Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
File: 538037c5-70a6-4b45-b84c-b4af8015af39.roa (raw, json)
Hash identifier: OJl+BD1QYS2P8yrV7dyQL4ZoIIkllhJvAGLE40p0B10=
Subject key identifier: EA:B5:42:F5:C0:BC:21:96:2F:AF:8C:24:6E:EF:C6:CD:34:F5:F6:BE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2806E8235DAE83BE5B2077EDCC60A787D436DDEE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
Signing time: Tue 05 Aug 2025 20:11:00 +0000
ROA not before: Tue 05 Aug 2025 20:11:00 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d029::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:06:e8:23:5d:ae:83:be:5b:20:77:ed:cc:60:a7:87:d4:36:dd:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:11:00 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=09c9f8e1471a7134791ab1de726fa4c0540ab6ebdf77c1fff3bcad101d7c590c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:01:2d:db:4c:6f:85:b9:63:e8:d8:8a:b5:d3:
ca:21:d2:62:8e:27:b1:32:a5:c6:8e:c3:2e:54:8c:
6e:2a:ba:72:36:a1:27:80:99:3e:8f:bc:b5:65:b6:
c7:23:fb:34:5d:15:26:d9:f5:dd:2c:ae:0e:0b:ed:
37:03:d0:9e:28:b2:71:b7:91:31:fc:6f:eb:3b:bb:
28:54:cc:a4:7e:9c:cb:8c:57:18:49:ed:11:58:30:
c5:a5:9c:03:8a:80:e7:95:c9:7b:8a:74:b7:8e:e6:
23:26:8e:3b:fa:f9:ab:f4:42:82:98:c0:74:14:a7:
46:b8:e8:21:f8:e4:63:6f:a4:5a:d7:0b:d8:88:0f:
56:f5:6e:0e:53:84:3b:74:6a:e7:01:7c:1d:7b:a1:
25:e3:18:92:34:b8:2e:fe:b2:f5:41:14:c0:78:2c:
dc:86:b4:3a:3c:52:03:02:44:9a:dd:9a:d4:a4:4e:
49:d0:a3:5a:91:0b:ef:ec:ee:fc:5e:e8:32:20:f5:
3d:8d:14:7b:9e:a1:86:8f:4c:bc:a6:dc:04:3b:25:
45:5e:ae:70:55:5a:08:00:91:eb:7b:71:34:5c:af:
63:da:1f:4e:df:65:35:a0:cb:5a:96:fa:f9:ec:cb:
97:68:10:41:20:12:59:99:60:01:a5:e0:9c:34:f8:
02:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:B5:42:F5:C0:BC:21:96:2F:AF:8C:24:6E:EF:C6:CD:34:F5:F6:BE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d029::/36
Signature Algorithm: sha256WithRSAEncryption
bb:0e:5f:d0:e1:e9:7b:f2:78:c1:72:ef:d3:e5:1b:a1:54:b4:
5a:0a:c8:40:87:fb:47:b8:df:b0:52:eb:4c:42:86:88:ba:2b:
f7:dc:58:4c:15:f3:58:e5:43:4e:ef:f8:d9:11:43:b5:8a:a0:
5c:76:54:79:6a:38:d1:83:c2:fc:37:9c:85:df:d0:80:70:72:
de:8d:da:72:3e:66:a6:05:1e:66:e7:a3:41:88:e9:e4:73:59:
80:fb:b5:b4:70:1d:3f:e7:0d:0e:a7:d0:85:a4:6b:ee:70:1d:
59:8e:d9:99:9b:47:dd:57:36:42:fd:4a:cf:7e:78:f2:5b:a8:
8a:a3:73:25:82:31:8f:73:3c:6b:3e:be:1b:65:6b:90:fb:f8:
8d:73:29:51:41:0b:c6:c1:13:a9:26:07:84:6a:28:4a:22:97:
01:b2:24:c0:b8:9f:08:88:0d:30:df:86:0a:2f:39:5c:90:06:
59:c7:66:57:3b:ef:55:a7:a2:08:d4:95:9c:d5:31:da:fa:40:
a2:1e:bc:46:72:3a:74:04:43:fa:6d:00:ee:b5:36:76:da:86:
c0:3b:69:84:3f:cd:27:fa:54:c0:b6:c8:31:5f:39:1f:73:f3:
fc:27:a4:aa:4b:f2:f3:2a:c8:fa:d1:14:d7:a0:33:04:5b:cf:
7b:c6:c3:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKAboI12ug75bIHftzGCnh9Q23e4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDExMDBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5YzlmOGUxNDcxYTcxMzQ3OTFhYjFkZTcyNmZhNGMwNTQwYWI2ZWJkZjc3
YzFmZmYzYmNhZDEwMWQ3YzU5MGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwBLdtMb4W5Y+jYirXTyiHSYo4nsTKlxo7DLlSMbiq6cjahJ4CZPo+8tWW2
xyP7NF0VJtn13SyuDgvtNwPQniiycbeRMfxv6zu7KFTMpH6cy4xXGEntEVgwxaWc
A4qA55XJe4p0t47mIyaOO/r5q/RCgpjAdBSnRrjoIfjkY2+kWtcL2IgPVvVuDlOE
O3Rq5wF8HXuhJeMYkjS4Lv6y9UEUwHgs3Ia0OjxSAwJEmt2a1KROSdCjWpEL7+zu
/F7oMiD1PY0Ue56hho9MvKbcBDslRV6ucFVaCACR63txNFyvY9ofTt9lNaDLWpb6
+ezLl2gQQSASWZlgAaXgnDT4AtECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTqtUL1
wLwhli+vjCRu78bNNPX2vjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTM4MDM3YzUtNzBhNi00YjQ1LWI4NGMtYjRhZjgwMTVhZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CkA
MA0GCSqGSIb3DQEBCwUAA4IBAQC7Dl/Q4el78njBcu/T5RuhVLRaCshAh/tHuN+w
UutMQoaIuiv33FhMFfNY5UNO7/jZEUO1iqBcdlR5ajjRg8L8N5yF39CAcHLejdpy
PmamBR5m56NBiOnkc1mA+7W0cB0/5w0Op9CFpGvucB1ZjtmZm0fdVzZC/UrPfnjy
W6iKo3MlgjGPczxrPr4bZWuQ+/iNcylRQQvGwROpJgeEaihKIpcBsiTAuJ8IiA0w
34YKLzlckAZZx2ZXO+9Vp6II1JWc1THa+kCiHrxGcjp0BEP6bQDutTZ22obAO2mE
P80n+lTAtsgxXzkfc/P8J6SqS/LzKsj60RTXoDMEW897xsOs
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:50:52 2025 by rpki-client