Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5238c13f-b2a5-43d9-9624-d2e714a9bf53.roa
File: 5238c13f-b2a5-43d9-9624-d2e714a9bf53.roa (raw, json)
Hash identifier: eIxOAk3OXlQoMO85J5EuOy8Egw08LIgAV/JwjIKEKAk=
Subject key identifier: 88:48:E6:BF:80:6E:9C:3E:79:38:42:97:18:D4:65:94:72:D4:71:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17451AA1B9C0792D44B8DC39217A5FC72F76DE59
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5238c13f-b2a5-43d9-9624-d2e714a9bf53.roa
Signing time: Sat 09 Aug 2025 00:20:01 +0000
ROA not before: Sat 09 Aug 2025 00:20:01 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02f:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:45:1a:a1:b9:c0:79:2d:44:b8:dc:39:21:7a:5f:c7:2f:76:de:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 9 00:20:01 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=a87938d7698dc693ff11cd0105399b1f4a253d9b05121073bc74ec9ecdf0292e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:88:1c:36:61:dd:fa:1c:b0:76:a4:6f:d1:54:
77:10:f5:5e:b7:62:74:64:2d:d6:6e:d9:3a:49:33:
61:85:41:96:b5:b0:89:7a:0a:42:84:8e:70:f3:4c:
31:58:da:3f:2b:1f:6a:2c:9c:11:0d:c4:0c:03:df:
95:7e:b5:13:99:15:a0:d8:bc:2a:51:8e:aa:3b:01:
06:14:21:36:03:59:26:22:76:50:1c:84:d1:e7:cf:
e1:0e:bf:02:de:9a:c9:8e:4b:fa:79:d6:a0:e1:3c:
29:aa:a1:41:30:bc:60:8e:29:e6:b9:39:98:04:4c:
a8:5f:ec:26:ae:01:e5:99:a2:52:60:92:2b:94:3f:
99:07:67:00:24:ba:70:18:9e:77:78:4c:01:38:fa:
df:99:b5:36:50:77:15:6e:b2:52:5a:69:34:b0:cb:
6d:33:6e:0d:47:9d:d9:e2:9a:a1:2f:a0:72:81:99:
81:fa:d6:b0:67:4c:bf:d3:d0:a1:e3:70:a0:6a:6f:
55:5c:d4:00:fc:3b:a5:04:1c:4d:bd:4f:6b:e9:e4:
89:64:4b:ad:95:78:10:24:22:52:58:81:28:fe:5b:
a2:48:cf:54:45:bf:45:63:7a:6b:d7:c8:26:91:e0:
e9:96:5a:4b:61:83:be:50:79:57:03:42:30:d6:4b:
5d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:48:E6:BF:80:6E:9C:3E:79:38:42:97:18:D4:65:94:72:D4:71:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5238c13f-b2a5-43d9-9624-d2e714a9bf53.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02f:800::/37
Signature Algorithm: sha256WithRSAEncryption
59:99:69:44:31:89:87:24:28:38:91:77:d6:5d:fe:a1:6e:5a:
f7:0a:1c:b4:56:b8:1d:2d:48:c2:72:03:f5:b9:83:2c:ec:ef:
8f:6c:0a:c1:73:13:08:fc:79:2f:0c:91:85:f2:d9:f6:08:7c:
59:f2:64:bc:eb:ee:91:0e:e7:14:0f:f4:73:b5:e2:39:8e:64:
db:17:c6:d2:2e:b7:ca:ee:b8:4e:39:22:64:15:f9:aa:5c:35:
43:58:ff:6e:73:bf:85:2b:20:fa:d1:aa:3a:83:4d:f7:a2:72:
b0:70:43:31:af:06:3f:a0:15:df:98:c6:72:4a:bf:ba:44:95:
8d:52:9a:79:01:37:7d:44:d0:99:7f:e3:29:99:c5:16:49:8b:
05:29:77:ad:6b:28:58:ae:4c:c1:13:fd:79:55:ed:37:0f:5f:
9a:47:87:b8:4c:57:b2:0f:be:b4:a2:eb:a9:4b:0d:2f:88:97:
4d:73:d0:81:ed:8e:4e:0a:ce:34:01:c9:a9:42:48:d7:67:cb:
1f:d0:9f:b4:72:9c:1a:38:0d:7f:d7:9d:24:c9:0a:9e:ac:cd:
4b:cc:75:79:f0:c8:a4:45:76:a8:49:be:50:69:10:24:98:75:
c8:0a:67:54:38:13:94:21:02:16:4f:7e:f5:b0:04:3d:32:40:
90:5b:37:a6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF0UaobnAeS1EuNw5IXpfxy923lkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDkwMDIwMDFaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4NzkzOGQ3Njk4ZGM2OTNmZjExY2QwMTA1Mzk5YjFmNGEyNTNkOWIwNTEy
MTA3M2JjNzRlYzllY2RmMDI5MmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJaIHDZh3focsHakb9FUdxD1XrdidGQt1m7ZOkkzYYVBlrWwiXoKQoSOcPNM
MVjaPysfaiycEQ3EDAPflX61E5kVoNi8KlGOqjsBBhQhNgNZJiJ2UByE0efP4Q6/
At6ayY5L+nnWoOE8KaqhQTC8YI4p5rk5mARMqF/sJq4B5ZmiUmCSK5Q/mQdnACS6
cBied3hMATj635m1NlB3FW6yUlppNLDLbTNuDUed2eKaoS+gcoGZgfrWsGdMv9PQ
oeNwoGpvVVzUAPw7pQQcTb1Pa+nkiWRLrZV4ECQiUliBKP5bokjPVEW/RWN6a9fI
JpHg6ZZaS2GDvlB5VwNCMNZLXT8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSISOa/
gG6cPnk4QpcY1GWUctRx9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTIzOGMxM2YtYjJhNS00M2Q5LTk2MjQtZDJlNzE0YTliZjUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0C8I
MA0GCSqGSIb3DQEBCwUAA4IBAQBZmWlEMYmHJCg4kXfWXf6hblr3Chy0VrgdLUjC
cgP1uYMs7O+PbArBcxMI/HkvDJGF8tn2CHxZ8mS86+6RDucUD/RzteI5jmTbF8bS
LrfK7rhOOSJkFfmqXDVDWP9uc7+FKyD60ao6g033onKwcEMxrwY/oBXfmMZySr+6
RJWNUpp5ATd9RNCZf+MpmcUWSYsFKXetayhYrkzBE/15Ve03D1+aR4e4TFeyD760
ouupSw0viJdNc9CB7Y5OCs40AcmpQkjXZ8sf0J+0cpwaOA1/150kyQqerM1LzHV5
8MikRXaoSb5QaRAkmHXICmdUOBOUIQIWT371sAQ9MkCQWzem
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:24 2025 by rpki-client