Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
File: 5c829516-8640-4a9a-a2b3-cfababf09faa.roa (raw, json)
Hash identifier: LpA5vsCEZs3fiPzkEYOldmxiqT2/Z+W7+1x24sZkqx0=
Subject key identifier: 60:6C:87:97:EB:81:64:F7:B4:21:8B:29:15:D2:3D:60:9C:37:2C:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12AC5255A6D6C525DA254ADBCEC6D92B64B57D52
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
Signing time: Tue 05 Aug 2025 19:22:02 +0000
ROA not before: Tue 05 Aug 2025 19:22:02 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:ac:52:55:a6:d6:c5:25:da:25:4a:db:ce:c6:d9:2b:64:b5:7d:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:22:02 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=5ba2b5b95f396836bf6f86bf4002f9f71421fecf10e4b10185449ce42ce68d39, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4b:f8:5a:f5:b5:7c:f5:d5:d7:0f:85:f8:f6:
cc:b3:ba:b3:b5:90:ca:e7:03:bb:0d:d5:3c:92:8a:
cc:9a:d5:06:73:76:01:2f:9f:63:ef:7c:f5:f4:bc:
78:12:91:38:47:3c:51:c3:f3:0e:c9:50:dc:c1:8e:
91:e6:65:54:69:2f:80:56:be:2f:43:bc:2f:e5:88:
91:a0:5c:74:c8:1d:03:16:38:49:12:25:ce:a2:d8:
20:cc:16:48:c7:e0:cd:2f:42:46:1b:1a:23:15:aa:
ef:92:50:44:22:97:03:8f:c9:7d:4e:45:87:e1:77:
4a:72:03:f4:85:fd:f9:12:81:dc:41:5a:7f:f7:4e:
fc:5f:bf:60:22:36:1c:37:9b:2c:77:02:ac:a1:28:
b6:c2:59:2b:ff:f7:77:57:7b:68:d2:ac:db:54:81:
b0:04:15:72:4a:64:1f:10:b9:f6:b9:04:b7:18:e0:
ea:24:e8:6e:1a:47:48:4e:8e:c1:aa:d8:48:2b:94:
ee:9e:61:df:1d:fb:38:7b:3e:aa:b7:0c:e2:9a:07:
0a:6a:f6:d0:3a:1e:46:c2:91:a5:f3:41:92:e7:a6:
48:cc:4f:56:30:d4:31:6d:b6:1b:82:a2:20:85:c6:
2c:ce:5c:13:86:01:10:7c:a6:5a:c1:21:f9:a9:67:
d3:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:6C:87:97:EB:81:64:F7:B4:21:8B:29:15:D2:3D:60:9C:37:2C:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e080::/48
Signature Algorithm: sha256WithRSAEncryption
27:22:42:24:50:f8:76:2f:3d:43:d4:3a:e5:38:bf:d1:91:c1:
5d:0b:65:7a:47:f9:fb:34:6f:3f:7f:cd:ee:6d:ef:f5:83:68:
a2:67:6c:c6:83:40:b4:28:03:24:b1:0e:05:65:ef:1a:38:81:
a0:69:11:37:29:57:60:ab:1a:b7:54:1b:ad:88:18:00:56:ac:
2e:5a:17:36:7e:4e:01:18:8f:f2:d2:63:64:a0:6b:e2:e5:ad:
51:cf:0e:e2:40:b3:f8:19:63:d0:a3:e0:6a:7c:bc:96:78:d5:
36:90:ca:1f:fa:44:47:3b:f2:2e:5e:b6:e9:b7:60:bd:60:2d:
45:bb:98:38:cb:44:00:32:0a:18:41:11:fc:02:1d:fb:b0:24:
c7:f2:c6:4f:9e:51:d5:16:7d:89:dc:03:ea:5d:79:d7:74:81:
da:83:11:2f:87:4b:3e:99:16:eb:a0:36:0c:8b:b3:7c:ce:37:
8f:4d:22:e0:96:97:68:2f:e0:51:8f:2a:07:d2:f1:5e:d5:4e:
fa:2c:03:81:16:02:48:31:27:36:f6:a8:ce:87:ce:5d:77:72:
e9:1b:c1:33:b6:7f:aa:f7:c3:b6:45:72:03:50:6e:26:6e:1e:
cc:e7:b5:fd:4c:d8:2b:39:a1:78:1a:5c:2b:14:0c:22:c2:90:
3e:80:3e:d8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEqxSVabWxSXaJUrbzsbZK2S1fVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIyMDJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDViYTJiNWI5NWYzOTY4MzZiZjZmODZiZjQwMDJmOWY3MTQyMWZlY2YxMGU0
YjEwMTg1NDQ5Y2U0MmNlNjhkMzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJtL+Fr1tXz11dcPhfj2zLO6s7WQyucDuw3VPJKKzJrVBnN2AS+fY+989fS8
eBKROEc8UcPzDslQ3MGOkeZlVGkvgFa+L0O8L+WIkaBcdMgdAxY4SRIlzqLYIMwW
SMfgzS9CRhsaIxWq75JQRCKXA4/JfU5Fh+F3SnID9IX9+RKB3EFaf/dO/F+/YCI2
HDebLHcCrKEotsJZK//3d1d7aNKs21SBsAQVckpkHxC59rkEtxjg6iTobhpHSE6O
warYSCuU7p5h3x37OHs+qrcM4poHCmr20DoeRsKRpfNBkuemSMxPVjDUMW22G4Ki
IIXGLM5cE4YBEHymWsEh+aln0w0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRgbIeX
64Fk97QhiykV0j1gnDcspzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM4Mjk1MTYtODY0MC00YTlhLWEyYjMtY2ZhYmFiZjA5ZmFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg
gDANBgkqhkiG9w0BAQsFAAOCAQEAJyJCJFD4di89Q9Q65Ti/0ZHBXQtlekf5+zRv
P3/N7m3v9YNoomdsxoNAtCgDJLEOBWXvGjiBoGkRNylXYKsat1QbrYgYAFasLloX
Nn5OARiP8tJjZKBr4uWtUc8O4kCz+Blj0KPgany8lnjVNpDKH/pERzvyLl626bdg
vWAtRbuYOMtEADIKGEER/AId+7Akx/LGT55R1RZ9idwD6l1513SB2oMRL4dLPpkW
66A2DIuzfM43j00i4JaXaC/gUY8qB9LxXtVO+iwDgRYCSDEnNvaozofOXXdy6RvB
M7Z/qvfDtkVyA1BuJm4ezOe1/UzYKzmheBpcKxQMIsKQPoA+2A==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:15 2025 by rpki-client