Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8cd111d-bddb-47e0-af43-fc5a8d930376.roa
File: a8cd111d-bddb-47e0-af43-fc5a8d930376.roa (raw, json)
Hash identifier: jyF9g+W5MV5INmxhObYChYBn2kC+WP3pSmc+w3wMm/E=
Subject key identifier: 9A:47:EA:AE:56:91:77:52:C8:7C:B4:BA:56:30:17:80:53:AD:AA:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55A510196092B43C83B1213C248E54E8AC8076F2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8cd111d-bddb-47e0-af43-fc5a8d930376.roa
Signing time: Tue 05 Aug 2025 19:11:21 +0000
ROA not before: Tue 05 Aug 2025 19:11:21 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:a5:10:19:60:92:b4:3c:83:b1:21:3c:24:8e:54:e8:ac:80:76:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:11:21 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=8f157b35ce438b479980cb791f241b6200c94665ff252eebee21946502fd3a3f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cd:5a:81:82:ed:3b:0c:a7:75:41:38:41:78:
21:ae:e0:66:6b:99:fb:d7:a1:f1:6c:95:40:90:e0:
6b:2e:25:18:2c:ce:4c:9c:81:f1:06:7f:28:96:68:
dc:3c:db:ce:a2:85:74:f5:66:b9:81:2b:9f:55:13:
e8:0c:17:1c:9e:66:e2:5e:e2:2c:4e:49:ca:bf:87:
d2:63:44:bf:8a:92:f1:df:e3:c1:72:6d:fa:c8:de:
72:d9:b7:b7:42:b7:c8:55:a9:6a:8e:e2:b7:9f:1a:
63:29:ce:ca:99:60:dd:53:fa:20:4d:dc:6d:58:75:
c5:31:69:05:af:a4:c9:cd:5f:71:d4:dc:90:10:f6:
c9:55:0a:cf:17:64:6e:a9:e9:cf:96:39:a9:3f:4b:
de:d8:17:1d:5b:be:8c:01:af:09:3d:d4:fd:c3:8a:
b4:15:93:c4:b7:e2:65:09:be:93:b3:b5:ff:10:c5:
79:b0:2e:57:64:93:57:f6:ce:54:89:0a:2a:a4:40:
14:6a:32:9f:cd:94:6a:30:4c:29:1d:27:db:b3:fe:
ba:5c:59:72:d8:f1:84:78:a2:9a:ec:df:7d:17:a0:
1f:1e:23:8d:77:48:7e:73:18:b2:93:ba:c4:38:24:
dd:0b:7c:9f:fc:1d:48:d8:78:0a:0b:69:9f:4f:a5:
12:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:47:EA:AE:56:91:77:52:C8:7C:B4:BA:56:30:17:80:53:AD:AA:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a8cd111d-bddb-47e0-af43-fc5a8d930376.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:1000::/40
Signature Algorithm: sha256WithRSAEncryption
5e:42:95:7a:4c:3a:af:0c:2e:88:25:2f:ff:05:f8:d4:2a:44:
7b:0c:b3:29:a2:92:2d:be:08:d4:55:09:2a:83:19:5a:29:8b:
e8:7a:83:0e:ac:32:74:c7:8b:16:14:71:7c:d4:34:b4:f6:79:
9d:75:f8:50:5a:a9:71:30:04:32:65:e6:11:e7:1a:53:53:69:
fa:77:2c:52:cd:a7:35:00:b8:83:87:0f:cb:3c:4b:e4:8c:b8:
24:10:a8:f5:a4:bc:af:d1:5f:e3:81:7c:04:3f:62:ae:c0:8b:
76:ac:5f:e0:c8:43:02:92:89:a7:78:ed:e5:ac:93:20:73:1f:
f5:80:c6:31:47:b1:8f:00:97:93:61:fa:b1:20:e2:f3:f7:ab:
5f:66:29:4d:64:2e:9b:40:53:bd:bb:c3:37:bd:7f:cd:32:78:
e6:9a:42:8d:5c:b9:f8:c7:9f:04:e1:dc:c1:e9:04:81:91:c7:
4f:e9:28:fe:f8:0c:39:48:45:4b:68:75:d5:c9:a9:1d:ec:81:
bf:97:65:0f:15:50:91:ab:b1:57:04:96:f1:cb:f0:79:66:05:
1c:87:9e:7d:4f:8f:c9:b5:26:74:f9:18:50:6f:40:bf:d9:b9:
fa:5b:cb:b0:06:ad:2e:79:fa:68:8d:39:a5:52:e1:b9:af:f9:
a5:a2:e1:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVaUQGWCStDyDsSE8JI5U6KyAdvIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTExMjFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmMTU3YjM1Y2U0MzhiNDc5OTgwY2I3OTFmMjQxYjYyMDBjOTQ2NjVmZjI1
MmVlYmVlMjE5NDY1MDJmZDNhM2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKDNWoGC7TsMp3VBOEF4Ia7gZmuZ+9eh8WyVQJDgay4lGCzOTJyB8QZ/KJZo
3DzbzqKFdPVmuYErn1UT6AwXHJ5m4l7iLE5Jyr+H0mNEv4qS8d/jwXJt+sjectm3
t0K3yFWpao7it58aYynOyplg3VP6IE3cbVh1xTFpBa+kyc1fcdTckBD2yVUKzxdk
bqnpz5Y5qT9L3tgXHVu+jAGvCT3U/cOKtBWTxLfiZQm+k7O1/xDFebAuV2STV/bO
VIkKKqRAFGoyn82UajBMKR0n27P+ulxZctjxhHiimuzffRegHx4jjXdIfnMYspO6
xDgk3Qt8n/wdSNh4Cgtpn0+lEh0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSaR+qu
VpF3Ush8tLpWMBeAU62qKzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YThjZDExMWQtYmRkYi00N2UwLWFmNDMtZmM1YThkOTMwMzc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DEQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBeQpV6TDqvDC6IJS//BfjUKkR7DLMpopItvgjU
VQkqgxlaKYvoeoMOrDJ0x4sWFHF81DS09nmddfhQWqlxMAQyZeYR5xpTU2n6dyxS
zac1ALiDhw/LPEvkjLgkEKj1pLyv0V/jgXwEP2KuwIt2rF/gyEMCkomneO3lrJMg
cx/1gMYxR7GPAJeTYfqxIOLz96tfZilNZC6bQFO9u8M3vX/NMnjmmkKNXLn4x58E
4dzB6QSBkcdP6Sj++Aw5SEVLaHXVyakd7IG/l2UPFVCRq7FXBJbxy/B5ZgUch559
T4/JtSZ0+RhQb0C/2bn6W8uwBq0uefpojTmlUuG5r/mlouGR
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:24 2025 by rpki-client