Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa
File: 669652b6-0b22-49a0-b29f-dfb51835c988.roa (raw, json)
Hash identifier: qQPSExG8BjP3CYcqnHgx/PWU00IHJgJDBynwrYpSY1Y=
Subject key identifier: 4F:18:38:F6:F4:DC:47:32:96:35:2A:E0:30:17:C8:92:E0:F5:7A:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F52776411D433FD6C762F0E06009ED0B075153F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa
Signing time: Tue 05 Aug 2025 20:11:34 +0000
ROA not before: Tue 05 Aug 2025 20:11:34 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:52:77:64:11:d4:33:fd:6c:76:2f:0e:06:00:9e:d0:b0:75:15:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:11:34 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=8b8664abccc59c15ffae36b5ae4cd1c489e9225055a362d6b5cc45bb36aa0d71, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:be:0a:a3:68:7f:f3:4b:dc:37:e6:e8:5b:17:
a1:d8:55:b6:92:12:2d:18:61:e3:c7:2b:91:cd:20:
8a:43:af:ac:6e:e5:c9:96:80:d3:11:cd:ef:ed:cb:
9e:f1:f2:80:98:c2:93:55:2e:4a:60:1e:33:ec:c5:
9e:88:4f:14:64:19:5b:ec:af:f5:cc:a7:87:c4:41:
d6:a8:24:5a:58:b4:9e:b4:1b:cf:17:5b:e2:82:7a:
fe:58:f8:dd:f0:b1:44:99:b4:ad:9f:c2:93:fc:3e:
42:e2:61:4f:00:a9:62:dc:e7:5e:e9:06:22:7d:d2:
ef:51:9e:d5:48:34:e3:75:85:7b:b1:71:bb:2b:9a:
bb:26:09:ec:3a:c7:de:69:fe:28:79:be:c9:e0:b5:
bc:b4:a2:13:28:fa:ac:49:e2:92:7c:ac:be:7a:f3:
65:22:c9:c0:c3:4d:89:a0:0b:b2:6b:39:19:9d:80:
36:f4:d7:ea:04:17:68:dc:8a:c1:09:c5:0b:03:f3:
58:e9:32:e3:2d:eb:9a:ab:3d:77:e8:f3:93:25:c1:
53:f9:19:91:25:eb:a5:77:c4:c7:a0:f2:5f:cd:65:
95:91:76:bd:e1:73:e5:f6:42:ea:f7:f2:f7:12:94:
be:62:96:a0:a4:47:9a:9c:84:34:4b:89:c9:ad:c2:
fa:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:18:38:F6:F4:DC:47:32:96:35:2A:E0:30:17:C8:92:E0:F5:7A:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c::/38
Signature Algorithm: sha256WithRSAEncryption
b9:52:2c:f2:71:4c:e9:48:de:b4:2a:c2:86:5d:9a:09:02:72:
93:53:b9:a9:f3:d6:e1:68:86:9e:da:92:29:41:d8:33:c1:5a:
35:9c:4a:c1:9f:24:1c:37:e8:54:36:f9:4d:c6:05:cb:b4:02:
22:25:15:19:6a:f3:c8:f5:f7:92:49:e2:9d:07:f0:9b:c8:4a:
d4:87:bd:67:2a:cb:80:00:21:40:a1:83:69:bd:87:10:b4:c7:
aa:f0:dd:7c:e4:19:50:56:65:2a:34:51:31:f4:52:7d:0b:6c:
0d:4f:ff:72:15:ed:9f:01:62:be:c6:51:2b:bf:90:9f:f0:88:
bb:38:02:c7:d3:77:11:72:99:4b:2a:c1:51:86:c8:22:b7:bf:
8f:bd:54:60:65:e3:68:d9:52:08:bf:80:65:b6:95:67:6e:c7:
49:f9:a7:ab:41:c1:8c:c3:16:a7:84:71:01:56:ef:7f:4d:41:
43:18:45:26:b0:46:70:71:ff:98:6b:e6:38:11:35:a0:04:20:
7d:bd:7c:06:6c:d7:02:1b:a9:82:02:71:b4:89:17:e8:b9:d2:
10:b3:40:3a:ff:be:1a:71:82:93:1a:b6:04:a3:df:e4:c7:3d:
68:90:33:d2:16:e7:42:a6:a0:07:ec:fc:33:e8:56:4b:57:0f:
21:2b:18:7a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX1J3ZBHUM/1sdi8OBgCe0LB1FT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDExMzRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiODY2NGFiY2NjNTljMTVmZmFlMzZiNWFlNGNkMWM0ODllOTIyNTA1NWEz
NjJkNmI1Y2M0NWJiMzZhYTBkNzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMq+CqNof/NL3Dfm6FsXodhVtpISLRhh48crkc0gikOvrG7lyZaA0xHN7+3L
nvHygJjCk1UuSmAeM+zFnohPFGQZW+yv9cynh8RB1qgkWli0nrQbzxdb4oJ6/lj4
3fCxRJm0rZ/Ck/w+QuJhTwCpYtznXukGIn3S71Ge1Ug043WFe7FxuyuauyYJ7DrH
3mn+KHm+yeC1vLSiEyj6rEniknysvnrzZSLJwMNNiaALsms5GZ2ANvTX6gQXaNyK
wQnFCwPzWOky4y3rmqs9d+jzkyXBU/kZkSXrpXfEx6DyX81llZF2veFz5fZC6vfy
9xKUvmKWoKRHmpyENEuJya3C+nMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRPGDj2
9NxHMpY1KuAwF8iS4PV6lTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjY5NjUyYjYtMGIyMi00OWEwLWIyOWYtZGZiNTE4MzVjOTg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwA
MA0GCSqGSIb3DQEBCwUAA4IBAQC5UizycUzpSN60KsKGXZoJAnKTU7mp89bhaIae
2pIpQdgzwVo1nErBnyQcN+hUNvlNxgXLtAIiJRUZavPI9feSSeKdB/CbyErUh71n
KsuAACFAoYNpvYcQtMeq8N185BlQVmUqNFEx9FJ9C2wNT/9yFe2fAWK+xlErv5Cf
8Ii7OALH03cRcplLKsFRhsgit7+PvVRgZeNo2VIIv4BltpVnbsdJ+aerQcGMwxan
hHEBVu9/TUFDGEUmsEZwcf+Ya+Y4ETWgBCB9vXwGbNcCG6mCAnG0iRfoudIQs0A6
/74acYKTGrYEo9/kxz1okDPSFudCpqAH7Pwz6FZLVw8hKxh6
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:28 2025 by rpki-client