Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
File: 5246cdd9-6493-4560-b4c3-8d974de78b57.roa (raw, json)
Hash identifier: 7jiOz4OSJhfdhV2BBEJQIHDjhfpbdwPq4WQlZC20GM8=
Subject key identifier: 16:0C:64:74:90:A5:6C:C8:D5:A7:40:35:DD:68:8F:10:2F:52:FE:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0ED0FC8DA98954D6958B0A9D032CD1D923E84CF9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
Signing time: Wed 06 Aug 2025 00:50:07 +0000
ROA not before: Wed 06 Aug 2025 00:50:07 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:d0:fc:8d:a9:89:54:d6:95:8b:0a:9d:03:2c:d1:d9:23:e8:4c:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:07 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=9196f9c8809201577e6fc6602a66e28d1c3952c68141da7699bdff88daf6c2ea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4c:44:9c:68:90:fc:8a:4e:dd:56:8e:5e:8d:
48:63:1b:db:04:ee:0d:f7:a4:a3:0d:9e:46:f4:bd:
52:a4:a2:49:0b:9d:d4:a9:58:50:73:83:f5:a7:c5:
6d:d8:c7:19:38:38:08:36:19:6c:e8:52:cb:6e:ad:
42:74:10:5e:c7:1e:40:12:69:fa:ee:8e:5c:44:af:
c2:f4:84:5c:a8:99:97:5a:bc:45:09:f4:9a:9c:07:
45:09:9a:5a:42:fa:1e:7a:27:fc:6b:4d:72:e8:95:
10:55:18:ba:50:e7:7e:79:bf:4b:e7:86:34:c3:49:
47:f8:5a:93:13:78:84:21:84:3e:79:11:80:97:69:
0c:c3:aa:c3:85:c1:0e:63:8a:f3:9c:20:42:d1:ea:
17:91:ed:96:be:81:b7:54:70:5a:54:f9:2f:35:b5:
e9:b5:7f:ed:87:6b:3e:ef:e4:7a:d5:9a:3e:9b:35:
1b:a9:bf:b2:7d:28:46:00:c0:de:b2:0a:5d:4f:37:
e3:b8:b9:65:f7:96:05:bf:4f:25:a9:5f:f9:8d:9d:
e2:00:7b:34:a4:ac:09:67:86:49:48:6e:0b:c9:47:
38:ee:f4:02:9b:a9:d4:4d:30:c5:2b:25:cd:95:49:
a8:b3:47:34:68:57:46:95:1b:fc:fc:dc:2a:4c:fb:
86:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:0C:64:74:90:A5:6C:C8:D5:A7:40:35:DD:68:8F:10:2F:52:FE:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:c000::/40
Signature Algorithm: sha256WithRSAEncryption
94:83:b0:9e:dc:ff:55:ab:26:55:cf:27:8f:97:6b:c9:eb:9e:
d4:98:5f:ad:60:48:95:7f:2d:61:6a:61:35:9a:4f:63:91:5b:
70:22:ea:62:13:66:ae:2c:0b:87:9e:97:44:6f:a6:d5:e5:b4:
19:6f:67:3b:e7:fc:33:54:3b:35:d0:1f:5f:35:52:d9:95:9e:
f2:f1:89:cc:a9:bf:f2:71:35:4b:84:e0:14:5e:e0:cd:5b:65:
da:ec:c5:81:e4:64:e9:46:42:9c:c7:ad:8e:2b:93:f6:23:8c:
82:6a:cd:d9:4e:b1:fe:4b:81:3d:ea:f6:4d:6e:00:03:c0:f1:
33:b5:0d:fe:f9:b9:4a:bb:e4:9e:97:db:bf:9c:91:5f:fd:bc:
e4:5a:87:7b:6d:aa:5f:b3:af:ae:f4:41:b5:63:aa:4e:8a:6d:
05:0c:85:67:c2:5a:2a:b8:d8:f3:6a:52:47:fd:7a:b1:ce:fd:
8a:c6:c3:80:ee:d2:7f:80:56:0d:38:c4:e7:e1:e9:4d:b9:fc:
a6:74:f1:cb:44:d9:59:bd:f4:f2:37:10:8d:e2:56:70:2f:ee:
49:12:49:d8:d6:6c:c8:45:42:1b:b7:c5:75:11:fd:21:04:9a:
b4:d6:e6:17:64:d0:e7:28:d4:25:0b:47:9c:66:cf:7e:c3:88:
8f:50:25:e7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDtD8jamJVNaViwqdAyzR2SPoTPkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwMDdaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxOTZmOWM4ODA5MjAxNTc3ZTZmYzY2MDJhNjZlMjhkMWMzOTUyYzY4MTQx
ZGE3Njk5YmRmZjg4ZGFmNmMyZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVMRJxokPyKTt1Wjl6NSGMb2wTuDfekow2eRvS9UqSiSQud1KlYUHOD9afF
bdjHGTg4CDYZbOhSy26tQnQQXsceQBJp+u6OXESvwvSEXKiZl1q8RQn0mpwHRQma
WkL6Hnon/GtNcuiVEFUYulDnfnm/S+eGNMNJR/hakxN4hCGEPnkRgJdpDMOqw4XB
DmOK85wgQtHqF5Htlr6Bt1RwWlT5LzW16bV/7YdrPu/ketWaPps1G6m/sn0oRgDA
3rIKXU8347i5ZfeWBb9PJalf+Y2d4gB7NKSsCWeGSUhuC8lHOO70Apup1E0wxSsl
zZVJqLNHNGhXRpUb/PzcKkz7hjMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWDGR0
kKVsyNWnQDXdaI8QL1L+kjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI0NmNkZDktNjQ5My00NTYwLWI0YzMtOGQ5NzRkZTc4YjU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DjA
MA0GCSqGSIb3DQEBCwUAA4IBAQCUg7Ce3P9VqyZVzyePl2vJ657UmF+tYEiVfy1h
amE1mk9jkVtwIupiE2auLAuHnpdEb6bV5bQZb2c75/wzVDs10B9fNVLZlZ7y8YnM
qb/ycTVLhOAUXuDNW2Xa7MWB5GTpRkKcx62OK5P2I4yCas3ZTrH+S4E96vZNbgAD
wPEztQ3++blKu+Sel9u/nJFf/bzkWod7bapfs6+u9EG1Y6pOim0FDIVnwloquNjz
alJH/Xqxzv2KxsOA7tJ/gFYNOMTn4elNufymdPHLRNlZvfTyNxCN4lZwL+5JEknY
1mzIRUIbt8V1Ef0hBJq01uYXZNDnKNQlC0ecZs9+w4iPUCXn
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:44:25 2025 by rpki-client