Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a0c32c3b-d8db-4386-9538-641f27723456.roa
File: a0c32c3b-d8db-4386-9538-641f27723456.roa (raw, json)
Hash identifier: p98kgFQtWgU7Qjxxa9E008oHUqqioewA0pihVYmRNGw=
Subject key identifier: 88:D6:8E:4F:0D:D5:B4:1F:A8:6A:C2:24:09:84:82:29:90:82:31:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 436795EE62369B4EB6FC053004C48F35A40B9491
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a0c32c3b-d8db-4386-9538-641f27723456.roa
Signing time: Tue 19 Aug 2025 16:50:10 +0000
ROA not before: Tue 19 Aug 2025 16:50:10 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:67:95:ee:62:36:9b:4e:b6:fc:05:30:04:c4:8f:35:a4:0b:94:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:10 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=03767414c25776f4b802d3ca316fadb47143a2954c79be1d6bc8ce2ca6aa57de, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d1:46:9e:20:7e:cd:54:50:cd:95:de:99:f4:
ce:d8:65:e7:ec:09:f2:2e:b0:72:39:ba:64:2e:3f:
f1:21:f0:7c:45:df:91:33:38:97:81:dd:55:33:99:
37:f3:93:ac:b1:92:ab:f1:8f:c5:84:42:f6:28:14:
fc:d2:81:d0:a3:03:7d:a2:2b:d0:fe:05:ff:0b:d4:
5e:84:9b:78:a0:88:9b:6b:cf:dc:45:34:85:e4:40:
3e:85:f9:af:2b:6d:b4:14:a9:41:37:69:0c:c4:64:
eb:ae:ae:dc:c1:c7:a3:99:07:f3:cb:5b:17:76:6f:
b6:5c:c7:a2:7f:18:ff:d6:cd:f3:d9:4b:c0:0f:f9:
cc:92:73:95:56:a7:b3:93:76:52:8a:60:f6:42:12:
e3:23:c6:55:62:b3:84:7c:a0:d5:f5:6d:92:47:18:
67:02:0c:09:32:13:d0:91:67:7d:d5:ae:b0:28:df:
7a:32:3f:f6:c2:2b:36:81:84:ee:83:98:cb:1b:77:
91:66:18:42:d2:b3:64:b3:46:75:55:c8:b3:d5:3c:
dc:66:1a:e0:fc:df:43:99:46:c2:97:02:47:3e:7e:
e8:c9:15:bb:64:13:e7:41:db:e6:1b:f2:33:94:de:
88:03:51:c3:29:84:20:b0:4c:e5:39:7d:45:07:8c:
65:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D6:8E:4F:0D:D5:B4:1F:A8:6A:C2:24:09:84:82:29:90:82:31:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a0c32c3b-d8db-4386-9538-641f27723456.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:5000::/40
Signature Algorithm: sha256WithRSAEncryption
18:45:f5:04:1d:e8:e0:f0:04:35:a8:91:6a:fc:21:69:e1:75:
e4:0b:fc:b6:f8:02:c6:04:6d:23:a9:d9:1f:b2:4f:ae:18:40:
5d:39:e4:f5:cd:37:cd:8e:20:50:af:41:e5:76:7b:bd:bd:db:
35:80:92:7b:c9:0d:9b:8b:7e:1d:78:c7:68:8d:c8:fd:99:0a:
26:57:6f:9f:9b:3c:df:48:5c:66:b9:44:2c:9f:2b:96:46:ca:
87:84:70:d7:7b:4f:9e:e9:05:1c:a3:bf:1b:c9:6a:1d:8c:d8:
44:d4:01:90:81:aa:f3:5c:c4:9f:36:40:97:2e:ca:79:b5:44:
a6:91:d6:03:39:91:da:86:97:06:16:e1:91:8b:d6:e7:6d:73:
20:0d:71:6a:30:b8:3b:47:9d:62:88:d1:ab:bf:df:f4:7b:7a:
78:1e:5e:0b:86:20:45:67:6b:42:5b:18:4d:39:ad:6d:2a:a0:
32:16:9d:cf:0c:ba:d1:25:9b:21:10:f2:d6:24:1d:3e:a1:bb:
9a:fc:32:b5:e7:92:7b:3f:03:0f:00:52:23:b5:01:97:6c:7b:
83:e8:5c:0a:be:6e:d3:cf:a9:68:65:b7:e7:fb:22:27:f6:28:
4c:fd:0c:65:a6:78:77:a6:fc:6e:9d:50:8a:2f:e4:3e:f7:a2:
c7:3e:97:7e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQ2eV7mI2m062/AUwBMSPNaQLlJEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwMTBaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzNzY3NDE0YzI1Nzc2ZjRiODAyZDNjYTMxNmZhZGI0NzE0M2EyOTU0Yzc5
YmUxZDZiYzhjZTJjYTZhYTU3ZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMbRRp4gfs1UUM2V3pn0zthl5+wJ8i6wcjm6ZC4/8SHwfEXfkTM4l4HdVTOZ
N/OTrLGSq/GPxYRC9igU/NKB0KMDfaIr0P4F/wvUXoSbeKCIm2vP3EU0heRAPoX5
rytttBSpQTdpDMRk666u3MHHo5kH88tbF3ZvtlzHon8Y/9bN89lLwA/5zJJzlVan
s5N2Uopg9kIS4yPGVWKzhHyg1fVtkkcYZwIMCTIT0JFnfdWusCjfejI/9sIrNoGE
7oOYyxt3kWYYQtKzZLNGdVXIs9U83GYa4PzfQ5lGwpcCRz5+6MkVu2QT50Hb5hvy
M5TeiANRwymEILBM5Tl9RQeMZYsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSI1o5P
DdW0H6hqwiQJhIIpkIIxYjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTBjMzJjM2ItZDhkYi00Mzg2LTk1MzgtNjQxZjI3NzIzNDU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FlQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAYRfUEHejg8AQ1qJFq/CFp4XXkC/y2+ALGBG0j
qdkfsk+uGEBdOeT1zTfNjiBQr0Hldnu9vds1gJJ7yQ2bi34deMdojcj9mQomV2+f
mzzfSFxmuUQsnyuWRsqHhHDXe0+e6QUco78byWodjNhE1AGQgarzXMSfNkCXLsp5
tUSmkdYDOZHahpcGFuGRi9bnbXMgDXFqMLg7R51iiNGrv9/0e3p4Hl4LhiBFZ2tC
WxhNOa1tKqAyFp3PDLrRJZshEPLWJB0+obua/DK155J7PwMPAFIjtQGXbHuD6FwK
vm7Tz6loZbfn+yIn9ihM/Qxlpnh3pvxunVCKL+Q+96LHPpd+
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:50:53 2025 by rpki-client