Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
File: 5387f3e7-ef20-46b2-8929-bf638dce97e1.roa (raw, json)
Hash identifier: hQUVUSnevckSGM8U7pL6R72fz7X5CR4rrdXq/pdm9zw=
Subject key identifier: 2C:A0:D8:E1:4D:B6:34:24:4B:4D:A0:BB:36:32:BB:45:96:17:56:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F1AF01050A00671E7723974362AEF524EF95000
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
Signing time: Tue 05 Aug 2025 19:01:08 +0000
ROA not before: Tue 05 Aug 2025 19:01:08 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:1a:f0:10:50:a0:06:71:e7:72:39:74:36:2a:ef:52:4e:f9:50:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:01:08 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=20f29c0f6ea3f77a14bffc0f204f66bde8bb1a03afdda61f25cbb7267cadf91f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:bb:09:fc:70:86:19:4d:3c:f4:03:13:83:4e:
73:bc:dd:f7:84:39:f8:14:4b:f0:5d:26:26:a5:24:
ad:97:ce:a5:dc:c3:95:bc:bc:e9:d2:9c:97:18:92:
dd:4a:5a:a7:73:7a:66:6a:85:f5:24:bf:d8:48:f4:
fb:2d:a2:8d:ea:0f:bc:fc:87:a8:ca:60:53:66:12:
35:0f:59:b6:9f:58:20:6c:dc:0b:6a:21:24:bf:23:
1a:ca:1d:44:97:4c:89:e5:55:03:c2:69:6c:1b:b0:
33:ca:c5:6f:68:b8:00:79:7b:a5:31:96:94:0a:1f:
dc:30:99:75:eb:df:66:fb:bb:c0:20:1b:7e:04:7d:
f2:8e:31:2c:83:5a:5e:48:3e:fa:ed:94:fa:7c:a5:
5e:51:6f:4f:5c:7e:63:d1:c3:6b:ca:0c:8c:ea:f5:
36:9e:7b:1c:83:1e:62:9a:cd:43:5b:f8:43:c3:14:
4a:2a:88:de:d3:9f:2e:3f:35:7e:da:fe:9c:88:a8:
94:39:b6:b4:1c:32:f0:49:f1:60:0e:b8:eb:fd:0f:
81:a1:13:b8:ef:c9:7a:3e:6c:af:aa:d6:29:38:c9:
3d:a2:9a:b3:b6:d5:11:8b:19:3f:9f:be:f0:d7:49:
f1:c3:0f:3a:26:c6:6c:4a:c5:08:2a:4c:74:0a:b1:
9c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:A0:D8:E1:4D:B6:34:24:4B:4D:A0:BB:36:32:BB:45:96:17:56:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5000::/40
Signature Algorithm: sha256WithRSAEncryption
0b:72:6b:19:04:5f:c8:fc:ef:00:09:d2:b2:cc:ac:2e:82:ba:
2a:de:cf:44:b5:bb:c6:0a:16:71:81:2e:1f:ab:0e:99:98:3e:
e1:de:0f:b9:ea:30:98:e7:1c:37:fa:9b:3e:a1:c2:fa:35:3f:
04:0e:fb:da:31:90:bf:10:71:44:3c:cd:0e:44:92:09:8f:cd:
92:b4:ee:e1:76:90:33:31:a1:ea:ce:32:8d:b7:60:e2:ea:3d:
dc:9e:da:a9:d0:48:03:17:ea:7d:87:ad:ac:2f:5b:8c:88:43:
09:0c:27:9e:e2:36:1a:98:26:28:b1:db:41:9b:ba:15:18:7f:
70:04:e2:ef:91:45:b3:b1:04:a7:47:38:21:a6:2f:97:ff:99:
89:10:c2:3f:eb:03:90:cf:3d:f3:89:65:db:d3:06:49:34:e0:
60:e5:47:3c:5a:75:04:7f:14:73:2c:0d:bd:37:89:35:a6:4c:
99:80:c9:64:b9:b9:56:1c:d3:24:a3:21:83:59:18:7e:af:e1:
3e:82:27:92:af:15:7c:3f:0f:8d:81:b7:3c:da:9d:61:cd:92:
b7:f7:bd:db:91:50:6e:94:15:02:13:11:b5:47:b6:59:7c:0c:
fa:b8:99:fe:96:5a:17:54:0d:d4:4d:d5:88:c2:89:e4:5f:ae:
4f:11:e1:71
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPxrwEFCgBnHncjl0NirvUk75UAAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAxMDhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwZjI5YzBmNmVhM2Y3N2ExNGJmZmMwZjIwNGY2NmJkZThiYjFhMDNhZmRk
YTYxZjI1Y2JiNzI2N2NhZGY5MWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALe7CfxwhhlNPPQDE4NOc7zd94Q5+BRL8F0mJqUkrZfOpdzDlby86dKclxiS
3Upap3N6ZmqF9SS/2Ej0+y2ijeoPvPyHqMpgU2YSNQ9Ztp9YIGzcC2ohJL8jGsod
RJdMieVVA8JpbBuwM8rFb2i4AHl7pTGWlAof3DCZdevfZvu7wCAbfgR98o4xLINa
Xkg++u2U+nylXlFvT1x+Y9HDa8oMjOr1Np57HIMeYprNQ1v4Q8MUSiqI3tOfLj81
ftr+nIiolDm2tBwy8EnxYA646/0PgaETuO/Jej5sr6rWKTjJPaKas7bVEYsZP5++
8NdJ8cMPOibGbErFCCpMdAqxnOcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQsoNjh
TbY0JEtNoLs2MrtFlhdW0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTM4N2YzZTctZWYyMC00NmIyLTg5MjktYmY2MzhkY2U5N2UxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQALcmsZBF/I/O8ACdKyzKwugroq3s9EtbvGChZx
gS4fqw6ZmD7h3g+56jCY5xw3+ps+ocL6NT8EDvvaMZC/EHFEPM0ORJIJj82StO7h
dpAzMaHqzjKNt2Di6j3cntqp0EgDF+p9h62sL1uMiEMJDCee4jYamCYosdtBm7oV
GH9wBOLvkUWzsQSnRzghpi+X/5mJEMI/6wOQzz3ziWXb0wZJNOBg5Uc8WnUEfxRz
LA29N4k1pkyZgMlkublWHNMkoyGDWRh+r+E+gieSrxV8Pw+Ngbc82p1hzZK3973b
kVBulBUCExG1R7ZZfAz6uJn+lloXVA3UTdWIwonkX65PEeFx
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:58:36 2025 by rpki-client