1693ddd1f5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:44:bf:04:39:d8:a2:53:93:96:ee:67:91:7c:
65:80:f7:04:c0:70:cd:d1:62:90:60:03:cf:bc:4f:
ed:51:59:ae:62:85:cf:7d:19:ba:7b:c3:cc:2a:5e:
09:25:bb:05:6d:d6:d5:d3:33:e2:4a:2c:97:b9:eb:
ad:ed:de:12:29:35:3c:d7:7c:da:e0:0e:0e:43:4b:
68:02:da:67:a6:1a:c3:2c:3f:b9:d6:bf:ac:11:2d:
af:4b:63:55:3f:33:31:5a:15:33:c0:9d:b9:5b:c0:
ee:25:5b:16:83:83:b9:92:0c:8f:eb:38:28:22:45:
3a:b3:a6:13:d8:a6:f3:ad:86:ec:0b:2c:73:b9:e3:
40:ed:0b:46:f9:97:c0:61:42:1b:98:cb:fb:06:2c:
fe:ff:a1:bc:db:e6:05:71:9b:21:a4:78:64:68:74:
cf:e6:c4:f0:73:e7:fa:69:f8:a7:ba:ac:20:c2:dd:
f9:9e:11:5f:23:a8:56:03:11:b6:6c:6a:f4:39:5c:
98:8c:21:ad:9c:4c:4d:2f:d1:fc:64:68:09:50:ee:
cf:df:cc:f6:25:70:cc:38:a4:12:7e:43:da:f7:d2:
11:db:6b:51:97:78:18:3a:93:d1:85:aa:ac:26:5e:
f0:b6:5a:32:40:06:28:38:ec:50:c7:93:73:d8:e6:
07:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:FC:E4:DD:65:1B:67:77:85:37:0A:58:9C:7F:13:E4:E8:64:C5:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80d0::/48
Signature Algorithm: sha256WithRSAEncryption
90:48:4d:43:f3:cd:ed:3c:f5:20:b1:cf:fc:c3:ec:57:bf:0a:
0c:ce:33:1d:d8:a0:b9:ab:99:12:a1:a8:a1:25:55:31:44:e5:
e9:c0:e5:10:ce:a6:b6:f1:cd:74:eb:06:87:2a:18:7f:45:0d:
54:8a:7d:e3:bc:f4:67:75:8c:66:0d:51:67:20:f5:0f:ef:cd:
9b:c3:a7:d6:a4:4f:19:ed:f8:8a:81:4f:d4:86:42:1e:93:69:
9c:79:36:8f:07:97:32:2d:a5:e7:b4:36:da:2a:92:17:0d:ba:
53:97:68:0e:de:ab:ee:32:23:8f:f7:1c:84:d8:c3:79:d3:5f:
5e:71:f1:8e:17:50:6b:88:b8:a6:55:86:b5:14:b2:f2:d5:e7:
ce:c8:cb:d9:4f:15:26:f6:d5:95:74:5e:22:29:40:f7:27:5d:
b7:2c:c2:ef:84:d9:46:83:fd:70:4e:75:c6:d9:a9:ba:35:3c:
f8:3c:61:75:c4:0e:d7:fa:28:38:53:37:ff:ef:3f:0f:46:61:
74:2e:dc:27:93:9e:08:64:76:13:e1:0c:8d:86:e7:32:f2:f3:
63:54:8b:27:19:6e:05:ce:15:ed:7e:c4:7e:3b:b3:11:7b:ea:
cb:87:8f:b8:89:51:72:98:0b:e7:9c:da:3f:49:72:d3:28:fa:
e0:45:f6:b3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFhWfT3bCjVC615atEh1sjlphXrkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIyMDZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5ZTIxZGZkMDYwNTE2OGY4NWU0ODE3OGU1MzBiM2NkYWE3YzRiM2E5ODky
OTMyOGNmYzQxYTE2OTNkZGQxZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJpEvwQ52KJTk5buZ5F8ZYD3BMBwzdFikGADz7xP7VFZrmKFz30ZunvDzCpe
CSW7BW3W1dMz4kosl7nrre3eEik1PNd82uAODkNLaALaZ6Yawyw/uda/rBEtr0tj
VT8zMVoVM8CduVvA7iVbFoODuZIMj+s4KCJFOrOmE9im862G7Assc7njQO0LRvmX
wGFCG5jL+wYs/v+hvNvmBXGbIaR4ZGh0z+bE8HPn+mn4p7qsIMLd+Z4RXyOoVgMR
tmxq9DlcmIwhrZxMTS/R/GRoCVDuz9/M9iVwzDikEn5D2vfSEdtrUZd4GDqT0YWq
rCZe8LZaMkAGKDjsUMeTc9jmB80CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQN/OTd
ZRtnd4U3ClicfxPk6GTFHDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTFhMWVhNzEtNzVhZi00YmM3LThjMDUtMWIyZTNhNTYyNzkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
0DANBgkqhkiG9w0BAQsFAAOCAQEAkEhNQ/PN7Tz1ILHP/MPsV78KDM4zHdiguauZ
EqGooSVVMUTl6cDlEM6mtvHNdOsGhyoYf0UNVIp947z0Z3WMZg1RZyD1D+/Nm8On
1qRPGe34ioFP1IZCHpNpnHk2jweXMi2l57Q22iqSFw26U5doDt6r7jIjj/cchNjD
edNfXnHxjhdQa4i4plWGtRSy8tXnzsjL2U8VJvbVlXReIilA9yddtyzC74TZRoP9
cE51xtmpujU8+DxhdcQO1/ooOFM3/+8/D0ZhdC7cJ5OeCGR2E+EMjYbnMvLzY1SL
JxluBc4V7X7EfjuzEXvqy4ePuIlRcpgL55zaP0ly0yj64EX2sw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:46 2025 by rpki-client