Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c57a644-0d1c-4126-9684-e345f93c1560.roa
File: 5c57a644-0d1c-4126-9684-e345f93c1560.roa (raw, json)
Hash identifier: 1OTOyF/iXMfyhaQgs+PejjNOyJPI1PtGAWBNrgEav3E=
Subject key identifier: 1E:58:B8:72:CD:75:4B:33:F6:D8:ED:2C:94:B8:8D:B6:26:EB:A1:FD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47ADEAAB1D5B2168D7181DE5EF7E82D32EE80C1F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c57a644-0d1c-4126-9684-e345f93c1560.roa
Signing time: Tue 05 Aug 2025 19:22:03 +0000
ROA not before: Tue 05 Aug 2025 19:22:03 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:ad:ea:ab:1d:5b:21:68:d7:18:1d:e5:ef:7e:82:d3:2e:e8:0c:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:22:03 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=90ba9f57a86ceb1f8e2198230e547c32734d500d7d30e37dfb0ae400f2e0c1c5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b4:77:03:07:46:b4:5d:b9:77:9b:d0:45:fc:
f2:07:34:0b:59:86:84:73:b3:02:7e:8b:c5:5e:7e:
48:8c:20:2e:23:73:e9:09:47:b8:18:3a:0c:25:f1:
78:a7:1a:7a:fd:d2:9a:9d:d4:29:6f:4c:83:ae:2d:
00:12:ab:2d:9f:24:81:44:ff:b7:66:00:a8:2d:58:
9f:50:24:89:eb:11:1c:07:24:76:a0:fb:96:3e:08:
00:41:ea:c8:73:49:3e:99:76:79:37:ee:df:af:c5:
24:d3:fd:31:2c:ad:c5:ff:bc:b9:da:83:97:20:97:
b5:ed:8d:c8:dc:67:a8:e0:f9:0c:34:2a:4d:d8:c5:
d8:4a:d2:68:26:25:9c:cb:ca:57:b8:55:32:37:9e:
37:ed:5a:e3:4f:01:03:75:8a:c9:be:98:78:2c:57:
52:04:d2:92:15:e5:4f:65:ca:e8:39:99:aa:ae:46:
5b:33:f3:fc:e2:25:5a:ef:03:8f:21:c1:ab:84:f2:
0e:43:d0:bf:57:d5:a8:06:30:c3:0e:f3:6f:e9:6d:
43:ec:e6:97:c5:81:be:9d:0f:b7:6b:33:41:89:39:
61:ed:f6:1e:c2:b8:b0:6b:7e:96:d1:a8:f8:5f:18:
e0:7b:c4:d9:70:40:64:83:b5:39:9f:32:ed:60:d1:
5f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:58:B8:72:CD:75:4B:33:F6:D8:ED:2C:94:B8:8D:B6:26:EB:A1:FD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c57a644-0d1c-4126-9684-e345f93c1560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:9040::/48
Signature Algorithm: sha256WithRSAEncryption
12:60:e8:a4:0b:dd:05:ea:6c:21:2f:25:02:1f:c4:52:bc:b3:
97:93:51:84:b8:ef:0f:41:c6:24:47:f7:f5:a6:04:04:8e:b3:
3a:15:ba:90:f6:89:1c:6d:57:19:67:6d:de:3f:6f:7d:91:79:
ff:cb:57:db:f2:be:56:da:ce:fb:92:fd:97:99:ef:48:aa:49:
74:7e:4d:fd:d5:82:f0:a3:7e:52:08:ba:d9:f0:3e:63:43:46:
37:c0:3e:b7:99:d8:72:9d:8a:a5:50:4d:41:9a:14:91:6d:4f:
33:78:c4:ae:36:64:dc:43:af:46:c6:d9:f9:1e:da:eb:cc:76:
e4:01:65:7e:41:0b:85:1a:a0:b6:9b:52:11:59:4c:69:16:84:
70:56:91:6b:48:53:1e:81:59:45:65:76:7c:11:88:78:25:cd:
5e:96:ff:86:6d:c8:7d:e6:9d:d3:14:98:e7:ff:54:c4:8d:66:
ef:8b:f5:2b:e8:d9:57:3b:e0:70:76:a9:64:73:49:f1:11:4e:
48:26:e8:e8:6a:93:10:d8:bb:2b:4e:15:e2:51:a0:70:f0:f7:
ce:bc:4a:39:ee:32:5b:29:83:07:7a:37:59:6c:dc:9e:52:fd:
96:24:2c:e1:48:2c:24:ec:94:57:fb:f8:f8:d2:18:8c:14:bd:
14:5b:de:60
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUR63qqx1bIWjXGB3l736C0y7oDB8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIyMDNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwYmE5ZjU3YTg2Y2ViMWY4ZTIxOTgyMzBlNTQ3YzMyNzM0ZDUwMGQ3ZDMw
ZTM3ZGZiMGFlNDAwZjJlMGMxYzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANC0dwMHRrRduXeb0EX88gc0C1mGhHOzAn6LxV5+SIwgLiNz6QlHuBg6DCXx
eKcaev3Smp3UKW9Mg64tABKrLZ8kgUT/t2YAqC1Yn1AkiesRHAckdqD7lj4IAEHq
yHNJPpl2eTfu36/FJNP9MSytxf+8udqDlyCXte2NyNxnqOD5DDQqTdjF2ErSaCYl
nMvKV7hVMjeeN+1a408BA3WKyb6YeCxXUgTSkhXlT2XK6DmZqq5GWzPz/OIlWu8D
jyHBq4TyDkPQv1fVqAYwww7zb+ltQ+zml8WBvp0Pt2szQYk5Ye32HsK4sGt+ltGo
+F8Y4HvE2XBAZIO1OZ8y7WDRX+ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQeWLhy
zXVLM/bY7SyUuI22Juuh/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM1N2E2NDQtMGQxYy00MTI2LTk2ODQtZTM0NWY5M2MxNTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAEmDopAvdBepsIS8lAh/EUryzl5NRhLjvD0HG
JEf39aYEBI6zOhW6kPaJHG1XGWdt3j9vfZF5/8tX2/K+VtrO+5L9l5nvSKpJdH5N
/dWC8KN+Ugi62fA+Y0NGN8A+t5nYcp2KpVBNQZoUkW1PM3jErjZk3EOvRsbZ+R7a
68x25AFlfkELhRqgtptSEVlMaRaEcFaRa0hTHoFZRWV2fBGIeCXNXpb/hm3Ifead
0xSY5/9UxI1m74v1K+jZVzvgcHapZHNJ8RFOSCbo6GqTENi7K04V4lGgcPD3zrxK
Oe4yWymDB3o3WWzcnlL9liQs4UgsJOyUV/v4+NIYjBS9FFveYA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:37 2025 by rpki-client