Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa
File: 98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa (raw, json)
Hash identifier: YeHZLBFXMllYik8F3fATP76E0EX5kmBIprNgOKDlN24=
Subject key identifier: B9:E5:40:ED:FB:CD:22:AB:8F:10:4B:06:16:3F:BA:CD:DA:11:82:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52F78707ADA32320D083AC80AD2CE6272CF9BEB0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa
Signing time: Tue 05 Aug 2025 20:11:30 +0000
ROA not before: Tue 05 Aug 2025 20:11:30 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:f7:87:07:ad:a3:23:20:d0:83:ac:80:ad:2c:e6:27:2c:f9:be:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:11:30 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=88186a35246042a3e4d9ef95da842ab1edbe478d292506e55995de56099cdaa1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a3:a6:94:b5:2c:40:31:4e:c8:c3:0d:18:41:
05:66:f5:dd:cc:a8:d9:4b:0f:32:ed:eb:79:3d:1b:
5a:eb:e3:66:bc:c2:2e:f1:d2:cd:42:3e:c1:74:ac:
53:8e:52:c5:7d:1c:62:4d:74:c7:46:f3:e8:8d:9d:
04:d5:02:ed:69:22:9a:6b:27:19:b5:89:81:93:37:
d3:81:30:96:83:d2:a3:db:a5:32:1c:7c:c5:d9:ea:
6e:c7:d9:6f:a1:01:3b:a6:b2:40:cc:b5:61:67:e7:
f1:c3:86:80:73:71:cf:42:c0:41:45:cc:9f:58:0b:
21:97:80:f3:b5:73:72:c7:46:d7:9e:f1:de:1a:c2:
c9:6f:83:08:dd:c2:18:ec:05:d9:4b:5b:42:46:41:
96:3a:76:33:36:f2:99:be:72:45:b3:d9:f3:c1:5d:
b3:97:ea:a3:12:22:00:9b:a7:d1:ad:e6:a1:c8:7d:
ca:bd:1d:9e:ca:47:87:58:7f:30:78:42:e7:8d:cb:
0e:24:c3:b2:48:25:b5:89:21:3a:05:25:61:3e:84:
14:24:8d:39:55:c6:e2:af:14:a6:f5:79:7c:fc:3e:
aa:31:40:4e:4e:a1:86:93:05:1c:42:af:77:ef:bd:
3f:85:06:ee:64:e4:70:9a:ef:66:3c:2b:34:c5:4c:
f0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:E5:40:ED:FB:CD:22:AB:8F:10:4B:06:16:3F:BA:CD:DA:11:82:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98cf55c5-bb4a-46a5-a667-901b1a2ffb4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015::/36
Signature Algorithm: sha256WithRSAEncryption
27:05:02:aa:66:90:d2:41:82:27:72:0c:6e:df:b1:25:43:d9:
1c:d8:92:06:64:20:1f:a1:f4:8b:0d:61:17:06:3f:e8:2b:94:
6c:86:96:d3:2d:46:63:76:5f:04:fd:7d:4a:24:0a:52:83:a1:
a6:a1:f7:d2:a7:71:a4:79:55:50:e4:1f:6f:7f:9c:00:e6:1f:
fb:aa:f1:bf:f9:c0:6f:9c:37:95:b4:3d:c6:bb:c9:f3:e6:52:
44:9d:99:dc:12:ff:63:3c:4d:90:ac:65:cd:0f:b7:99:07:f1:
16:f3:d6:71:3b:6e:05:23:f7:74:a1:3c:f0:b2:98:6d:bf:b4:
50:16:8a:57:99:b9:29:44:41:4f:fb:26:37:23:81:51:77:1b:
cb:8a:50:f6:f2:42:00:5e:94:98:45:66:38:a1:b3:d2:be:2e:
9b:3f:e6:4c:37:bf:6d:9a:c8:80:b8:d2:29:77:5a:b6:05:66:
2b:2c:4d:25:9f:cb:ee:22:77:1e:e7:cf:72:62:ba:36:83:4c:
ea:c5:24:8e:88:5a:95:c3:f1:f7:55:1f:92:39:f4:8b:6e:7b:
81:8a:ea:ab:58:a1:ec:ab:72:a5:d7:6f:96:6e:2e:06:3c:72:
d8:5a:ec:e4:80:5b:aa:82:b9:a6:ec:9b:87:8f:cc:56:aa:6e:
83:20:58:e3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUveHB62jIyDQg6yArSzmJyz5vrAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDExMzBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4MTg2YTM1MjQ2MDQyYTNlNGQ5ZWY5NWRhODQyYWIxZWRiZTQ3OGQyOTI1
MDZlNTU5OTVkZTU2MDk5Y2RhYTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSjppS1LEAxTsjDDRhBBWb13cyo2UsPMu3reT0bWuvjZrzCLvHSzUI+wXSs
U45SxX0cYk10x0bz6I2dBNUC7WkimmsnGbWJgZM304EwloPSo9ulMhx8xdnqbsfZ
b6EBO6ayQMy1YWfn8cOGgHNxz0LAQUXMn1gLIZeA87VzcsdG157x3hrCyW+DCN3C
GOwF2UtbQkZBljp2Mzbymb5yRbPZ88Fds5fqoxIiAJun0a3moch9yr0dnspHh1h/
MHhC543LDiTDskgltYkhOgUlYT6EFCSNOVXG4q8UpvV5fPw+qjFATk6hhpMFHEKv
d++9P4UG7mTkcJrvZjwrNMVM8GcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS55UDt
+80iq48QSwYWP7rN2hGCUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OThjZjU1YzUtYmI0YS00NmE1LWE2NjctOTAxYjFhMmZmYjRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BUA
MA0GCSqGSIb3DQEBCwUAA4IBAQAnBQKqZpDSQYIncgxu37ElQ9kc2JIGZCAfofSL
DWEXBj/oK5RshpbTLUZjdl8E/X1KJApSg6GmoffSp3GkeVVQ5B9vf5wA5h/7qvG/
+cBvnDeVtD3Gu8nz5lJEnZncEv9jPE2QrGXND7eZB/EW89ZxO24FI/d0oTzwspht
v7RQFopXmbkpREFP+yY3I4FRdxvLilD28kIAXpSYRWY4obPSvi6bP+ZMN79tmsiA
uNIpd1q2BWYrLE0ln8vuInce589yYro2g0zqxSSOiFqVw/H3VR+SOfSLbnuBiuqr
WKHsq3Kl12+Wbi4GPHLYWuzkgFuqgrmm7JuHj8xWqm6DIFjj
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:44:48 2025 by rpki-client