Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81554ff4-a7f9-41e4-90e9-b3761d63cb58.roa
File: 81554ff4-a7f9-41e4-90e9-b3761d63cb58.roa (raw, json)
Hash identifier: H9ldy9hvtsamrYvTxYLJ+qPw0s+02QU0y29XD9vItBw=
Subject key identifier: 81:7F:BF:C3:4D:EF:31:14:0B:34:EB:24:4F:9C:61:EA:35:4E:63:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 548016B21C745CECD57AA9D62EE5BB5273069DDC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81554ff4-a7f9-41e4-90e9-b3761d63cb58.roa
Signing time: Tue 05 Aug 2025 19:31:34 +0000
ROA not before: Tue 05 Aug 2025 19:31:34 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:80:16:b2:1c:74:5c:ec:d5:7a:a9:d6:2e:e5:bb:52:73:06:9d:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:31:34 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=d16f48d188f1a3496c25be09b3b48c56bf6cecbd94c5ea720d21551510eb40dd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:5e:4b:57:11:c2:de:72:8b:a2:0a:4d:e0:35:
35:8a:cf:d2:b7:2b:19:41:b5:89:22:56:5a:33:65:
d6:12:ca:de:40:f5:93:55:b1:5d:6c:63:9d:53:1c:
e4:9a:be:ae:07:58:06:ab:b2:57:2a:40:18:d1:1a:
5e:e1:12:44:16:9f:f2:8f:20:9c:9e:f2:d8:26:c4:
83:67:22:63:6f:b2:6b:6a:43:05:ef:4c:d6:e8:e0:
1b:a6:08:25:76:59:12:dc:17:ee:24:70:7d:5d:a1:
7d:7f:4f:a7:71:95:1b:ee:6e:6c:81:9d:8f:33:25:
4b:f2:d0:6d:b0:37:05:21:8a:ed:fe:93:c7:2d:3c:
d1:69:98:03:22:09:d5:f1:19:e4:f4:54:ca:03:10:
1c:5e:f8:43:93:60:2c:59:79:d4:90:53:b5:cc:3c:
b6:4a:a8:f1:95:38:48:7b:d7:de:26:41:a0:8e:a1:
b1:11:10:0d:4f:25:5e:78:4b:b7:6f:f2:56:c4:55:
26:dc:ed:ba:a5:14:7b:8e:00:aa:01:26:26:04:21:
c6:0f:d2:76:93:e2:47:94:17:e6:09:07:a9:9d:0a:
d3:e4:c4:dd:4d:f7:73:99:8a:83:88:88:39:4a:6c:
90:d5:2d:fc:7f:75:a8:3b:77:86:e7:c1:c0:af:86:
dd:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:7F:BF:C3:4D:EF:31:14:0B:34:EB:24:4F:9C:61:EA:35:4E:63:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81554ff4-a7f9-41e4-90e9-b3761d63cb58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e040::/48
Signature Algorithm: sha256WithRSAEncryption
79:bb:91:b9:26:18:4a:59:c7:56:00:ad:64:97:65:1b:cf:d8:
c1:54:fc:e2:8e:9a:86:10:2c:d8:f2:ec:1d:16:66:fa:0f:ef:
99:75:0f:27:db:03:6d:c3:08:75:d8:76:11:c2:d4:48:48:a3:
af:96:11:81:b5:54:c0:a7:aa:d3:50:08:f9:b7:a3:71:1a:1b:
7c:88:eb:8c:94:e2:28:05:b2:1c:b8:68:a6:cd:dc:41:71:bc:
12:5a:c6:38:f2:18:77:a2:2e:f4:10:6d:b6:86:23:d4:70:87:
fd:b1:c5:88:92:8a:ce:5f:fe:ff:b3:21:da:82:59:64:d7:82:
02:df:77:a1:06:95:43:41:e0:e9:89:b2:96:10:75:b1:35:ce:
12:05:7b:8e:59:e7:fc:3f:ff:f3:b8:37:0b:30:7b:1c:bf:aa:
23:4a:05:61:7a:06:26:6f:f0:85:c9:11:0d:32:fa:7d:c0:9a:
6f:1e:81:24:76:e0:9c:8e:32:63:d4:8f:01:fb:69:3e:86:85:
d1:e6:e7:2d:65:7d:02:fc:1e:c2:68:3a:4c:89:03:ae:23:ad:
4f:b3:83:1b:79:7a:6d:73:5f:cc:36:8a:1e:ea:3a:8b:00:55:
01:ba:05:d4:a7:cf:54:b3:df:1b:dc:aa:32:39:9f:5a:4f:c6:
db:4f:cd:da
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVIAWshx0XOzVeqnWLuW7UnMGndwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMxMzRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxNmY0OGQxODhmMWEzNDk2YzI1YmUwOWIzYjQ4YzU2YmY2Y2VjYmQ5NGM1
ZWE3MjBkMjE1NTE1MTBlYjQwZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMheS1cRwt5yi6IKTeA1NYrP0rcrGUG1iSJWWjNl1hLK3kD1k1WxXWxjnVMc
5Jq+rgdYBquyVypAGNEaXuESRBaf8o8gnJ7y2CbEg2ciY2+ya2pDBe9M1ujgG6YI
JXZZEtwX7iRwfV2hfX9Pp3GVG+5ubIGdjzMlS/LQbbA3BSGK7f6Txy080WmYAyIJ
1fEZ5PRUygMQHF74Q5NgLFl51JBTtcw8tkqo8ZU4SHvX3iZBoI6hsREQDU8lXnhL
t2/yVsRVJtztuqUUe44AqgEmJgQhxg/SdpPiR5QX5gkHqZ0K0+TE3U33c5mKg4iI
OUpskNUt/H91qDt3hufBwK+G3cECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSBf7/D
Te8xFAs06yRPnGHqNU5jaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODE1NTRmZjQtYTdmOS00MWU0LTkwZTktYjM3NjFkNjNjYjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLg
QDANBgkqhkiG9w0BAQsFAAOCAQEAebuRuSYYSlnHVgCtZJdlG8/YwVT84o6ahhAs
2PLsHRZm+g/vmXUPJ9sDbcMIddh2EcLUSEijr5YRgbVUwKeq01AI+bejcRobfIjr
jJTiKAWyHLhops3cQXG8ElrGOPIYd6Iu9BBttoYj1HCH/bHFiJKKzl/+/7Mh2oJZ
ZNeCAt93oQaVQ0Hg6YmylhB1sTXOEgV7jlnn/D//87g3CzB7HL+qI0oFYXoGJm/w
hckRDTL6fcCabx6BJHbgnI4yY9SPAftpPoaF0ebnLWV9Avwewmg6TIkDriOtT7OD
G3l6bXNfzDaKHuo6iwBVAboF1KfPVLPfG9yqMjmfWk/G20/N2g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:24 2025 by rpki-client