Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/757087af-5baf-4a2f-a9ec-dbadb47313e2.roa
File: 757087af-5baf-4a2f-a9ec-dbadb47313e2.roa (raw, json)
Hash identifier: OGjDxO5HCSDdpm0dJDyavX3PweE2+jWScQ8oR00WTUw=
Subject key identifier: 54:3D:5C:1D:F2:9E:A4:76:3E:B9:5D:AC:6D:0E:DF:18:45:2D:22:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A47CB55236A78462D48B315A52BFF5F06D4611B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/757087af-5baf-4a2f-a9ec-dbadb47313e2.roa
Signing time: Tue 05 Aug 2025 18:41:25 +0000
ROA not before: Tue 05 Aug 2025 18:41:25 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:50c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:47:cb:55:23:6a:78:46:2d:48:b3:15:a5:2b:ff:5f:06:d4:61:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:41:25 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=f1d1c55d6097cebf82ea5081e37824ab4c249dfa7a7c6c9a3be1e52ea716117f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:75:c1:e4:be:ee:bb:17:6b:c7:40:ad:b1:8b:
68:20:c0:7d:96:11:79:97:2e:c2:f2:4a:23:8d:5c:
93:c8:c1:33:b0:f7:06:c0:10:2d:28:28:70:08:86:
be:4b:01:55:f6:f1:29:53:2c:9b:6f:e8:2a:ce:4b:
96:4d:cf:21:ac:57:c3:76:26:11:8e:1b:7b:27:d8:
d7:ce:16:96:c6:c4:8b:c1:bb:03:48:05:53:75:29:
3c:a1:95:f7:b7:51:ba:31:de:35:85:d6:c5:1a:13:
c0:c9:2b:23:4e:50:1a:24:07:31:88:b6:b3:9f:1f:
3f:65:e9:df:3b:11:b6:5f:0f:b7:45:3f:e7:c2:43:
89:94:f3:ce:32:40:f5:d9:19:68:99:8d:5a:cf:26:
08:49:0f:cd:eb:76:be:f4:7f:47:7f:b4:10:03:7e:
95:89:fe:a1:51:37:7e:8a:3b:3e:7c:16:7c:1c:12:
87:db:a7:3c:cb:a4:40:e7:f0:d1:dd:05:75:ab:fe:
fd:5e:d1:1b:c7:21:02:3d:5a:97:57:71:95:fe:5e:
31:56:f4:43:0f:92:dd:90:10:ec:d1:02:e4:ea:e1:
39:d5:f1:6e:87:bf:1e:60:58:90:96:0b:e5:37:fb:
b5:d3:10:23:76:3a:13:a4:26:6c:ad:85:cf:01:cc:
a8:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:3D:5C:1D:F2:9E:A4:76:3E:B9:5D:AC:6D:0E:DF:18:45:2D:22:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/757087af-5baf-4a2f-a9ec-dbadb47313e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:50c0::/48
Signature Algorithm: sha256WithRSAEncryption
5d:eb:41:a0:97:70:d9:5b:0a:46:23:b6:5d:05:aa:04:d3:2e:
c0:c3:63:47:ac:5a:0c:b9:f8:78:49:ee:d1:d4:66:56:b7:cf:
64:8b:5c:88:e1:c1:0f:a7:6c:6a:5a:77:fc:3e:c1:3c:15:0c:
3a:d0:39:cb:db:08:6f:d7:cd:77:52:1d:3a:5b:a8:f8:13:7e:
a1:41:68:59:2c:74:9f:27:ae:96:57:eb:a7:90:4f:ca:70:6b:
4e:a1:c6:c8:39:65:be:a4:b0:89:d6:85:1e:8a:75:0f:1c:14:
69:43:86:85:c4:8f:57:f3:0a:f4:2b:6f:c7:36:49:9e:e3:b6:
57:44:fc:ae:a4:f5:f9:df:64:94:f7:54:26:40:47:29:10:1f:
a2:a2:3b:1d:4d:bc:91:be:8b:69:4f:d1:76:3a:2e:b4:64:6c:
07:ca:de:62:d9:2b:71:8a:49:2b:83:64:4c:e5:5d:ee:ee:2c:
e7:d9:d9:b6:c1:58:7e:d4:bc:47:68:b7:95:7f:59:8e:1a:99:
82:b4:bc:cb:32:95:5c:0b:8f:0b:34:db:0a:96:c8:5d:eb:b3:
52:c2:0f:ca:91:95:66:42:e7:fc:f2:65:b9:77:76:a1:d1:35:
50:f8:a0:17:c9:b3:62:6f:1c:78:8b:a0:0a:66:0d:77:86:4b:
ab:8f:f9:79
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKkfLVSNqeEYtSLMVpSv/XwbUYRswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQxMjVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxZDFjNTVkNjA5N2NlYmY4MmVhNTA4MWUzNzgyNGFiNGMyNDlkZmE3YTdj
NmM5YTNiZTFlNTJlYTcxNjExN2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ91weS+7rsXa8dArbGLaCDAfZYReZcuwvJKI41ck8jBM7D3BsAQLSgocAiG
vksBVfbxKVMsm2/oKs5Llk3PIaxXw3YmEY4beyfY184WlsbEi8G7A0gFU3UpPKGV
97dRujHeNYXWxRoTwMkrI05QGiQHMYi2s58fP2Xp3zsRtl8Pt0U/58JDiZTzzjJA
9dkZaJmNWs8mCEkPzet2vvR/R3+0EAN+lYn+oVE3foo7PnwWfBwSh9unPMukQOfw
0d0Fdav+/V7RG8chAj1al1dxlf5eMVb0Qw+S3ZAQ7NEC5OrhOdXxboe/HmBYkJYL
5Tf7tdMQI3Y6E6QmbK2FzwHMqGUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRUPVwd
8p6kdj65XaxtDt8YRS0iajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzU3MDg3YWYtNWJhZi00YTJmLWE5ZWMtZGJhZGI0NzMxM2UyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q
wDANBgkqhkiG9w0BAQsFAAOCAQEAXetBoJdw2VsKRiO2XQWqBNMuwMNjR6xaDLn4
eEnu0dRmVrfPZItciOHBD6dsalp3/D7BPBUMOtA5y9sIb9fNd1IdOluo+BN+oUFo
WSx0nyeullfrp5BPynBrTqHGyDllvqSwidaFHop1DxwUaUOGhcSPV/MK9CtvxzZJ
nuO2V0T8rqT1+d9klPdUJkBHKRAfoqI7HU28kb6LaU/RdjoutGRsB8reYtkrcYpJ
K4NkTOVd7u4s59nZtsFYftS8R2i3lX9ZjhqZgrS8yzKVXAuPCzTbCpbIXeuzUsIP
ypGVZkLn/PJluXd2odE1UPigF8mzYm8ceIugCmYNd4ZLq4/5eQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:14 2025 by rpki-client