Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1796bea-01c9-41b7-b13d-6932c4f36a42.roa
File: a1796bea-01c9-41b7-b13d-6932c4f36a42.roa (raw, json)
Hash identifier: xjSQVA/pC5JIgI6EHW/Yivy9tp+pibYlyhubu3N02qs=
Subject key identifier: 58:F7:59:78:B7:BE:68:2A:1E:33:CE:C5:6D:CC:CC:92:B2:20:57:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 41BBD4AF3B6DFADE17B445405007CABCD7F8A963
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1796bea-01c9-41b7-b13d-6932c4f36a42.roa
Signing time: Tue 05 Aug 2025 19:11:27 +0000
ROA not before: Tue 05 Aug 2025 19:11:27 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:bb:d4:af:3b:6d:fa:de:17:b4:45:40:50:07:ca:bc:d7:f8:a9:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:11:27 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=16b4f515f0104b431aff81c0f6f7707543c792f894b2f0db2a65c7e4bfb70256, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2f:84:b0:d1:71:51:8c:1d:91:30:8c:13:4c:
e8:20:50:20:cf:a1:68:b6:6a:7d:69:03:3e:c3:e2:
04:72:28:fc:64:70:d6:2d:26:ab:cc:33:e0:d8:74:
7b:03:30:ad:a1:41:e4:e1:3c:17:9f:93:9c:f4:b1:
57:dc:8b:67:80:2d:fd:32:f5:62:3f:04:f7:6c:64:
ab:31:87:87:f2:c0:b2:96:bb:83:38:bf:54:d9:67:
79:66:c0:be:a1:ec:45:1f:dd:da:f7:b8:2a:c8:5a:
c2:48:f4:47:f9:48:c9:69:e3:6b:2b:56:ac:8e:53:
70:4f:13:ef:19:2b:8a:30:d7:ce:c6:d3:ef:68:ce:
dd:09:e9:80:b3:da:3f:34:9f:c7:41:c1:35:e5:ba:
64:c2:0b:05:b6:a0:6b:18:e6:f7:e3:de:87:66:f0:
a3:5d:d5:eb:2a:83:8c:86:a7:01:8b:5d:50:6a:40:
c5:61:72:7e:35:f3:4f:ff:3a:d9:1f:10:d6:11:c7:
b3:c4:3e:03:36:ba:e6:e1:32:fe:05:ce:bd:64:8b:
55:60:f5:88:fc:1a:29:34:a5:ca:f3:c4:5b:c4:84:
ed:c5:28:99:ce:2a:a1:31:01:a2:b1:a1:84:fe:e0:
bb:ff:34:46:ad:c1:93:40:0a:ce:35:8b:17:cf:37:
fe:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:F7:59:78:B7:BE:68:2A:1E:33:CE:C5:6D:CC:CC:92:B2:20:57:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a1796bea-01c9-41b7-b13d-6932c4f36a42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a000::/40
Signature Algorithm: sha256WithRSAEncryption
3e:d7:29:4f:50:4a:42:55:66:46:2a:29:6e:2a:5f:91:a9:72:
7e:f3:24:f9:80:bf:0e:6d:f3:0c:c2:ad:0a:0f:53:95:d0:99:
41:e5:a0:65:0f:ed:e4:01:ee:b9:ed:c1:99:fb:5e:cb:64:cf:
92:82:5c:3e:d9:94:b1:91:24:86:a7:ba:0a:53:96:fa:e3:19:
3f:fc:ad:3f:03:c3:66:1b:a6:a6:fd:55:7d:c9:f2:6b:1b:de:
29:da:e3:ba:27:d6:af:ad:1f:82:51:1f:82:9c:e7:84:5a:cc:
9f:7b:c9:0e:5a:93:39:44:e1:80:ce:56:28:45:73:de:95:67:
0a:0a:65:55:4c:00:5b:d5:f2:9e:0f:42:b3:a6:16:2c:20:6c:
ed:14:20:a9:ac:7d:c1:25:d6:e6:9a:c4:d6:b2:fa:70:5b:9c:
ea:a3:38:b8:bb:ee:ff:82:40:3f:fc:ac:21:52:41:84:23:6c:
44:dd:06:64:d0:33:8e:be:10:f3:af:78:64:db:4b:6d:6e:6e:
f7:60:54:39:a4:c5:f4:e2:36:4b:70:13:4e:53:6f:d3:13:92:
69:8e:b6:99:35:7d:f5:30:9f:7c:38:da:30:a6:86:ba:e5:11:
e3:b2:35:07:e8:83:54:3c:dd:2a:7d:d2:9f:d5:4e:a7:be:8f:
cb:fa:cd:c8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQbvUrztt+t4XtEVAUAfKvNf4qWMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTExMjdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2YjRmNTE1ZjAxMDRiNDMxYWZmODFjMGY2Zjc3MDc1NDNjNzkyZjg5NGIy
ZjBkYjJhNjVjN2U0YmZiNzAyNTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANIvhLDRcVGMHZEwjBNM6CBQIM+haLZqfWkDPsPiBHIo/GRw1i0mq8wz4Nh0
ewMwraFB5OE8F5+TnPSxV9yLZ4At/TL1Yj8E92xkqzGHh/LAspa7gzi/VNlneWbA
vqHsRR/d2ve4Kshawkj0R/lIyWnjaytWrI5TcE8T7xkrijDXzsbT72jO3QnpgLPa
PzSfx0HBNeW6ZMILBbagaxjm9+Peh2bwo13V6yqDjIanAYtdUGpAxWFyfjXzT/86
2R8Q1hHHs8Q+Aza65uEy/gXOvWSLVWD1iPwaKTSlyvPEW8SE7cUomc4qoTEBorGh
hP7gu/80Rq3Bk0AKzjWLF883/jUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRY91l4
t75oKh4zzsVtzMySsiBX6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTE3OTZiZWEtMDFjOS00MWI3LWIxM2QtNjkzMmM0ZjM2YTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGg
MA0GCSqGSIb3DQEBCwUAA4IBAQA+1ylPUEpCVWZGKiluKl+RqXJ+8yT5gL8ObfMM
wq0KD1OV0JlB5aBlD+3kAe657cGZ+17LZM+Sglw+2ZSxkSSGp7oKU5b64xk//K0/
A8NmG6am/VV9yfJrG94p2uO6J9avrR+CUR+CnOeEWsyfe8kOWpM5ROGAzlYoRXPe
lWcKCmVVTABb1fKeD0KzphYsIGztFCCprH3BJdbmmsTWsvpwW5zqozi4u+7/gkA/
/KwhUkGEI2xE3QZk0DOOvhDzr3hk20ttbm73YFQ5pMX04jZLcBNOU2/TE5JpjraZ
NX31MJ98ONowpoa65RHjsjUH6INUPN0qfdKf1U6nvo/L+s3I
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:57 2025 by rpki-client