Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3515426-a058-439f-a8fc-e68eaafc8806.roa
File: b3515426-a058-439f-a8fc-e68eaafc8806.roa (raw, json)
Hash identifier: sqcEUuAiUEwzGiNZpQw+N86aLu3+HYPNWsttAPbxJ+c=
Subject key identifier: 5C:5D:2D:DC:12:C6:BA:B1:C7:19:71:41:40:7D:6E:99:04:CB:45:C2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2AF9085862F9BCB9C827755B9F0640311E92A888
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3515426-a058-439f-a8fc-e68eaafc8806.roa
Signing time: Wed 06 Aug 2025 00:50:54 +0000
ROA not before: Wed 06 Aug 2025 00:50:54 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:f9:08:58:62:f9:bc:b9:c8:27:75:5b:9f:06:40:31:1e:92:a8:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:54 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=25499934b8b2279724e3c9129dbf0183d0fdff5a1ff58ea02c00a532bfe93a6f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:0a:53:e6:1c:1e:c4:26:36:58:4d:ae:36:e6:
e1:26:e8:d4:f9:a6:d3:2b:d6:ce:61:1d:31:93:d9:
2b:08:04:bd:5d:d4:02:e4:ca:2b:ea:eb:a6:8f:d2:
7e:04:68:49:8a:50:e8:1e:4c:79:fb:49:cb:1c:6d:
3d:59:7f:ad:1b:40:c7:20:37:c7:9f:7d:52:39:67:
64:50:f0:1b:9b:d5:72:82:db:75:95:c7:af:52:8a:
bb:c2:7f:a9:e1:69:90:95:10:13:c7:c9:e8:64:3b:
f6:e2:1b:1e:8b:97:ee:55:18:0c:30:c1:6a:a5:15:
00:f1:d6:79:09:5a:24:e0:96:be:33:00:cc:cb:b2:
e7:57:0b:a2:ab:08:34:00:37:14:2b:90:18:af:ee:
57:69:31:99:b7:56:ba:d5:06:2e:2e:35:00:f2:3a:
b1:23:d5:13:5a:2e:b4:4d:02:b1:45:1d:40:91:fc:
82:9d:6f:db:e1:b3:79:9c:ce:b3:29:f4:c1:f9:5a:
0e:42:5c:8c:27:31:e2:44:9d:bd:69:55:e8:cc:e6:
d5:d4:6e:3a:b5:7f:eb:c8:d1:cd:b1:53:3e:30:79:
8a:e5:9d:df:d3:64:3d:6f:44:b0:57:f5:e6:70:cc:
55:5a:ab:4c:cc:b7:de:24:f1:83:2a:88:5e:18:93:
09:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:5D:2D:DC:12:C6:BA:B1:C7:19:71:41:40:7D:6E:99:04:CB:45:C2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3515426-a058-439f-a8fc-e68eaafc8806.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:8000::/40
Signature Algorithm: sha256WithRSAEncryption
86:4d:24:4e:2e:2e:5a:64:90:dd:d9:98:fe:5a:ac:06:5a:52:
61:1c:15:b6:10:18:ac:98:b2:31:98:d6:a0:f9:53:0d:d3:40:
d3:2b:89:f4:06:b5:58:da:18:da:6b:c5:c5:b5:e0:8b:cb:30:
11:2b:8d:b5:b4:06:1e:8e:cc:92:cb:e7:95:4a:ae:6c:39:f0:
fb:2b:82:f1:cc:54:b4:b2:68:b9:e9:db:c7:f9:96:14:4d:49:
09:ff:93:b8:7f:1f:3a:db:b6:a4:41:2f:8a:45:5a:12:0d:fe:
6c:7b:4c:d5:c1:c3:ac:05:c6:7e:c5:de:94:ac:b2:58:ce:35:
4c:4c:ac:78:71:8b:19:e0:ba:41:22:ce:88:3d:88:d7:83:5c:
05:61:e4:27:bd:3c:bd:13:88:5d:69:69:c2:9f:1e:3e:3e:5b:
c0:4a:ce:b3:c5:ed:4d:73:bf:3b:54:2d:fa:f5:43:18:08:e7:
8d:3d:68:b6:c1:72:36:9b:b3:89:96:69:aa:88:85:38:ba:21:
c5:72:4a:00:a1:c6:a6:60:b9:4d:86:7f:46:e8:3a:2b:1a:8e:
83:7e:9f:5d:62:14:b1:28:c1:ba:89:0d:55:0b:9c:36:4f:e1:
12:3a:94:f0:cb:22:14:91:1b:f1:9b:b3:a0:e7:b0:98:0e:a1:
50:20:6e:a1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKvkIWGL5vLnIJ3VbnwZAMR6SqIgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwNTRaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1NDk5OTM0YjhiMjI3OTcyNGUzYzkxMjlkYmYwMTgzZDBmZGZmNWExZmY1
OGVhMDJjMDBhNTMyYmZlOTNhNmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO4KU+YcHsQmNlhNrjbm4Sbo1Pmm0yvWzmEdMZPZKwgEvV3UAuTKK+rrpo/S
fgRoSYpQ6B5MeftJyxxtPVl/rRtAxyA3x599UjlnZFDwG5vVcoLbdZXHr1KKu8J/
qeFpkJUQE8fJ6GQ79uIbHouX7lUYDDDBaqUVAPHWeQlaJOCWvjMAzMuy51cLoqsI
NAA3FCuQGK/uV2kxmbdWutUGLi41API6sSPVE1outE0CsUUdQJH8gp1v2+GzeZzO
syn0wflaDkJcjCcx4kSdvWlV6Mzm1dRuOrV/68jRzbFTPjB5iuWd39NkPW9EsFf1
5nDMVVqrTMy33iTxgyqIXhiTCZUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRcXS3c
Esa6sccZcUFAfW6ZBMtFwjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjM1MTU0MjYtYTA1OC00MzlmLWE4ZmMtZTY4ZWFhZmM4ODA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+A
MA0GCSqGSIb3DQEBCwUAA4IBAQCGTSROLi5aZJDd2Zj+WqwGWlJhHBW2EBismLIx
mNag+VMN00DTK4n0BrVY2hjaa8XFteCLyzARK421tAYejsySy+eVSq5sOfD7K4Lx
zFS0smi56dvH+ZYUTUkJ/5O4fx8627akQS+KRVoSDf5se0zVwcOsBcZ+xd6UrLJY
zjVMTKx4cYsZ4LpBIs6IPYjXg1wFYeQnvTy9E4hdaWnCnx4+PlvASs6zxe1Nc787
VC369UMYCOeNPWi2wXI2m7OJlmmqiIU4uiHFckoAocamYLlNhn9G6DorGo6Dfp9d
YhSxKMG6iQ1VC5w2T+ESOpTwyyIUkRvxm7Og57CYDqFQIG6h
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:14 2025 by rpki-client