Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
File: 55ba2d71-c4db-41f1-a648-b39b354abfa6.roa (raw, json)
Hash identifier: g4BgDusXpww743bCMThqgWIZ7urj6luLpG9QjRTHHOQ=
Subject key identifier: 23:2D:AF:76:87:38:17:47:C9:D1:22:A7:30:FC:61:89:CD:F1:F6:38
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 57811D005255A8AAD9C3726B5E30E008803F202C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
Signing time: Tue 05 Aug 2025 19:40:49 +0000
ROA not before: Tue 05 Aug 2025 19:40:49 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:81:1d:00:52:55:a8:aa:d9:c3:72:6b:5e:30:e0:08:80:3f:20:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:40:49 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=45829d87a25fd01588d765b32819fb79994c5236f0db356a9beafc06c41452d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8e:b6:75:e9:d8:de:de:56:e6:7e:05:0a:39:
a1:95:c0:a1:f2:80:42:29:6e:60:5c:7f:4b:e8:3b:
2f:b4:ab:f1:15:a1:49:57:bb:3d:7f:c8:72:70:b4:
95:37:27:f4:dd:34:79:0a:e6:77:fe:e5:b9:b7:4f:
55:cf:69:8c:7d:b2:8a:61:83:8d:a7:6e:2e:5e:7a:
0b:e2:73:ff:ed:cf:a9:d0:6b:9e:7e:5b:37:89:32:
9e:19:b5:39:b3:33:e2:a8:25:27:fe:18:0a:ae:ba:
91:54:58:50:e8:b6:e0:a4:15:d8:33:3c:fa:a9:bd:
0e:51:cc:31:da:c3:66:9d:52:f8:a1:51:e3:e0:a4:
93:19:63:74:48:f1:f1:8b:bf:ed:2d:ee:40:fb:3c:
9d:66:92:23:ea:88:9f:17:e3:3a:50:fe:a8:09:53:
03:a8:e5:1c:c6:35:26:e5:fa:40:ab:64:4a:61:df:
48:3d:fb:a3:ad:03:d2:03:cb:10:38:60:4c:ae:b0:
4a:eb:cd:e1:b5:e3:a2:54:fa:c7:50:c1:e4:98:8b:
18:2f:51:a0:e0:81:f9:90:84:e4:f5:c8:b0:bd:9d:
1e:d7:5d:95:74:e5:b8:4a:78:f2:c8:04:cc:c5:22:
6f:2e:a8:f6:71:58:8a:0a:c1:fe:cb:75:2d:19:51:
5e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:2D:AF:76:87:38:17:47:C9:D1:22:A7:30:FC:61:89:CD:F1:F6:38
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55ba2d71-c4db-41f1-a648-b39b354abfa6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:8000::/40
Signature Algorithm: sha256WithRSAEncryption
21:57:e1:1f:c2:66:25:b3:2e:ea:5d:b4:19:45:46:bd:56:8f:
4c:af:e5:dd:ba:90:6c:4b:d4:b0:4b:e1:48:bb:0f:d3:e9:27:
93:3f:19:b3:1d:72:1d:f8:88:fc:fe:37:08:73:e0:bb:af:6e:
8a:87:df:52:26:26:11:73:38:4e:6d:57:06:d2:a9:da:6c:59:
29:3d:7c:ba:03:8c:a0:46:13:72:63:84:d4:b3:e3:24:1e:20:
00:8a:6b:49:56:d2:74:e4:32:0d:d1:ec:12:1d:31:5d:e6:34:
bd:40:21:bb:db:ad:2d:7b:39:3d:b0:59:f2:f9:5e:35:61:59:
61:5e:82:c2:33:5b:fe:9d:87:68:e6:83:2d:39:db:fa:8e:f0:
82:23:f7:c3:95:a1:8b:92:23:40:6a:34:c4:02:5c:bd:f9:67:
81:42:ba:f5:4e:c1:75:83:dd:1b:e9:84:78:4d:17:a0:ba:e3:
90:a9:69:d9:f2:30:4f:40:b0:30:85:af:4b:11:ec:6e:a3:54:
d0:17:35:c8:3d:3b:08:19:3e:4f:56:3c:e6:88:41:fd:cc:04:
6d:2a:31:b4:69:bc:ed:4e:68:20:3a:f4:7e:94:99:a1:3c:0c:
6b:b3:0f:a9:50:02:af:5a:cf:dd:c6:6f:56:0b:e2:92:2e:c7:
e0:83:45:b3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUV4EdAFJVqKrZw3JrXjDgCIA/ICwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQwNDlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1ODI5ZDg3YTI1ZmQwMTU4OGQ3NjViMzI4MTlmYjc5OTk0YzUyMzZmMGRi
MzU2YTliZWFmYzA2YzQxNDUyZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKOtnXp2N7eVuZ+BQo5oZXAofKAQiluYFx/S+g7L7Sr8RWhSVe7PX/IcnC0
lTcn9N00eQrmd/7lubdPVc9pjH2yimGDjaduLl56C+Jz/+3PqdBrnn5bN4kynhm1
ObMz4qglJ/4YCq66kVRYUOi24KQV2DM8+qm9DlHMMdrDZp1S+KFR4+CkkxljdEjx
8Yu/7S3uQPs8nWaSI+qInxfjOlD+qAlTA6jlHMY1JuX6QKtkSmHfSD37o60D0gPL
EDhgTK6wSuvN4bXjolT6x1DB5JiLGC9RoOCB+ZCE5PXIsL2dHtddlXTluEp48sgE
zMUiby6o9nFYigrB/st1LRlRXnkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQjLa92
hzgXR8nRIqcw/GGJzfH2ODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTViYTJkNzEtYzRkYi00MWYxLWE2NDgtYjM5YjM1NGFiZmE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FiA
MA0GCSqGSIb3DQEBCwUAA4IBAQAhV+EfwmYlsy7qXbQZRUa9Vo9Mr+XdupBsS9Sw
S+FIuw/T6SeTPxmzHXId+Ij8/jcIc+C7r26Kh99SJiYRczhObVcG0qnabFkpPXy6
A4ygRhNyY4TUs+MkHiAAimtJVtJ05DIN0ewSHTFd5jS9QCG7260tezk9sFny+V41
YVlhXoLCM1v+nYdo5oMtOdv6jvCCI/fDlaGLkiNAajTEAly9+WeBQrr1TsF1g90b
6YR4TReguuOQqWnZ8jBPQLAwha9LEexuo1TQFzXIPTsIGT5PVjzmiEH9zARtKjG0
abztTmggOvR+lJmhPAxrsw+pUAKvWs/dxm9WC+KSLsfgg0Wz
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:09 2025 by rpki-client