Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5bcb770-7e3d-4ccd-bf1c-4cc17ea01c1d.roa
File: a5bcb770-7e3d-4ccd-bf1c-4cc17ea01c1d.roa (raw, json)
Hash identifier: S3svrybFVQIoEM0RrJj10fgiBSjTBvK1lhB2eECg2fc=
Subject key identifier: 43:4C:2F:8E:C9:B5:F2:82:57:A2:4D:85:89:79:4D:6E:99:11:A9:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 681B360AC801CC0F22884B22486A4010E47123D1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5bcb770-7e3d-4ccd-bf1c-4cc17ea01c1d.roa
Signing time: Tue 19 Aug 2025 16:50:49 +0000
ROA not before: Tue 19 Aug 2025 16:50:49 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:1b:36:0a:c8:01:cc:0f:22:88:4b:22:48:6a:40:10:e4:71:23:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:49 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=9ab7c75d2e0f0233e25f6bfd4f372b7bacc3cd3aff4f25846d8666b3aa2d04ce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ed:5c:8d:f9:72:b0:bf:ee:d7:e4:ac:a2:b0:
2b:14:92:8d:f5:04:90:f3:aa:ac:02:34:15:2e:fb:
72:37:fb:94:ef:b4:bd:28:d2:51:71:16:35:bb:da:
1b:5d:03:34:04:fc:63:d8:a7:35:8e:81:c3:cf:2e:
ee:90:30:26:e9:80:19:8c:27:c1:4e:89:40:a3:30:
52:57:45:bd:65:a4:09:88:74:2f:9b:e3:05:f9:54:
82:32:7f:c0:ef:02:29:38:54:f6:0c:57:29:f5:b9:
d3:75:a9:bd:06:77:18:82:5b:03:81:07:17:11:85:
ab:58:4a:3e:d4:38:ba:a4:fa:ac:7f:b7:ae:8e:8b:
e7:96:00:7e:49:d7:07:1f:ac:92:23:45:1f:0a:30:
e7:23:67:a2:19:a8:1d:49:d6:42:45:7a:fe:a8:3d:
2a:5a:ed:a4:20:bd:f7:1c:bd:5f:a5:a0:c8:71:c1:
b5:f8:c6:38:3d:1a:09:d2:dd:f9:88:c2:ca:88:14:
a6:ae:ec:b6:42:44:3e:79:4d:60:bc:11:1e:d2:c2:
51:26:ba:68:0a:a9:f9:8f:e8:84:48:0d:74:04:30:
1b:3b:ff:1e:47:b3:dd:e6:a2:aa:fb:70:40:9c:b2:
d0:01:a9:95:4b:f9:62:a6:94:62:12:39:20:cf:e9:
bb:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:4C:2F:8E:C9:B5:F2:82:57:A2:4D:85:89:79:4D:6E:99:11:A9:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a5bcb770-7e3d-4ccd-bf1c-4cc17ea01c1d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b::/32
Signature Algorithm: sha256WithRSAEncryption
85:6a:6c:34:da:b1:30:d9:96:48:4e:25:94:bf:b6:7d:ff:20:
bb:0c:9c:3e:48:76:d0:ea:ef:c8:62:9f:8d:d2:21:8e:c2:a7:
0a:f6:94:8b:79:84:cd:86:dd:6c:fd:95:79:4a:a2:ee:4b:81:
c0:f9:43:f0:fe:ef:90:5c:fb:1f:b2:c0:41:ad:86:f2:07:9d:
f0:62:c8:01:99:1a:e4:73:04:61:ca:da:89:6c:d1:36:60:0c:
46:e8:f8:b3:d2:71:dd:90:43:1b:c4:f7:82:b2:28:ca:71:4d:
be:0d:59:65:82:22:62:13:be:e5:29:d1:49:44:8b:95:cf:2c:
4b:55:ca:6f:72:29:21:4d:6d:0a:3a:de:5c:cd:b2:fc:0e:51:
3b:5b:09:ef:63:5f:42:ea:83:4a:2b:88:50:ee:0e:ff:0a:c0:
ea:fd:b9:fe:dd:dc:b5:99:3a:37:c7:04:7d:ef:3e:83:d7:d6:
70:96:d9:73:55:9b:8a:5b:01:26:a3:7a:31:6c:46:59:15:7f:
79:11:9b:54:34:6d:ab:2d:56:1c:7c:59:e0:39:27:54:20:e9:
af:51:87:47:b7:b4:00:c1:23:5f:ed:08:5b:7c:59:92:71:58:
93:71:6a:a2:90:13:5f:5b:8b:e5:af:c1:3c:e0:e1:08:99:18:
0e:3f:a2:1b
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUaBs2CsgBzA8iiEsiSGpAEORxI9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwNDlaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhYjdjNzVkMmUwZjAyMzNlMjVmNmJmZDRmMzcyYjdiYWNjM2NkM2FmZjRm
MjU4NDZkODY2NmIzYWEyZDA0Y2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7tXI35crC/7tfkrKKwKxSSjfUEkPOqrAI0FS77cjf7lO+0vSjSUXEWNbva
G10DNAT8Y9inNY6Bw88u7pAwJumAGYwnwU6JQKMwUldFvWWkCYh0L5vjBflUgjJ/
wO8CKThU9gxXKfW503WpvQZ3GIJbA4EHFxGFq1hKPtQ4uqT6rH+3ro6L55YAfknX
Bx+skiNFHwow5yNnohmoHUnWQkV6/qg9KlrtpCC99xy9X6WgyHHBtfjGOD0aCdLd
+YjCyogUpq7stkJEPnlNYLwRHtLCUSa6aAqp+Y/ohEgNdAQwGzv/Hkez3eaiqvtw
QJyy0AGplUv5YqaUYhI5IM/pu3sCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRDTC+O
ybXygleiTYWJeU1umRGpGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTViY2I3NzAtN2UzZC00Y2NkLWJmMWMtNGNjMTdlYTAxYzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Fsw
DQYJKoZIhvcNAQELBQADggEBAIVqbDTasTDZlkhOJZS/tn3/ILsMnD5IdtDq78hi
n43SIY7Cpwr2lIt5hM2G3Wz9lXlKou5LgcD5Q/D+75Bc+x+ywEGthvIHnfBiyAGZ
GuRzBGHK2ols0TZgDEbo+LPScd2QQxvE94KyKMpxTb4NWWWCImITvuUp0UlEi5XP
LEtVym9yKSFNbQo63lzNsvwOUTtbCe9jX0Lqg0oriFDuDv8KwOr9uf7d3LWZOjfH
BH3vPoPX1nCW2XNVm4pbASajejFsRlkVf3kRm1Q0bastVhx8WeA5J1Qg6a9Rh0e3
tADBI1/tCFt8WZJxWJNxaqKQE19bi+WvwTzg4QiZGA4/ohs=
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:56 2025 by rpki-client