Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
File: 541034be-1844-4bf7-9c43-91bf5b83fa3d.roa (raw, json)
Hash identifier: 7/xN1AYiOE9ClR+Bt8MdB37qO1FzApVnQeTL/3Szqdk=
Subject key identifier: CA:6C:E0:F9:84:0C:0B:B3:8C:E9:2C:F9:76:F8:25:38:83:B3:36:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 600EF207B4FCC4A45BC8965DBD99DC4EC20DF016
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
Signing time: Fri 22 Aug 2025 15:11:17 +0000
ROA not before: Fri 22 Aug 2025 15:11:17 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:0e:f2:07:b4:fc:c4:a4:5b:c8:96:5d:bd:99:dc:4e:c2:0d:f0:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:11:17 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=a27d000a9cc8164d023536f8d943b9d4800f29ca1f44aa9ecbd1f5f8b19e07d5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d2:33:e8:16:0f:dc:2d:3c:32:7e:08:f4:b0:
c2:f8:49:4f:5d:fb:f7:61:1b:57:fa:aa:da:38:02:
2a:50:28:5d:d9:82:2d:6b:91:9d:f5:42:73:90:4b:
1e:79:3e:6e:47:ab:76:1f:c1:a3:72:3c:f4:95:f7:
22:e8:6e:ed:d4:87:57:af:59:98:ae:bb:13:ad:df:
20:d5:3b:6c:ac:4d:a4:66:39:6b:69:28:94:47:07:
a0:88:2c:d1:b7:9b:75:29:52:46:5d:68:2d:2f:16:
af:83:6d:65:2c:3b:93:d4:41:e3:a4:9e:05:e0:1e:
e8:9c:8f:81:5d:1e:aa:38:cd:97:45:a7:4e:5b:99:
79:cf:bf:8f:98:1e:56:2c:81:70:8e:22:b6:5b:03:
32:93:ea:cf:3d:de:22:ab:00:e1:6b:28:ad:ad:96:
d9:19:26:e5:58:d9:70:3e:c2:a8:a9:d5:e9:7d:85:
54:7d:37:2e:fd:b2:fc:7f:c1:12:b2:8f:d4:24:fd:
9d:98:38:21:12:a4:52:2d:ad:fc:d5:b7:27:77:4d:
6b:c4:e3:39:bd:72:4d:c6:b9:92:10:27:1f:55:a4:
df:0a:22:a6:c6:4a:35:5c:2d:df:7d:7a:96:64:02:
31:3b:04:ba:a8:0d:cb:04:a1:45:45:94:8d:7a:6b:
15:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:6C:E0:F9:84:0C:0B:B3:8C:E9:2C:F9:76:F8:25:38:83:B3:36:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:8000::/40
Signature Algorithm: sha256WithRSAEncryption
ac:2a:69:48:80:3c:49:08:f2:88:11:9f:26:05:44:4b:15:49:
5e:42:e1:ea:21:1d:8b:1f:ed:93:e2:98:03:1d:dc:60:ed:fd:
7e:a6:52:5d:ca:ed:b9:e5:61:eb:23:50:f0:72:25:ab:70:88:
2a:1d:48:ac:9f:d0:29:06:f3:da:85:26:36:dd:d3:9b:a1:08:
1f:6c:c4:a4:49:bf:c7:19:6c:78:5b:03:6c:e3:26:da:30:9e:
dc:e6:50:91:96:4c:8c:f1:10:20:99:74:09:81:12:4d:ca:39:
ae:6d:40:9b:0e:69:51:25:13:b2:9e:11:4c:06:6e:56:b3:03:
a4:60:c2:4b:b8:7d:2c:7f:9b:67:b0:db:31:a2:b5:56:68:90:
b6:9d:a0:0e:b5:9f:b4:cc:53:15:f5:b0:94:68:5e:53:21:19:
29:f9:d1:93:23:c2:cc:fb:98:78:10:26:e0:94:3c:e3:5b:1f:
98:47:5f:85:8f:bb:a7:a4:f3:f4:28:58:5e:2f:42:e4:e7:19:
94:9d:ac:30:b1:56:7e:d4:cb:23:95:64:af:08:80:28:5f:f2:
99:74:4d:23:b8:ff:52:6b:bc:70:f9:a4:53:ae:7a:1b:e2:c2:
0b:10:6a:7b:12:e4:e8:44:eb:17:87:04:c7:ec:e4:0e:22:0d:
34:c4:39:55
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYA7yB7T8xKRbyJZdvZncTsIN8BYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTExMTdaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyN2QwMDBhOWNjODE2NGQwMjM1MzZmOGQ5NDNiOWQ0ODAwZjI5Y2ExZjQ0
YWE5ZWNiZDFmNWY4YjE5ZTA3ZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJPSM+gWD9wtPDJ+CPSwwvhJT13792EbV/qq2jgCKlAoXdmCLWuRnfVCc5BL
Hnk+bkerdh/Bo3I89JX3Iuhu7dSHV69ZmK67E63fINU7bKxNpGY5a2kolEcHoIgs
0bebdSlSRl1oLS8Wr4NtZSw7k9RB46SeBeAe6JyPgV0eqjjNl0WnTluZec+/j5ge
ViyBcI4itlsDMpPqzz3eIqsA4Wsora2W2Rkm5VjZcD7CqKnV6X2FVH03Lv2y/H/B
ErKP1CT9nZg4IRKkUi2t/NW3J3dNa8TjOb1yTca5khAnH1Wk3woipsZKNVwt3316
lmQCMTsEuqgNywShRUWUjXprFSkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTKbOD5
hAwLs4zpLPl2+CU4g7M2KDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQxMDM0YmUtMTg0NC00YmY3LTljNDMtOTFiZjViODNmYTNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HaA
MA0GCSqGSIb3DQEBCwUAA4IBAQCsKmlIgDxJCPKIEZ8mBURLFUleQuHqIR2LH+2T
4pgDHdxg7f1+plJdyu255WHrI1DwciWrcIgqHUisn9ApBvPahSY23dOboQgfbMSk
Sb/HGWx4WwNs4ybaMJ7c5lCRlkyM8RAgmXQJgRJNyjmubUCbDmlRJROynhFMBm5W
swOkYMJLuH0sf5tnsNsxorVWaJC2naAOtZ+0zFMV9bCUaF5TIRkp+dGTI8LM+5h4
ECbglDzjWx+YR1+Fj7unpPP0KFheL0Lk5xmUnawwsVZ+1MsjlWSvCIAoX/KZdE0j
uP9Sa7xw+aRTrnob4sILEGp7EuToROsXhwTH7OQOIg00xDlV
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:41 2025 by rpki-client