Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
File: 97535b7f-b66d-439d-9398-8336783c9ea4.roa (raw, json)
Hash identifier: l84NnyaeNKahrffjtAZBo5uWnUEEqr/OEXjMz1sAJOU=
Subject key identifier: C5:C3:5C:46:43:1C:9F:1A:46:37:BF:D7:03:90:40:F7:79:42:4E:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B0352895EF1446953883EAB6356279A6A77854D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
Signing time: Tue 05 Aug 2025 18:40:14 +0000
ROA not before: Tue 05 Aug 2025 18:40:14 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:03:52:89:5e:f1:44:69:53:88:3e:ab:63:56:27:9a:6a:77:85:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:40:14 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=cfa123d763e266a23dbe8bee6279730dffe66df7a1796bf63e8a46a06063b3a4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:94:07:38:c8:96:74:5a:9d:e0:74:a2:98:33:
6b:28:04:43:73:da:ef:a6:56:33:0f:b3:9a:10:41:
a1:e4:a4:99:47:22:fd:27:a3:66:fa:d8:4d:14:4a:
94:5a:7b:c6:0d:fa:21:6e:5a:32:65:62:45:62:02:
d6:f6:f7:07:61:ed:68:83:4f:a9:24:cf:77:dc:a9:
74:73:26:fb:b6:44:1f:d2:5f:e1:13:c3:d6:a2:dd:
af:a3:29:b5:dc:c5:93:00:bd:21:11:9e:36:3d:d4:
67:4a:f9:df:b7:ca:df:fd:68:6b:38:ae:36:fd:bf:
7d:49:53:eb:e1:b8:a7:0f:36:b5:c0:18:a5:d9:5d:
9f:23:7f:5e:8b:7c:48:c1:57:e8:70:00:7a:af:55:
8a:1e:86:71:b9:d1:4d:ed:66:ab:e7:cd:fc:80:ec:
c7:ad:5d:d7:f6:9f:6d:ac:82:a9:75:22:cb:5d:55:
c5:50:7c:f3:a3:50:63:e2:ae:28:4f:80:67:f6:e4:
56:4c:17:68:80:2b:94:ae:e8:53:79:a3:21:37:8a:
2e:5b:82:8c:73:7b:46:d8:33:a4:a2:87:8e:97:a3:
d4:ae:15:ec:c6:2a:8c:b6:de:77:d9:59:9e:66:b4:
df:99:ed:da:5d:7e:13:c1:3f:5f:0a:4a:0c:37:c8:
f8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:C3:5C:46:43:1C:9F:1A:46:37:BF:D7:03:90:40:F7:79:42:4E:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97535b7f-b66d-439d-9398-8336783c9ea4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5040::/48
Signature Algorithm: sha256WithRSAEncryption
41:de:76:ef:6e:00:22:b0:67:21:8e:a2:cf:02:1f:ab:1b:52:
04:9e:d7:0c:50:6e:91:95:2f:12:72:63:fd:cc:6f:ab:76:73:
9a:76:00:52:4d:98:fd:cd:60:8c:2d:1a:32:ae:ff:11:c7:e3:
b1:50:87:57:ec:76:23:43:ae:06:b3:61:05:a3:e7:e5:aa:c1:
1a:58:3f:93:5d:0e:35:a7:7d:fb:d4:d7:81:93:9c:2c:6b:cb:
72:a8:65:15:a0:da:fc:e0:95:07:5d:d4:fb:24:5c:a4:69:17:
60:3c:e3:a9:03:50:8a:52:83:0b:79:55:be:28:f3:ee:16:4e:
ed:37:7f:45:f9:67:3e:37:bb:4b:7c:5d:b2:74:b0:f5:9f:15:
21:2f:9e:d2:ea:7b:63:da:8a:a0:5a:48:d2:c6:b6:71:25:1b:
c0:22:7d:7f:fc:c6:f8:b1:ec:93:dc:16:9a:62:ee:19:aa:0f:
51:93:a7:c9:f1:db:5c:83:93:da:a9:d7:da:da:4f:29:fa:77:
5e:1b:c6:ab:b0:cb:e4:95:c6:28:8c:e3:14:34:b0:49:4d:06:
37:72:a0:fc:16:9f:fd:9c:4e:cf:05:ef:34:3d:c4:49:d4:90:
f4:84:b4:ca:a5:37:47:d6:56:c1:60:79:9a:b1:2e:d8:f8:10:
b7:4d:2f:3d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUawNSiV7xRGlTiD6rY1Ynmmp3hU0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQwMTRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmYTEyM2Q3NjNlMjY2YTIzZGJlOGJlZTYyNzk3MzBkZmZlNjZkZjdhMTc5
NmJmNjNlOGE0NmEwNjA2M2IzYTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqUBzjIlnRaneB0opgzaygEQ3Pa76ZWMw+zmhBBoeSkmUci/SejZvrYTRRK
lFp7xg36IW5aMmViRWIC1vb3B2HtaINPqSTPd9ypdHMm+7ZEH9Jf4RPD1qLdr6Mp
tdzFkwC9IRGeNj3UZ0r537fK3/1oaziuNv2/fUlT6+G4pw82tcAYpdldnyN/Xot8
SMFX6HAAeq9Vih6GcbnRTe1mq+fN/IDsx61d1/afbayCqXUiy11VxVB886NQY+Ku
KE+AZ/bkVkwXaIArlK7oU3mjITeKLluCjHN7RtgzpKKHjpej1K4V7MYqjLbed9lZ
nma035nt2l1+E8E/XwpKDDfI+EMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTFw1xG
QxyfGkY3v9cDkED3eUJOPTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc1MzViN2YtYjY2ZC00MzlkLTkzOTgtODMzNjc4M2M5ZWE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAQd52724AIrBnIY6izwIfqxtSBJ7XDFBukZUv
EnJj/cxvq3ZzmnYAUk2Y/c1gjC0aMq7/EcfjsVCHV+x2I0OuBrNhBaPn5arBGlg/
k10ONad9+9TXgZOcLGvLcqhlFaDa/OCVB13U+yRcpGkXYDzjqQNQilKDC3lVvijz
7hZO7Td/RflnPje7S3xdsnSw9Z8VIS+e0up7Y9qKoFpI0sa2cSUbwCJ9f/zG+LHs
k9wWmmLuGaoPUZOnyfHbXIOT2qnX2tpPKfp3XhvGq7DL5JXGKIzjFDSwSU0GN3Kg
/Baf/ZxOzwXvND3ESdSQ9IS0yqU3R9ZWwWB5mrEu2PgQt00vPQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:29:45 2025 by rpki-client