Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
File: 533769c8-002c-491c-9b99-324fe9f5743c.roa (raw, json)
Hash identifier: HIF/CJs2ahpcVbGljFawdIcb8PctgAG6TMAp+6d7bfw=
Subject key identifier: 23:08:17:BA:46:AF:68:20:07:8C:03:C1:02:82:B2:EF:3E:41:B0:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 376DD4AB9B7AE922D426DAD95AB52157E28A5205
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
Signing time: Tue 05 Aug 2025 20:20:07 +0000
ROA not before: Tue 05 Aug 2025 20:20:07 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d022::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:6d:d4:ab:9b:7a:e9:22:d4:26:da:d9:5a:b5:21:57:e2:8a:52:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:20:07 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=5ab923f188888e6886af3a47faa198ef2962a030fa79bd43e988733245f2edef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:27:c2:f7:12:55:0f:7e:94:de:da:7c:0a:84:
34:16:36:73:e8:65:8f:9e:8e:cf:96:11:7a:60:bc:
9b:98:1e:33:04:f0:06:4c:2f:fc:77:87:88:49:72:
f3:4b:27:29:cb:aa:d6:05:95:86:91:02:63:c1:11:
fa:dd:4a:4f:8b:31:dd:e4:3b:fc:c0:26:3b:a3:b0:
7c:6e:d1:19:38:58:9e:c8:7d:08:be:6a:00:1b:8d:
e0:e1:95:8b:5b:a8:7b:2d:ff:0d:11:44:f3:b6:4b:
ea:e2:c9:ff:76:f7:65:35:c2:6b:82:bc:67:2b:74:
d3:2c:a5:98:39:e1:e2:2c:1d:c3:43:c2:af:85:17:
54:03:74:c9:a2:ba:89:c4:c0:d9:b9:be:62:61:6e:
61:ea:1c:e4:39:85:61:34:d9:d1:ed:b8:73:38:77:
ef:e8:a1:b9:99:31:58:31:de:72:97:87:79:3d:ec:
6d:fd:1e:b2:8f:53:d3:8d:2d:17:ef:65:e0:4c:04:
a6:5a:1b:7b:e7:05:5a:d9:3d:8a:42:cc:3d:30:01:
3b:93:ee:93:f0:d0:0a:0c:6c:39:e5:70:71:c3:e5:
bf:e3:7c:08:4f:b3:e3:7a:8d:6f:24:89:ae:01:1e:
65:c8:96:99:99:b8:61:d8:d3:d5:38:58:17:66:62:
de:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:08:17:BA:46:AF:68:20:07:8C:03:C1:02:82:B2:EF:3E:41:B0:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d022::/36
Signature Algorithm: sha256WithRSAEncryption
a1:94:b6:ca:bb:44:fa:70:01:4b:0a:ad:16:36:3a:32:6b:7d:
7d:a7:2b:33:40:97:05:cc:4c:9e:8a:68:e5:a5:9f:1c:cc:27:
40:81:81:d6:d9:a8:03:85:e4:96:95:8c:50:95:b3:b7:39:5e:
46:0b:64:6e:19:8d:7f:6f:01:d2:74:61:81:f8:e4:6e:b1:b7:
2b:49:33:65:c3:cb:d7:b1:8d:e1:73:bd:61:77:15:ae:2a:3b:
37:c4:a8:12:a4:aa:4d:44:f9:ea:eb:4d:b6:02:95:83:34:f1:
91:48:e3:c4:a9:2b:c4:ec:c7:75:f0:32:0c:d4:b4:b5:fe:98:
e0:ee:3a:f3:60:74:37:74:ed:ae:07:1b:a3:15:22:d7:41:12:
4e:13:b5:bd:4a:60:09:1b:5b:2c:52:d8:e7:da:6d:ac:f9:13:
24:da:4c:63:4a:5b:73:0e:d1:2d:bb:9d:8b:3c:94:1a:79:4d:
ea:07:65:a6:31:25:14:00:30:a1:b7:21:42:d6:23:e2:a9:b7:
20:2c:21:59:d1:26:a6:2d:f8:0e:96:00:3e:3c:b7:69:a2:d8:
d5:f3:42:b5:28:89:23:20:7a:7a:d5:8d:15:e1:f0:f1:dd:97:
83:f0:13:85:5b:55:b6:fb:41:ad:e8:3e:0c:24:6a:54:27:54:
fc:b2:62:d2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN23Uq5t66SLUJtrZWrUhV+KKUgUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDIwMDdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhYjkyM2YxODg4ODhlNjg4NmFmM2E0N2ZhYTE5OGVmMjk2MmEwMzBmYTc5
YmQ0M2U5ODg3MzMyNDVmMmVkZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMnwvcSVQ9+lN7afAqENBY2c+hlj56Oz5YRemC8m5geMwTwBkwv/HeHiEly
80snKcuq1gWVhpECY8ER+t1KT4sx3eQ7/MAmO6OwfG7RGThYnsh9CL5qABuN4OGV
i1uoey3/DRFE87ZL6uLJ/3b3ZTXCa4K8Zyt00yylmDnh4iwdw0PCr4UXVAN0yaK6
icTA2bm+YmFuYeoc5DmFYTTZ0e24czh37+ihuZkxWDHecpeHeT3sbf0eso9T040t
F+9l4EwEplobe+cFWtk9ikLMPTABO5Puk/DQCgxsOeVwccPlv+N8CE+z43qNbySJ
rgEeZciWmZm4YdjT1ThYF2Zi3gMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQjCBe6
Rq9oIAeMA8ECgrLvPkGwxjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTMzNzY5YzgtMDAyYy00OTFjLTliOTktMzI0ZmU5ZjU3NDNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CIA
MA0GCSqGSIb3DQEBCwUAA4IBAQChlLbKu0T6cAFLCq0WNjoya319pyszQJcFzEye
imjlpZ8czCdAgYHW2agDheSWlYxQlbO3OV5GC2RuGY1/bwHSdGGB+ORusbcrSTNl
w8vXsY3hc71hdxWuKjs3xKgSpKpNRPnq6022ApWDNPGRSOPEqSvE7Md18DIM1LS1
/pjg7jrzYHQ3dO2uBxujFSLXQRJOE7W9SmAJG1ssUtjn2m2s+RMk2kxjSltzDtEt
u52LPJQaeU3qB2WmMSUUADChtyFC1iPiqbcgLCFZ0SamLfgOlgA+PLdpotjV80K1
KIkjIHp61Y0V4fDx3ZeD8BOFW1W2+0Gt6D4MJGpUJ1T8smLS
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:55:23 2025 by rpki-client