Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa
File: 613f885a-7f25-486b-9eff-fdd6b2c05b65.roa (raw, json)
Hash identifier: q6B9LbTxBvZwosSmlejjMFJ6rmGM5rBmZV5gKrtTVA0=
Subject key identifier: 22:D5:14:7F:EB:AF:0A:59:1D:4D:CE:00:02:40:FE:1C:0D:90:5B:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76BBA093E3162616ED596C648D8FCD85D16D6FFF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa
Signing time: Tue 05 Aug 2025 19:30:09 +0000
ROA not before: Tue 05 Aug 2025 19:30:09 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:bb:a0:93:e3:16:26:16:ed:59:6c:64:8d:8f:cd:85:d1:6d:6f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:30:09 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=5c7d3184412a040cf27517f9edc8c8ce8f346a4b94a2fe9a23bf37d1c7fef090, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ea:00:d2:10:a4:84:06:20:fa:dc:a5:5b:60:
03:75:9a:95:ee:f2:87:9b:e4:c3:29:75:64:ef:4c:
33:13:e4:f0:cb:1a:29:e7:eb:6e:a3:92:2c:9e:5c:
27:91:e2:75:4b:ba:67:9a:20:ae:1b:da:b8:f4:06:
0c:a1:2a:eb:19:49:4a:ad:76:d1:19:54:a2:4f:56:
0a:0e:6e:a9:da:6d:85:f1:5f:27:e6:9e:9b:9a:be:
cb:08:eb:3f:8e:65:d0:86:24:ba:4e:8c:ff:2f:d9:
a9:8b:09:d3:3d:1c:39:79:67:6d:3f:ea:43:c6:1d:
97:9b:5f:85:57:ad:8e:2d:f0:64:ef:a3:31:3a:d4:
5d:5a:25:1b:9d:e9:9f:5e:1f:19:af:2d:e2:c9:2d:
e0:e3:26:ad:ca:dc:8e:47:a2:73:c6:76:c6:b3:72:
d2:90:4b:13:3c:39:35:1d:fc:fb:e5:59:b3:41:5c:
8c:5d:50:6a:30:2f:13:95:d1:fe:33:f5:cf:05:28:
b7:a3:86:d3:ee:0e:00:72:90:a5:56:af:a7:7e:10:
5a:5e:9d:3d:ab:ed:5d:b9:c5:80:63:f0:d8:58:6a:
fc:58:17:fa:f8:32:e6:59:86:18:e3:63:4e:c3:de:
41:52:7a:c0:90:4b:c5:71:29:ff:07:62:90:a8:27:
02:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:D5:14:7F:EB:AF:0A:59:1D:4D:CE:00:02:40:FE:1C:0D:90:5B:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4080::/48
Signature Algorithm: sha256WithRSAEncryption
8a:89:06:31:d4:24:e3:87:58:16:ba:ef:6e:a7:ce:3c:fc:87:
c2:fa:54:a4:73:4f:35:9f:14:80:e5:f3:e0:f4:2f:ca:e7:57:
a7:a2:17:80:81:4c:c4:2c:e8:c7:06:48:e8:ff:6a:4b:1c:86:
9f:fe:8f:49:df:7c:9d:f6:97:75:4d:a8:a6:f4:ca:ed:3d:45:
0b:f4:4f:8d:99:e6:2b:1e:e3:bb:fa:f9:f7:78:66:47:d7:c3:
28:df:12:20:4f:7f:50:53:bb:a8:38:ac:a5:c1:a8:38:06:73:
ae:8e:22:62:72:63:f9:29:a2:c5:42:29:e2:d3:4f:58:ad:27:
73:32:99:f4:20:53:ed:46:98:51:98:00:ee:40:af:35:d5:d6:
d0:30:a7:93:ba:39:c4:fe:96:ba:d3:c2:b9:eb:78:07:9c:03:
f2:0c:12:65:2f:2b:5a:1a:96:9e:0c:79:45:cc:1f:63:26:69:
01:c2:23:03:93:c1:11:b1:35:bf:5a:f5:cb:f7:b8:06:2a:ea:
2f:8b:6e:88:a7:b0:e1:44:45:68:7b:9e:6a:86:c7:c0:35:60:
82:50:5e:a7:d0:f8:40:d8:fa:8e:ff:2d:52:12:9a:eb:44:22:
70:08:ad:31:a4:ec:4c:d4:c7:54:b8:e1:93:90:a2:b6:a9:50:
36:84:5e:60
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdrugk+MWJhbtWWxkjY/NhdFtb/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMwMDlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjN2QzMTg0NDEyYTA0MGNmMjc1MTdmOWVkYzhjOGNlOGYzNDZhNGI5NGEy
ZmU5YTIzYmYzN2QxYzdmZWYwOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTqANIQpIQGIPrcpVtgA3Wale7yh5vkwyl1ZO9MMxPk8MsaKefrbqOSLJ5c
J5HidUu6Z5ogrhvauPQGDKEq6xlJSq120RlUok9WCg5uqdpthfFfJ+aem5q+ywjr
P45l0IYkuk6M/y/ZqYsJ0z0cOXlnbT/qQ8Ydl5tfhVetji3wZO+jMTrUXVolG53p
n14fGa8t4skt4OMmrcrcjkeic8Z2xrNy0pBLEzw5NR38++VZs0FcjF1QajAvE5XR
/jP1zwUot6OG0+4OAHKQpVavp34QWl6dPavtXbnFgGPw2Fhq/FgX+vgy5lmGGONj
TsPeQVJ6wJBLxXEp/wdikKgnAlcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQi1RR/
668KWR1NzgACQP4cDZBbtzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjEzZjg4NWEtN2YyNS00ODZiLTllZmYtZmRkNmIyYzA1YjY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
gDANBgkqhkiG9w0BAQsFAAOCAQEAiokGMdQk44dYFrrvbqfOPPyHwvpUpHNPNZ8U
gOXz4PQvyudXp6IXgIFMxCzoxwZI6P9qSxyGn/6PSd98nfaXdU2opvTK7T1FC/RP
jZnmKx7ju/r593hmR9fDKN8SIE9/UFO7qDispcGoOAZzro4iYnJj+SmixUIp4tNP
WK0nczKZ9CBT7UaYUZgA7kCvNdXW0DCnk7o5xP6WutPCuet4B5wD8gwSZS8rWhqW
ngx5RcwfYyZpAcIjA5PBEbE1v1r1y/e4BirqL4tuiKew4URFaHueaobHwDVgglBe
p9D4QNj6jv8tUhKa60QicAitMaTsTNTHVLjhk5CitqlQNoReYA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:29:21 2025 by rpki-client