Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c575b6fa-c023-458f-85c8-9694aa053e43.roa
File: c575b6fa-c023-458f-85c8-9694aa053e43.roa (raw, json)
Hash identifier: xAZW2PNLTA1GMWMEhKaOEZTOrUP+hGpTbVXi5O6VKGY=
Subject key identifier: 53:6B:77:A6:51:5A:28:EF:39:C4:91:7E:42:B5:C6:4B:F5:4E:D8:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3488A62553B154B4C80B8EF7108B38058A9553ED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c575b6fa-c023-458f-85c8-9694aa053e43.roa
Signing time: Tue 05 Aug 2025 19:01:09 +0000
ROA not before: Tue 05 Aug 2025 19:01:09 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:88:a6:25:53:b1:54:b4:c8:0b:8e:f7:10:8b:38:05:8a:95:53:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:01:09 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=60d4ab7ebec76810b8859fa8a25003f39e703cd039ba3a601887d9158ae260d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b0:63:ec:85:bd:e0:da:53:bd:9d:ff:33:08:
24:9c:94:ac:98:de:fc:d2:bc:45:f3:38:43:8b:18:
1b:6d:9c:78:fa:6d:27:f0:b5:66:db:66:37:92:6b:
c3:92:71:ef:63:22:91:60:df:cc:c6:fc:15:91:4d:
d8:5b:38:4f:b2:83:ea:bf:e9:ed:cf:42:8d:f6:3e:
48:c5:3c:35:7f:5c:28:14:ba:05:d9:ff:fb:1e:97:
25:e9:bd:95:bd:58:9e:46:dd:1b:c8:ef:21:a8:67:
27:c4:37:e2:8d:de:c2:51:31:db:33:84:41:31:0a:
9b:e7:d5:e3:9f:21:1e:9b:c0:6e:31:69:70:10:b3:
6d:91:d1:b3:57:0d:57:84:7b:09:f0:68:f3:e7:06:
d0:8c:68:19:b9:32:84:31:46:ff:af:ff:00:11:e6:
c4:cb:29:1b:2b:65:82:0d:ca:51:1d:a7:53:b0:43:
80:5f:5f:cb:8a:a4:e2:75:d6:80:ba:6e:fd:9c:c4:
68:57:c5:dd:80:09:22:c9:a4:a4:de:49:0f:a8:34:
7e:08:b2:4d:4c:67:ed:82:ea:f0:72:06:b8:e4:df:
a7:77:ff:34:ae:65:b8:cd:90:18:ab:c3:02:29:14:
ab:d2:b6:6c:62:4d:47:b2:a8:19:7d:2c:39:b2:6d:
c3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:6B:77:A6:51:5A:28:EF:39:C4:91:7E:42:B5:C6:4B:F5:4E:D8:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c575b6fa-c023-458f-85c8-9694aa053e43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4080::/48
Signature Algorithm: sha256WithRSAEncryption
c1:e9:70:95:c1:99:34:ec:d8:16:f5:13:d2:ad:c4:87:33:1d:
bb:e4:b0:51:d8:75:c4:bf:24:f5:6e:3c:08:29:2e:45:d4:29:
64:99:a4:fa:64:60:3b:69:a8:2b:3f:1b:d3:8a:b3:fd:04:76:
1d:99:e4:9c:1d:4a:bd:fd:3a:91:6e:a0:e4:6e:ef:47:9a:f9:
45:a2:72:ff:07:ee:f1:42:4c:a3:8d:e6:f8:38:29:11:19:57:
7a:56:b2:bc:a9:2c:29:63:51:70:32:c9:ff:80:69:54:35:89:
04:5c:9a:ca:d5:a8:92:b8:48:86:29:d3:8a:7d:ff:f3:1c:06:
5e:0e:1a:f5:67:33:70:86:8f:b3:9d:a2:58:6c:f4:b4:8e:07:
53:9c:23:fa:53:61:93:5b:7e:2e:bb:6d:bc:d7:01:92:45:27:
8a:37:9d:43:be:94:7a:b9:6c:23:b7:f9:ac:37:ea:e1:41:68:
b5:4b:da:30:47:ab:46:90:45:6b:7f:2a:c2:2d:9c:7c:45:c8:
24:52:eb:e2:7f:74:2c:dc:c4:34:95:3c:74:39:60:e0:97:85:
84:3c:c0:c9:d6:07:0b:e2:be:a2:6d:3b:7d:3e:64:b2:67:3f:
05:d0:fa:d4:80:d0:f2:4a:63:9a:59:32:a0:a1:4c:fd:d2:b0:
37:68:9a:8c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNIimJVOxVLTIC473EIs4BYqVU+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAxMDlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwZDRhYjdlYmVjNzY4MTBiODg1OWZhOGEyNTAwM2YzOWU3MDNjZDAzOWJh
M2E2MDE4ODdkOTE1OGFlMjYwZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6wY+yFveDaU72d/zMIJJyUrJje/NK8RfM4Q4sYG22cePptJ/C1ZttmN5Jr
w5Jx72MikWDfzMb8FZFN2Fs4T7KD6r/p7c9CjfY+SMU8NX9cKBS6Bdn/+x6XJem9
lb1YnkbdG8jvIahnJ8Q34o3ewlEx2zOEQTEKm+fV458hHpvAbjFpcBCzbZHRs1cN
V4R7CfBo8+cG0IxoGbkyhDFG/6//ABHmxMspGytlgg3KUR2nU7BDgF9fy4qk4nXW
gLpu/ZzEaFfF3YAJIsmkpN5JD6g0fgiyTUxn7YLq8HIGuOTfp3f/NK5luM2QGKvD
AikUq9K2bGJNR7KoGX0sObJtwxECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRTa3em
UVoo7znEkX5CtcZL9U7YAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzU3NWI2ZmEtYzAyMy00NThmLTg1YzgtOTY5NGFhMDUzZTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
gDANBgkqhkiG9w0BAQsFAAOCAQEAwelwlcGZNOzYFvUT0q3EhzMdu+SwUdh1xL8k
9W48CCkuRdQpZJmk+mRgO2moKz8b04qz/QR2HZnknB1Kvf06kW6g5G7vR5r5RaJy
/wfu8UJMo43m+DgpERlXelayvKksKWNRcDLJ/4BpVDWJBFyaytWokrhIhinTin3/
8xwGXg4a9WczcIaPs52iWGz0tI4HU5wj+lNhk1t+LrttvNcBkkUnijedQ76Uerls
I7f5rDfq4UFotUvaMEerRpBFa38qwi2cfEXIJFLr4n90LNzENJU8dDlg4JeFhDzA
ydYHC+K+om07fT5ksmc/BdD61IDQ8kpjmlkyoKFM/dKwN2iajA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:49:54 2025 by rpki-client