Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7381c075-d96b-43bf-8a89-25dbab9a1a8d.roa
File: 7381c075-d96b-43bf-8a89-25dbab9a1a8d.roa (raw, json)
Hash identifier: aL/iAGDmv3dv2P43j5WlHCU099dB17SoIQUT6kAh8UA=
Subject key identifier: 37:AA:CF:A1:49:F9:62:E4:87:03:7E:CF:68:96:4C:F7:45:9E:D9:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54559CA90C659EC8FA2401CC6700F41C1D5E87EF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7381c075-d96b-43bf-8a89-25dbab9a1a8d.roa
Signing time: Sat 09 Aug 2025 00:20:05 +0000
ROA not before: Sat 09 Aug 2025 00:20:05 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:55:9c:a9:0c:65:9e:c8:fa:24:01:cc:67:00:f4:1c:1d:5e:87:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 9 00:20:05 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=45b1f8742b9c6b4b85486e8608ac42a7d986c655a1a5f1465e9abf49f9632cf9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f4:ea:23:30:26:f8:6f:12:9f:24:a6:17:84:
7b:3a:21:ef:19:dd:62:2a:f9:75:20:14:5f:87:e0:
a8:39:f3:2a:8f:2d:d1:6b:c9:e3:14:2b:43:3d:63:
cd:bc:96:21:ca:f8:52:ac:8b:8c:0f:b1:c6:dc:c2:
39:9f:52:fc:a9:02:7f:94:5c:0a:da:84:c6:58:88:
ee:35:21:c1:6f:b4:ad:4e:a0:4d:92:c2:43:32:19:
13:ea:be:aa:a1:29:aa:aa:fd:a0:46:6c:8e:59:f2:
b9:43:5b:8a:cf:c2:68:56:ac:53:f5:7b:45:9c:9c:
2d:92:fa:bb:c8:67:77:69:18:9c:99:d4:a4:47:4a:
03:ce:f6:ba:86:20:b1:27:2d:4f:c1:ec:7c:71:72:
d1:9f:10:d5:2f:3b:15:0b:fa:7d:62:41:38:ef:3a:
1b:89:79:0c:5f:68:80:4e:55:98:51:37:e7:d6:2f:
07:04:00:69:d9:0c:a3:78:ee:4c:a9:af:65:40:5f:
b4:ce:c3:ce:2f:db:80:e3:d2:bd:0f:96:54:87:05:
dc:99:e6:ac:eb:09:d7:6a:6f:8b:36:9d:6a:98:26:
ec:8b:96:6f:9a:59:fd:4b:59:8a:a4:cd:9c:24:65:
5c:5b:78:08:c3:89:47:d5:f7:2d:04:38:80:d1:9b:
c3:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:AA:CF:A1:49:F9:62:E4:87:03:7E:CF:68:96:4C:F7:45:9E:D9:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7381c075-d96b-43bf-8a89-25dbab9a1a8d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010::/28
Signature Algorithm: sha256WithRSAEncryption
3c:5b:84:9d:d8:81:b8:92:91:43:e3:4f:95:34:cd:5b:3c:59:
ee:ab:1b:19:54:c0:6b:74:e3:db:82:10:b3:6d:ab:6e:84:a4:
d1:3d:8e:21:0c:8b:c1:21:43:0f:96:84:35:d4:d3:96:aa:16:
7b:74:d4:6f:96:bd:3d:ff:94:d4:4a:92:80:f6:c9:32:fc:04:
93:61:8b:fe:e2:30:d5:d9:43:0a:94:61:57:55:4a:6c:68:ee:
9f:23:23:49:c1:5c:1f:07:65:e9:c8:a9:81:d3:06:6e:77:45:
5a:79:57:1e:7f:55:8d:c3:20:1b:bd:9a:3c:79:f7:ce:e4:8a:
7f:b3:0d:87:e3:96:8f:69:87:a6:f3:a4:11:eb:de:1b:6f:0f:
c4:c1:f9:1c:26:47:95:5f:d9:4e:0e:11:00:1e:ad:30:38:66:
26:eb:33:b2:8a:73:2b:f7:f7:15:46:0f:71:89:03:99:b0:df:
5b:4b:50:b7:0f:7d:e3:e6:9d:ca:5f:8b:6b:76:79:04:28:f6:
9b:56:81:8b:8f:40:15:c3:a8:a4:e4:62:cf:2c:68:2d:e7:f1:
0e:70:ce:64:3d:a0:6b:08:2e:45:d8:03:32:48:be:c9:c3:03:
fd:16:c2:a1:8f:30:80:ba:34:90:41:4c:8a:ec:c2:6a:bb:66:
19:44:7f:8a
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUVFWcqQxlnsj6JAHMZwD0HB1eh+8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDkwMDIwMDVaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1YjFmODc0MmI5YzZiNGI4NTQ4NmU4NjA4YWM0MmE3ZDk4NmM2NTVhMWE1
ZjE0NjVlOWFiZjQ5Zjk2MzJjZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMz06iMwJvhvEp8kpheEezoh7xndYir5dSAUX4fgqDnzKo8t0WvJ4xQrQz1j
zbyWIcr4UqyLjA+xxtzCOZ9S/KkCf5RcCtqExliI7jUhwW+0rU6gTZLCQzIZE+q+
qqEpqqr9oEZsjlnyuUNbis/CaFasU/V7RZycLZL6u8hnd2kYnJnUpEdKA872uoYg
sSctT8HsfHFy0Z8Q1S87FQv6fWJBOO86G4l5DF9ogE5VmFE359YvBwQAadkMo3ju
TKmvZUBftM7Dzi/bgOPSvQ+WVIcF3JnmrOsJ12pvizadapgm7IuWb5pZ/UtZiqTN
nCRlXFt4CMOJR9X3LQQ4gNGbw2sCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQ3qs+h
Sfli5IcDfs9olkz3RZ7ZcTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM4MWMwNzUtZDk2Yi00M2JmLThhODktMjVkYmFiOWExYThkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBCoF0BAw
DQYJKoZIhvcNAQELBQADggEBADxbhJ3YgbiSkUPjT5U0zVs8We6rGxlUwGt049uC
ELNtq26EpNE9jiEMi8EhQw+WhDXU05aqFnt01G+WvT3/lNRKkoD2yTL8BJNhi/7i
MNXZQwqUYVdVSmxo7p8jI0nBXB8HZenIqYHTBm53RVp5Vx5/VY3DIBu9mjx5987k
in+zDYfjlo9ph6bzpBHr3htvD8TB+RwmR5Vf2U4OEQAerTA4ZibrM7KKcyv39xVG
D3GJA5mw31tLULcPfePmncpfi2t2eQQo9ptWgYuPQBXDqKTkYs8saC3n8Q5wzmQ9
oGsILkXYAzJIvsnDA/0WwqGPMIC6NJBBTIrswmq7ZhlEf4o=
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:22 2025 by rpki-client