Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
File: a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa (raw, json)
Hash identifier: jXKgbOB/D8TArDF/83r9PWqYuX2Ktiu0hfjlb4txDFA=
Subject key identifier: 57:97:DA:5E:21:0F:30:B6:1C:5C:1F:DB:FF:2C:78:82:32:BE:D6:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B52C1EA60B8BA8DFB9B5DB9AF7F70A8B43860A5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
Signing time: Tue 05 Aug 2025 19:21:53 +0000
ROA not before: Tue 05 Aug 2025 19:21:53 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:52:c1:ea:60:b8:ba:8d:fb:9b:5d:b9:af:7f:70:a8:b4:38:60:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:21:53 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=271d225c1ec74d0c0936f52ed091ae19fbaf971cdce2967b891738580547d3cf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6b:39:38:d8:40:90:55:82:c8:4d:7b:00:90:
46:ee:8a:09:62:17:88:76:02:bb:a4:05:e2:22:64:
ba:44:eb:13:7d:ef:02:7d:86:b9:1e:07:5d:37:27:
12:bd:03:f9:ea:39:46:69:1f:f9:0c:1f:b4:fc:b6:
38:5d:a1:18:c8:a3:80:de:8c:3c:b7:24:d0:6a:a0:
84:e7:70:2e:28:d1:e0:48:5d:d1:98:04:82:36:bb:
5b:d2:37:64:2f:71:13:94:71:a8:b4:8b:74:6c:b4:
b6:61:2b:bd:c4:d7:d5:a3:fa:8a:f1:58:51:4a:cf:
a3:a2:1a:b5:bc:3a:33:0b:6c:a2:48:72:c2:09:e0:
ac:5c:38:af:5e:ef:25:93:c3:48:29:67:c3:f3:e2:
80:db:68:a1:3c:c2:fd:55:34:a0:55:01:24:6c:df:
eb:d0:82:e3:50:cf:9b:b5:34:cf:67:2f:55:5d:bc:
b1:15:67:a0:b9:7c:34:c2:23:9e:4f:2b:5d:f8:82:
f7:7e:67:6f:a3:80:72:71:18:8d:1b:89:b1:d3:4d:
c5:25:cc:35:0b:a0:da:4e:f8:87:7a:a9:d2:8e:b1:
39:3d:e6:6b:22:af:45:f5:95:d1:6c:0c:eb:f9:54:
53:cc:22:59:7a:d0:5e:0e:d7:ec:0e:d9:ca:c4:e2:
d7:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:97:DA:5E:21:0F:30:B6:1C:5C:1F:DB:FF:2C:78:82:32:BE:D6:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6080::/48
Signature Algorithm: sha256WithRSAEncryption
78:5c:36:3f:6d:2c:74:89:de:3c:7b:da:2f:2f:3a:73:d7:cd:
8b:c7:b7:49:ba:5d:34:1c:ea:63:f7:57:57:9e:87:22:24:c2:
3a:60:49:22:5c:ae:82:0e:31:db:f4:14:bf:45:3d:d2:f3:38:
f3:28:22:d4:58:37:1e:21:d2:59:f0:16:ea:f9:b7:59:95:52:
58:3f:fd:44:33:cc:d8:e6:88:1d:fd:65:cb:0b:34:49:28:46:
1c:2c:31:0d:ad:d3:35:7d:51:90:7c:ac:62:eb:0a:f2:26:2e:
e7:f4:e0:63:8b:e3:d7:bb:de:17:90:0a:2c:8f:41:14:e7:6c:
24:ba:ea:82:6c:e9:dd:b3:18:42:3d:1e:80:ad:d6:0b:e2:15:
ad:6d:07:88:4b:81:3e:b4:92:26:17:4b:9f:59:20:59:22:a0:
e5:59:9e:c3:af:92:5e:ae:cd:0c:4f:62:d1:54:7e:2f:ab:2d:
d0:3a:d4:0e:d4:81:25:68:13:b7:f4:d5:40:d4:ae:f5:7d:ab:
33:79:86:ca:96:78:b8:5e:8f:fe:05:98:39:f6:63:ce:8d:82:
ac:28:87:33:99:e7:46:6b:26:fd:a1:ee:b8:34:64:dd:e5:9c:
e2:84:26:7c:c2:82:51:a9:2a:0a:f5:ba:cc:cf:40:1b:d5:44:
90:46:99:b5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUG1LB6mC4uo37m125r39wqLQ4YKUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIxNTNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3MWQyMjVjMWVjNzRkMGMwOTM2ZjUyZWQwOTFhZTE5ZmJhZjk3MWNkY2Uy
OTY3Yjg5MTczODU4MDU0N2QzY2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVrOTjYQJBVgshNewCQRu6KCWIXiHYCu6QF4iJkukTrE33vAn2GuR4HXTcn
Er0D+eo5Rmkf+QwftPy2OF2hGMijgN6MPLck0GqghOdwLijR4Ehd0ZgEgja7W9I3
ZC9xE5RxqLSLdGy0tmErvcTX1aP6ivFYUUrPo6Iatbw6MwtsokhywgngrFw4r17v
JZPDSClnw/PigNtooTzC/VU0oFUBJGzf69CC41DPm7U0z2cvVV28sRVnoLl8NMIj
nk8rXfiC935nb6OAcnEYjRuJsdNNxSXMNQug2k74h3qp0o6xOT3mayKvRfWV0WwM
6/lUU8wiWXrQXg7X7A7ZysTi1wsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRXl9pe
IQ8wthxcH9v/LHiCMr7W4TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQwZTJjZjItZDZlNC00ODEzLWE1YWEtNjIzZWRhODkyNmU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFg
gDANBgkqhkiG9w0BAQsFAAOCAQEAeFw2P20sdInePHvaLy86c9fNi8e3SbpdNBzq
Y/dXV56HIiTCOmBJIlyugg4x2/QUv0U90vM48ygi1Fg3HiHSWfAW6vm3WZVSWD/9
RDPM2OaIHf1lyws0SShGHCwxDa3TNX1RkHysYusK8iYu5/TgY4vj17veF5AKLI9B
FOdsJLrqgmzp3bMYQj0egK3WC+IVrW0HiEuBPrSSJhdLn1kgWSKg5Vmew6+SXq7N
DE9i0VR+L6st0DrUDtSBJWgTt/TVQNSu9X2rM3mGypZ4uF6P/gWYOfZjzo2CrCiH
M5nnRmsm/aHuuDRk3eWc4oQmfMKCUakqCvW6zM9AG9VEkEaZtQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:50:48 2025 by rpki-client