Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
File: 92652652-28d6-49c1-8ea6-f5079f374345.roa (raw, json)
Hash identifier: MShXUkffRjJFPH5N2rpZ2guBTYMh25AL/kIpbM0vhnA=
Subject key identifier: 9D:CE:CF:95:84:19:4E:3F:97:FB:19:C7:4C:E7:83:44:B2:EC:36:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B2F4600E6A5EE9267CF9523DCE44160FC53EDF8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
Signing time: Tue 05 Aug 2025 19:10:41 +0000
ROA not before: Tue 05 Aug 2025 19:10:41 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:2f:46:00:e6:a5:ee:92:67:cf:95:23:dc:e4:41:60:fc:53:ed:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:10:41 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=f5ee5a44d34f94edb7c6cede2ad14cd6c6679d48c40c01313bc4a4df31113f7b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:dd:01:83:34:cd:c5:59:28:e2:0f:4d:c9:a8:
3b:42:3a:c4:bc:6d:fb:b7:9d:6a:04:36:f5:23:3e:
b9:77:c1:c8:f2:02:a9:dc:31:82:89:d5:0a:b9:4b:
18:dc:8c:97:0d:80:95:92:12:78:49:3d:be:30:78:
1b:19:f5:6f:f1:3e:86:5d:d8:17:ab:78:b8:96:6b:
52:f7:b7:8c:c6:cb:94:02:89:fb:3f:04:9b:4b:09:
c6:e5:c5:8e:1b:8f:ba:59:47:32:4b:00:f9:10:13:
18:6c:53:fe:29:37:91:1d:cf:f7:74:d7:f4:61:b9:
87:f1:82:1e:3a:2b:5b:c4:a2:30:e9:81:0c:bc:1c:
e1:c3:c7:7d:4a:8b:2b:7e:0b:75:a6:e1:56:e9:02:
d6:57:8a:fc:e8:4a:4d:58:de:0e:c8:1f:d8:97:c2:
83:a5:41:a7:99:40:f6:bb:8e:37:e9:f4:e1:83:45:
c0:69:48:c4:3b:df:7e:ef:f5:09:25:9f:a9:f4:15:
21:a1:47:22:62:48:2e:65:2a:31:17:7e:73:c0:9f:
75:37:94:e0:3a:f6:64:e0:2b:e6:fa:c2:8e:4a:12:
c7:a1:e2:ba:25:8b:79:2e:e1:a0:9d:60:5c:fd:2b:
95:79:95:ce:7a:01:18:33:e6:da:37:d2:d9:74:06:
34:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CE:CF:95:84:19:4E:3F:97:FB:19:C7:4C:E7:83:44:B2:EC:36:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4060::/48
Signature Algorithm: sha256WithRSAEncryption
19:c3:64:51:0c:fd:29:40:b5:19:bb:98:a8:1f:70:42:87:03:
18:24:2b:d7:74:d3:cd:cb:b0:62:26:0b:b6:b7:d8:5e:20:bf:
ff:c3:a0:0e:cc:8c:0e:95:bf:55:83:79:4c:db:bb:89:5b:7f:
b0:e3:e4:ff:23:3b:ce:9e:5f:1f:d7:21:3f:41:45:68:a4:61:
15:89:09:72:7e:97:e5:a9:98:88:43:b2:42:8f:fb:79:90:64:
2d:8c:f9:0a:2c:3d:36:d1:4e:ad:8d:4e:23:23:2c:38:de:e3:
b3:65:52:70:f6:3f:15:6c:90:33:ee:0f:9a:e6:14:bd:2d:6c:
a6:62:41:19:c6:78:8c:89:c2:e5:42:9d:ae:cd:b9:1d:89:f4:
86:c3:35:86:39:28:08:0d:0e:ce:eb:ee:6b:5c:57:b4:97:0a:
11:aa:f1:21:19:e5:26:60:da:bb:f5:e0:93:45:6d:2c:41:c4:
a8:90:8c:e3:59:3f:7d:cf:ab:26:cd:d8:e4:ca:28:7e:47:75:
a1:ea:4b:be:45:8c:9e:21:96:1e:c9:94:35:38:f2:a0:45:c3:
0b:02:db:a5:0b:b4:c2:9a:3c:96:89:67:eb:a8:49:c9:c1:63:
55:23:12:ca:39:f2:7f:f3:99:46:3b:82:52:f4:8e:0c:06:74:
23:a9:e4:cf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWy9GAOal7pJnz5Uj3ORBYPxT7fgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTEwNDFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1ZWU1YTQ0ZDM0Zjk0ZWRiN2M2Y2VkZTJhZDE0Y2Q2YzY2NzlkNDhjNDBj
MDEzMTNiYzRhNGRmMzExMTNmN2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOHdAYM0zcVZKOIPTcmoO0I6xLxt+7edagQ29SM+uXfByPICqdwxgonVCrlL
GNyMlw2AlZISeEk9vjB4Gxn1b/E+hl3YF6t4uJZrUve3jMbLlAKJ+z8Em0sJxuXF
jhuPullHMksA+RATGGxT/ik3kR3P93TX9GG5h/GCHjorW8SiMOmBDLwc4cPHfUqL
K34LdabhVukC1leK/OhKTVjeDsgf2JfCg6VBp5lA9ruON+n04YNFwGlIxDvffu/1
CSWfqfQVIaFHImJILmUqMRd+c8CfdTeU4Dr2ZOAr5vrCjkoSx6HiuiWLeS7hoJ1g
XP0rlXmVznoBGDPm2jfS2XQGNH0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSdzs+V
hBlOP5f7GcdM54NEsuw2xDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTI2NTI2NTItMjhkNi00OWMxLThlYTYtZjUwNzlmMzc0MzQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
YDANBgkqhkiG9w0BAQsFAAOCAQEAGcNkUQz9KUC1GbuYqB9wQocDGCQr13TTzcuw
YiYLtrfYXiC//8OgDsyMDpW/VYN5TNu7iVt/sOPk/yM7zp5fH9chP0FFaKRhFYkJ
cn6X5amYiEOyQo/7eZBkLYz5Ciw9NtFOrY1OIyMsON7js2VScPY/FWyQM+4PmuYU
vS1spmJBGcZ4jInC5UKdrs25HYn0hsM1hjkoCA0Ozuvua1xXtJcKEarxIRnlJmDa
u/Xgk0VtLEHEqJCM41k/fc+rJs3Y5Moofkd1oepLvkWMniGWHsmUNTjyoEXDCwLb
pQu0wpo8loln66hJycFjVSMSyjnyf/OZRjuCUvSODAZ0I6nkzw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:05:14 2025 by rpki-client