Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
File: 543bc67d-08f9-4a99-bf5e-68100e034395.roa (raw, json)
Hash identifier: 08LEJXqsKHM2uUnbKAEEP19PJaLe2YTwp5anRfbi9Sk=
Subject key identifier: 74:C3:E9:1C:61:2A:CE:09:07:D9:F0:E4:40:17:60:84:B3:0F:05:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BBF12359BFFDFA765E4F37F9AD75D00FD0AB9B9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
Signing time: Tue 05 Aug 2025 19:10:45 +0000
ROA not before: Tue 05 Aug 2025 19:10:45 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:bf:12:35:9b:ff:df:a7:65:e4:f3:7f:9a:d7:5d:00:fd:0a:b9:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:10:45 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=f39d87f93d83378b3e4ccb1ba922ea1e225a2d935ed1274c842d812f5e520ff3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8a:ba:a9:60:20:8c:5a:e9:99:ee:27:b0:50:
86:b4:7b:5b:ed:40:dc:07:1e:86:00:ae:03:94:47:
43:6e:97:84:01:20:b2:78:98:14:28:04:30:d8:60:
9e:08:aa:c1:40:54:31:49:29:2b:45:20:8e:f2:89:
dc:34:69:a0:59:e8:7e:ef:59:2b:df:b4:13:e3:46:
e7:58:db:60:c3:84:2c:fc:99:86:e6:ed:dd:4f:4a:
97:60:9d:dc:c4:2d:d4:bb:be:c3:71:5d:13:db:44:
91:f7:20:cd:de:fb:17:73:9f:ef:74:9b:ca:a4:e9:
bb:e2:d4:3c:44:59:90:2e:81:85:73:38:28:29:c2:
55:d6:90:b0:ad:fa:03:ea:aa:44:f0:02:c8:53:66:
24:f7:f7:8f:cd:97:37:04:19:99:04:48:51:e6:ab:
8c:52:75:6c:f5:67:ac:a3:f3:0d:94:05:25:ab:ed:
94:e8:bd:4c:0b:e8:66:50:f4:96:4d:01:25:b4:6d:
eb:00:67:36:de:60:bd:3e:af:74:16:2f:e4:fb:b9:
77:4b:8c:ee:43:e5:79:1a:89:f3:02:19:72:52:de:
fa:2b:0c:b0:ca:86:17:94:66:35:e4:98:8e:1e:a2:
29:a0:b1:5c:7f:3b:68:a4:79:a3:9f:b4:20:9f:2b:
e9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:C3:E9:1C:61:2A:CE:09:07:D9:F0:E4:40:17:60:84:B3:0F:05:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4080::/48
Signature Algorithm: sha256WithRSAEncryption
b0:e8:67:7d:06:e9:14:ef:a4:75:12:f2:63:ab:0e:c2:90:fb:
1c:b1:6f:c3:1e:13:5a:72:e5:58:95:00:c1:a5:a2:de:3f:73:
cb:d4:57:9a:d1:8b:66:79:9f:fb:43:55:41:aa:1e:bb:d0:cc:
31:20:65:91:82:95:23:80:e2:b0:4a:ef:39:e1:69:51:1a:d4:
26:fd:56:86:fc:3a:78:23:81:2d:44:8a:a5:23:67:f3:30:8a:
03:ab:00:8a:c8:36:78:37:3d:38:06:b1:25:41:2d:b1:56:2a:
aa:1d:72:9e:7d:f3:b4:67:ba:b2:78:2d:31:6f:7e:76:6d:56:
d8:25:29:f2:57:d5:3a:96:c3:d3:ef:e6:43:f0:3e:1e:4e:05:
25:6b:11:c4:72:8a:67:f1:14:2d:29:03:42:60:b7:79:1a:b2:
f6:71:b3:2c:28:c8:fa:79:0f:53:02:e0:9e:06:c3:ee:07:9d:
6e:ac:e7:08:c4:18:60:23:89:12:87:52:69:0d:1e:55:09:7d:
34:51:75:e3:b2:7d:40:21:69:48:ba:1b:0c:e8:dd:f9:ce:3f:
38:26:dd:f2:7e:0d:7c:34:ed:71:ff:89:7b:65:c8:6c:e1:85:
17:8d:ea:b2:92:64:a6:ad:ef:6f:01:ec:c4:f2:bc:ee:d9:e0:
3b:54:af:39
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUa78SNZv/36dl5PN/mtddAP0KubkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTEwNDVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzOWQ4N2Y5M2Q4MzM3OGIzZTRjY2IxYmE5MjJlYTFlMjI1YTJkOTM1ZWQx
Mjc0Yzg0MmQ4MTJmNWU1MjBmZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKOKuqlgIIxa6ZnuJ7BQhrR7W+1A3AcehgCuA5RHQ26XhAEgsniYFCgEMNhg
ngiqwUBUMUkpK0UgjvKJ3DRpoFnofu9ZK9+0E+NG51jbYMOELPyZhubt3U9Kl2Cd
3MQt1Lu+w3FdE9tEkfcgzd77F3Of73SbyqTpu+LUPERZkC6BhXM4KCnCVdaQsK36
A+qqRPACyFNmJPf3j82XNwQZmQRIUearjFJ1bPVnrKPzDZQFJavtlOi9TAvoZlD0
lk0BJbRt6wBnNt5gvT6vdBYv5Pu5d0uM7kPleRqJ8wIZclLe+isMsMqGF5RmNeSY
jh6iKaCxXH87aKR5o5+0IJ8r6cUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR0w+kc
YSrOCQfZ8ORAF2CEsw8F5zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQzYmM2N2QtMDhmOS00YTk5LWJmNWUtNjgxMDBlMDM0Mzk1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
gDANBgkqhkiG9w0BAQsFAAOCAQEAsOhnfQbpFO+kdRLyY6sOwpD7HLFvwx4TWnLl
WJUAwaWi3j9zy9RXmtGLZnmf+0NVQaoeu9DMMSBlkYKVI4DisErvOeFpURrUJv1W
hvw6eCOBLUSKpSNn8zCKA6sAisg2eDc9OAaxJUEtsVYqqh1ynn3ztGe6sngtMW9+
dm1W2CUp8lfVOpbD0+/mQ/A+Hk4FJWsRxHKKZ/EULSkDQmC3eRqy9nGzLCjI+nkP
UwLgngbD7gedbqznCMQYYCOJEodSaQ0eVQl9NFF147J9QCFpSLobDOjd+c4/OCbd
8n4NfDTtcf+Je2XIbOGFF43qspJkpq3vbwHsxPK87tngO1SvOQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:47 2025 by rpki-client