Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
File: 595250c3-e9f2-4e23-9779-87c47497f520.roa (raw, json)
Hash identifier: TLmnVN/l+fGss9A0F54bAj4xUZNtYr0iMaVpevA2qfY=
Subject key identifier: 5A:9F:8C:95:50:C6:33:15:5C:A9:79:C5:AA:EE:FD:1F:68:8A:5E:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 629650896939350E6F98504E9A303905C741FF4C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
Signing time: Tue 05 Aug 2025 19:41:21 +0000
ROA not before: Tue 05 Aug 2025 19:41:21 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:96:50:89:69:39:35:0e:6f:98:50:4e:9a:30:39:05:c7:41:ff:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:41:21 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=6abcfaf91ab77d72d0362ec820438799bdbf06d9085653a4957376aa4a7f1eed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b7:51:c1:16:03:93:18:2a:2c:46:97:e1:4a:
f1:44:a1:28:a0:01:a6:a8:58:17:1b:0e:7f:ff:36:
12:c7:c8:53:6e:80:0e:27:5a:35:e9:23:4c:e2:ec:
aa:c5:aa:8e:a6:8c:c7:bf:98:55:17:33:b1:3b:8b:
80:fd:f4:d0:43:86:48:f0:65:96:27:b6:82:d4:9a:
b2:c9:21:fb:56:92:8c:1d:92:10:d9:fd:61:81:0c:
c8:92:cb:76:8a:16:55:44:06:4b:42:4d:f8:f7:74:
e9:41:eb:a1:8d:74:10:5b:eb:24:c7:1d:74:fa:1c:
16:b6:54:a1:ec:b6:2a:d2:98:de:ec:14:c7:b7:83:
69:f6:b9:63:9b:cd:1e:f6:36:54:df:c8:d5:08:37:
f3:71:48:06:ee:14:4d:c0:9a:aa:38:d9:4e:b6:df:
aa:9e:31:fd:7e:23:75:29:dc:f5:d9:6f:cf:6f:f7:
eb:2b:0b:ec:c8:16:71:f0:c5:40:ac:82:8a:2b:aa:
30:bc:ba:f1:0e:47:8e:15:aa:f6:5a:a7:fa:a6:6e:
ae:df:e1:f9:8f:89:8e:90:9a:b4:47:50:23:c1:a6:
21:54:1f:95:69:c6:fe:51:84:83:98:0a:a8:8f:fb:
34:cf:47:c6:1e:02:e7:83:50:be:07:c8:12:41:c0:
1b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:9F:8C:95:50:C6:33:15:5C:A9:79:C5:AA:EE:FD:1F:68:8A:5E:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:5000::/40
Signature Algorithm: sha256WithRSAEncryption
43:6e:44:c7:f6:5d:b1:52:60:60:4a:07:99:6a:16:d9:8c:de:
a0:49:4d:5f:57:ae:b9:33:b7:76:15:2a:da:df:d3:78:70:d8:
c1:93:3e:3b:17:86:dd:f5:b7:c3:c9:1a:5b:a1:f2:9e:86:0a:
e9:a5:2b:f1:06:57:15:44:89:d1:8f:92:4f:c9:cf:8b:36:34:
79:64:41:f0:ac:2d:3c:28:db:b5:b0:33:57:e0:a9:2d:3f:18:
e1:87:1d:b3:b3:e2:8e:fb:15:ac:16:21:38:30:74:41:39:ce:
37:41:46:8d:c4:b2:7e:d0:35:75:8b:78:17:50:3e:64:22:a3:
8b:21:97:2f:6b:ea:d4:2a:9e:ee:c3:80:cc:5b:ce:06:c9:f8:
86:23:41:2e:03:60:0a:b7:4c:02:7a:3f:7c:dd:de:af:ee:3c:
37:3e:30:b5:67:ef:11:58:0c:0e:a2:b5:17:42:59:e1:15:bb:
70:8a:32:51:95:ee:f2:ec:f2:f5:b7:ac:a2:d2:ea:d3:c4:93:
80:0f:8c:49:92:bd:88:af:bb:ae:c0:1b:f0:6a:b7:97:65:2d:
3e:cb:56:a4:9b:38:a8:f1:e8:12:0d:a0:7b:0d:68:c4:a9:5e:
1d:db:25:3f:bc:93:42:ba:24:1c:4f:1a:20:b3:76:47:00:7e:
67:bc:8e:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYpZQiWk5NQ5vmFBOmjA5BcdB/0wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQxMjFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhYmNmYWY5MWFiNzdkNzJkMDM2MmVjODIwNDM4Nzk5YmRiZjA2ZDkwODU2
NTNhNDk1NzM3NmFhNGE3ZjFlZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMm3UcEWA5MYKixGl+FK8UShKKABpqhYFxsOf/82EsfIU26ADidaNekjTOLs
qsWqjqaMx7+YVRczsTuLgP300EOGSPBllie2gtSasskh+1aSjB2SENn9YYEMyJLL
dooWVUQGS0JN+Pd06UHroY10EFvrJMcddPocFrZUoey2KtKY3uwUx7eDafa5Y5vN
HvY2VN/I1Qg383FIBu4UTcCaqjjZTrbfqp4x/X4jdSnc9dlvz2/36ysL7MgWcfDF
QKyCiiuqMLy68Q5HjhWq9lqn+qZurt/h+Y+JjpCatEdQI8GmIVQflWnG/lGEg5gK
qI/7NM9Hxh4C54NQvgfIEkHAG50CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRan4yV
UMYzFVypecWq7v0faIpeSzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTk1MjUwYzMtZTlmMi00ZTIzLTk3NzktODdjNDc0OTdmNTIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBDbkTH9l2xUmBgSgeZahbZjN6gSU1fV665M7d2
FSra39N4cNjBkz47F4bd9bfDyRpbofKehgrppSvxBlcVRInRj5JPyc+LNjR5ZEHw
rC08KNu1sDNX4KktPxjhhx2zs+KO+xWsFiE4MHRBOc43QUaNxLJ+0DV1i3gXUD5k
IqOLIZcva+rUKp7uw4DMW84GyfiGI0EuA2AKt0wCej983d6v7jw3PjC1Z+8RWAwO
orUXQlnhFbtwijJRle7y7PL1t6yi0urTxJOAD4xJkr2Ir7uuwBvwareXZS0+y1ak
mzio8egSDaB7DWjEqV4d2yU/vJNCuiQcTxogs3ZHAH5nvI6c
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:09 2025 by rpki-client