Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
File: 5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa (raw, json)
Hash identifier: tkE5YByRFXztilaZb1heloZNkv4WzFxtH2c7FJGaTkk=
Subject key identifier: 4B:E1:CE:C1:5A:1B:75:0E:09:18:34:67:EA:3B:BB:60:FE:A1:B8:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7EB428306CE7254A08CD772C1135B1FF6E6E6A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
Signing time: Fri 22 Aug 2025 15:10:06 +0000
ROA not before: Fri 22 Aug 2025 15:10:06 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:b4:28:30:6c:e7:25:4a:08:cd:77:2c:11:35:b1:ff:6e:6e:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:06 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=6325686e4b511ff2cf54b3a11e827b823f1390fd328b0a0fce6f6d9d6cd88f9c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:5a:2b:f5:8a:5d:28:8e:20:7c:a8:ca:65:fa:
11:d0:d0:f0:fb:69:a7:8a:ad:b2:76:8f:cc:91:68:
2f:f2:04:8d:52:d4:8c:45:85:d1:39:af:48:0b:e1:
27:bc:17:4d:79:73:cc:6b:6c:96:79:e9:d2:f4:91:
db:32:db:b2:46:ec:d4:34:96:eb:d8:4b:9d:d2:13:
af:b5:66:4c:ff:fd:d5:c8:06:d3:b0:37:3a:17:b8:
83:a5:80:90:5c:dd:75:f3:18:e6:8d:8d:87:1f:fa:
c4:4d:37:b4:ab:b8:e9:cb:e6:a1:51:57:1e:e5:db:
7c:88:94:92:57:02:10:3c:66:dd:85:be:34:7d:f8:
66:09:03:e8:e8:de:1c:9a:7d:12:82:59:56:62:19:
dd:51:63:72:05:dc:99:db:6f:10:e9:01:b3:0f:0a:
8c:98:54:0e:f1:83:e3:0c:c9:b5:83:06:e4:8b:87:
24:42:5d:61:c8:c3:63:7c:22:9e:b2:29:5d:36:0d:
36:7c:0e:91:81:ca:b8:a4:fd:7f:d9:23:da:10:a1:
d4:f4:b8:c2:bc:1c:1e:f0:3a:27:34:08:6d:dd:f3:
82:0f:74:4a:d9:87:03:d3:e4:28:be:db:98:79:3f:
a1:85:85:a4:79:56:84:fa:75:bd:c5:6a:34:ab:49:
83:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E1:CE:C1:5A:1B:75:0E:09:18:34:67:EA:3B:BB:60:FE:A1:B8:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b8f9832-df9b-4fc8-94da-5e883e0d6e47.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:8000::/40
Signature Algorithm: sha256WithRSAEncryption
b9:11:50:b4:7d:e9:6a:d3:ac:da:bc:88:43:b2:05:36:e2:35:
29:76:ad:63:03:8f:dd:34:d6:c2:ac:60:2d:fc:13:02:c4:76:
74:7b:e1:b5:de:9a:15:55:02:f5:c1:44:31:eb:10:02:1b:96:
fb:82:59:ca:f6:56:f4:1d:72:25:20:a2:66:84:70:32:7b:01:
90:56:b3:9e:5c:33:55:4d:9d:2f:48:63:bc:7c:34:45:1d:3e:
c7:d0:10:6b:37:71:a8:47:61:79:a2:e7:c7:6c:5e:4e:5a:d8:
51:3e:ce:97:4f:7b:ae:fc:63:fd:ba:b5:b8:40:a9:6d:ee:f9:
67:3c:e5:24:46:9c:08:6e:a4:1b:fe:2b:1e:24:7f:b6:8b:62:
08:dc:a1:1b:c4:9b:6b:eb:10:dd:d9:36:06:ea:32:f0:f2:27:
87:24:68:a0:97:6f:c8:b3:44:4c:c9:1e:9a:f0:31:26:d7:b5:
47:40:b7:c3:ce:99:a3:8b:be:21:15:06:39:db:5e:5f:45:67:
ad:62:64:56:c0:1a:6f:b7:89:65:f8:c7:67:37:00:60:02:3c:
3d:5b:53:62:b0:0e:5b:e8:90:7f:80:40:c3:0d:7c:04:b1:30:
51:75:ef:f7:ef:eb:6c:9a:a0:b1:d3:ff:93:64:dc:a7:c6:96:
67:1f:2c:48
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgITfrQoMGznJUoIzXcsETWx/25uajANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDgyMjE1MTAwNloXDTI1MDkyNjIzNTk1OVowejFJMEcGA1UE
BRNANjMyNTY4NmU0YjUxMWZmMmNmNTRiM2ExMWU4MjdiODIzZjEzOTBmZDMyOGIw
YTBmY2U2ZjZkOWQ2Y2Q4OGY5YzEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4Vor9YpdKI4gfKjKZfoR0NDw+2mniq2ydo/MkWgv8gSNUtSMRYXROa9IC+En
vBdNeXPMa2yWeenS9JHbMtuyRuzUNJbr2Eud0hOvtWZM//3VyAbTsDc6F7iDpYCQ
XN118xjmjY2HH/rETTe0q7jpy+ahUVce5dt8iJSSVwIQPGbdhb40ffhmCQPo6N4c
mn0SgllWYhndUWNyBdyZ228Q6QGzDwqMmFQO8YPjDMm1gwbki4ckQl1hyMNjfCKe
sildNg02fA6Rgcq4pP1/2SPaEKHU9LjCvBwe8DonNAht3fOCD3RK2YcD0+QovtuY
eT+hhYWkeVaE+nW9xWo0q0mDzwIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFEvhzsFa
G3UOCRg0Z+o7u2D+obiIMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC81
YjhmOTgzMi1kZjliLTRmYzgtOTRkYS01ZTg4M2UwZDZlNDcucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQMIAw
DQYJKoZIhvcNAQELBQADggEBALkRULR96WrTrNq8iEOyBTbiNSl2rWMDj9001sKs
YC38EwLEdnR74bXemhVVAvXBRDHrEAIblvuCWcr2VvQdciUgomaEcDJ7AZBWs55c
M1VNnS9IY7x8NEUdPsfQEGs3cahHYXmi58dsXk5a2FE+zpdPe678Y/26tbhAqW3u
+Wc85SRGnAhupBv+Kx4kf7aLYgjcoRvEm2vrEN3ZNgbqMvDyJ4ckaKCXb8izREzJ
HprwMSbXtUdAt8POmaOLviEVBjnbXl9FZ61iZFbAGm+3iWX4x2c3AGACPD1bU2Kw
DlvokH+AQMMNfASxMFF17/fv62yaoLHT/5Nk3KfGlmcfLEg=
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:50:05 2025 by rpki-client