Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
File: b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa (raw, json)
Hash identifier: wGS2dH7C6+j2p3K6qcOAC6p0jkuc6gta8oIo0Ea1u+0=
Subject key identifier: AE:6B:22:63:9B:4D:95:F2:52:76:0A:E0:F6:EC:CB:BB:64:7E:42:F8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5190681210540809125AF7C597630556FBAFA5D5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
Signing time: Tue 05 Aug 2025 20:00:17 +0000
ROA not before: Tue 05 Aug 2025 20:00:17 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:90:68:12:10:54:08:09:12:5a:f7:c5:97:63:05:56:fb:af:a5:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:00:17 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=a3952d6c564437840353424712f99f8ce033bdf7334adf0ef26cb7545b370843, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c0:80:e9:e4:49:7b:a3:e5:a7:8e:fc:ae:94:
2b:0a:9d:2d:ef:20:fa:b7:0e:8a:fc:aa:6e:f8:e4:
88:1a:ab:9d:9e:2d:7d:0f:7f:da:9c:48:64:3a:c2:
4c:09:a5:25:49:f0:49:e9:29:3a:ab:59:e4:b1:85:
4b:04:51:42:eb:ff:94:c6:a0:4c:45:86:b5:a3:1d:
af:51:bc:aa:9d:c3:0e:b8:65:5d:c8:89:b4:5c:44:
ca:22:99:74:cc:28:ab:a6:f9:3f:42:14:9e:ee:03:
14:8f:ea:91:a2:31:ab:75:1e:4c:33:7b:91:5b:ff:
64:93:03:b8:2c:2f:16:45:af:80:c8:13:0f:36:ae:
2c:83:61:ac:a7:b7:f3:c3:99:76:04:05:0f:c4:0c:
91:b0:6b:d5:49:7c:f1:76:86:a6:6c:28:ed:cd:67:
f4:a9:5a:4e:b4:78:c8:a5:0d:95:fa:88:7e:01:a1:
4c:65:3b:38:c0:07:cd:6b:57:fb:fd:b7:7a:15:dd:
a4:8c:b9:dc:36:f2:c8:6e:76:34:25:62:70:9f:06:
c1:1d:c4:d3:c9:ce:46:60:19:6e:77:d1:72:8b:4b:
94:2f:e7:41:29:62:bc:be:35:a4:57:d7:e3:0f:a8:
87:af:15:21:b3:b5:fc:18:a3:3b:5c:1c:86:f6:49:
f0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:6B:22:63:9B:4D:95:F2:52:76:0A:E0:F6:EC:CB:BB:64:7E:42:F8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b72a9540-51ef-4dcc-a5e2-2417249a1af3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:400::/38
Signature Algorithm: sha256WithRSAEncryption
0d:74:17:f5:ef:60:5d:06:9c:c0:c6:c7:3d:6d:fc:4d:dd:09:
fc:8e:d2:4e:c9:37:07:f9:b9:58:a0:ed:b9:c0:89:a8:42:26:
57:0b:f6:68:77:1b:b4:47:bd:83:90:9c:92:43:c2:3e:ed:d2:
3d:51:ba:a1:be:36:e0:48:a9:04:a7:63:81:c3:01:e0:c9:1c:
a1:3a:4b:45:ec:ae:19:46:78:29:52:c4:b6:fd:bf:cb:93:e5:
fb:49:e1:53:aa:b9:0c:2f:36:5e:53:ed:a6:91:41:65:d7:f9:
c4:e0:62:fe:25:0d:58:10:d1:a6:5f:72:85:6a:80:f4:93:cc:
7a:65:b6:3f:05:4e:e3:1a:46:99:86:fb:b6:c6:48:d8:a8:eb:
e4:12:1a:55:59:fe:cb:3b:22:a7:d4:e7:bd:20:96:11:ae:6e:
be:00:9b:e5:75:54:46:79:77:c5:f6:9a:3f:b8:6d:a5:d4:21:
db:99:b5:84:00:77:cc:09:18:92:5b:ef:89:1d:65:ee:a8:15:
ba:e2:82:11:eb:15:de:78:1f:df:d4:a3:a1:36:b6:7a:72:10:
33:7b:10:94:02:5e:f6:56:77:62:5f:38:0d:48:b1:57:2d:26:
62:10:42:8e:0f:27:7a:64:ca:16:51:3e:ad:1b:75:01:e6:54:
1e:70:6a:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUZBoEhBUCAkSWvfFl2MFVvuvpdUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAwMTdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzOTUyZDZjNTY0NDM3ODQwMzUzNDI0NzEyZjk5ZjhjZTAzM2JkZjczMzRh
ZGYwZWYyNmNiNzU0NWIzNzA4NDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDAgOnkSXuj5aeO/K6UKwqdLe8g+rcOivyqbvjkiBqrnZ4tfQ9/2pxIZDrC
TAmlJUnwSekpOqtZ5LGFSwRRQuv/lMagTEWGtaMdr1G8qp3DDrhlXciJtFxEyiKZ
dMwoq6b5P0IUnu4DFI/qkaIxq3UeTDN7kVv/ZJMDuCwvFkWvgMgTDzauLINhrKe3
88OZdgQFD8QMkbBr1Ul88XaGpmwo7c1n9KlaTrR4yKUNlfqIfgGhTGU7OMAHzWtX
+/23ehXdpIy53DbyyG52NCVicJ8GwR3E08nORmAZbnfRcotLlC/nQSlivL41pFfX
4w+oh68VIbO1/BijO1wchvZJ8LcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSuayJj
m02V8lJ2CuD27Mu7ZH5C+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjcyYTk1NDAtNTFlZi00ZGNjLWE1ZTItMjQxNzI0OWExYWYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIE
MA0GCSqGSIb3DQEBCwUAA4IBAQANdBf172BdBpzAxsc9bfxN3Qn8jtJOyTcH+blY
oO25wImoQiZXC/Zodxu0R72DkJySQ8I+7dI9UbqhvjbgSKkEp2OBwwHgyRyhOktF
7K4ZRngpUsS2/b/Lk+X7SeFTqrkMLzZeU+2mkUFl1/nE4GL+JQ1YENGmX3KFaoD0
k8x6ZbY/BU7jGkaZhvu2xkjYqOvkEhpVWf7LOyKn1Oe9IJYRrm6+AJvldVRGeXfF
9po/uG2l1CHbmbWEAHfMCRiSW++JHWXuqBW64oIR6xXeeB/f1KOhNrZ6chAzexCU
Al72VndiXzgNSLFXLSZiEEKODyd6ZMoWUT6tG3UB5lQecGqs
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:18 2025 by rpki-client