Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
File: cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa (raw, json)
Hash identifier: 5AuiTEiWGQmCfDBUj3DzIWmqKgD+GOMZ+FplnhrjbLE=
Subject key identifier: 47:D4:1E:43:F6:30:C9:2F:A8:D3:BC:B9:09:55:63:32:65:3C:3F:C2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 186302D5037307699BF72F04958677138553EA24
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
Signing time: Tue 05 Aug 2025 20:11:30 +0000
ROA not before: Tue 05 Aug 2025 20:11:30 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:63:02:d5:03:73:07:69:9b:f7:2f:04:95:86:77:13:85:53:ea:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:11:30 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=434110ae24b1a0eec06525e4bb8a5afac10247a2e9ff69f698100bdb229bf2c4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1d:cb:a3:d5:e7:7c:14:17:33:a2:65:18:49:
cc:0b:40:89:20:75:06:66:b8:eb:ad:78:65:86:c1:
fd:fe:31:e7:a3:73:d6:b2:21:16:38:e2:b3:a5:5c:
aa:a3:80:18:1c:05:83:24:ac:2d:ed:c2:24:07:76:
04:0e:2a:9c:a7:4e:9c:e3:d8:91:c1:db:8a:f3:70:
c7:18:cb:e3:16:fd:4f:87:4a:ed:1b:5b:a8:90:12:
82:d5:1e:0d:33:57:93:fc:91:55:cb:01:e8:06:71:
eb:5e:ef:b9:9b:05:50:40:68:3d:ed:9c:ec:c2:da:
fd:86:90:55:95:9c:14:87:af:6d:af:ee:fd:38:dc:
01:16:ac:56:4f:66:7e:6b:8c:40:99:11:78:76:8b:
33:1b:1c:c8:f8:2d:79:41:38:b5:67:ae:52:00:b8:
ce:73:ea:5a:ce:48:02:fe:15:b7:f9:3c:ef:7b:7c:
6a:1c:9a:1c:77:63:75:f3:7b:34:db:6e:35:59:13:
c8:fc:63:12:a4:c7:7c:5c:83:a9:59:48:50:5a:5d:
c3:c6:e1:58:20:63:63:f5:8d:3f:a9:83:54:8d:25:
59:7b:f5:82:bf:2c:f6:40:a8:46:15:cc:05:2f:93:
34:70:d7:a7:2e:5f:04:82:a5:70:0a:b1:a0:91:36:
aa:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:D4:1E:43:F6:30:C9:2F:A8:D3:BC:B9:09:55:63:32:65:3C:3F:C2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:c00::/38
Signature Algorithm: sha256WithRSAEncryption
03:64:90:f8:5d:8f:ea:f6:95:77:92:92:41:f8:b3:f4:58:f3:
d0:11:08:e5:e8:e4:cf:00:96:9b:2c:69:15:c4:20:27:b3:d9:
9c:4f:0e:c2:48:c4:7e:3f:90:44:87:ad:60:94:24:0f:9c:4a:
bb:f5:df:02:ee:0e:01:ee:bc:ab:65:c9:51:33:2b:63:b6:b8:
b7:70:d2:4e:31:7c:b1:36:6f:23:a2:49:41:43:85:cb:d0:8d:
14:3f:6a:17:82:a4:8d:72:c4:c4:31:26:7c:09:33:5f:6c:93:
3e:52:b3:7c:35:a1:b0:ef:ea:98:a1:d5:52:b1:5b:2d:ff:e3:
d4:b0:7d:c5:03:93:db:96:7f:ab:a6:57:07:f6:8f:cd:e3:0a:
ff:94:49:39:c8:22:33:8c:cf:94:c0:13:da:ad:0c:b8:0e:6d:
a1:4a:b7:79:bd:e7:78:7e:e5:4d:ec:83:26:c1:ca:16:b0:d7:
6f:f7:e9:66:63:6e:e9:76:ed:08:90:43:5c:a2:72:f5:34:d9:
77:c7:9e:8a:5a:b9:bb:ce:52:05:6c:fa:5d:fd:c3:1d:28:b8:
fd:10:2f:4a:14:05:11:2f:09:83:6f:cf:ba:c9:23:df:06:19:
5b:5f:33:73:a5:58:b9:c2:a3:d7:10:89:76:c2:04:3e:b1:77:
28:89:21:41
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGGMC1QNzB2mb9y8ElYZ3E4VT6iQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDExMzBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzNDExMGFlMjRiMWEwZWVjMDY1MjVlNGJiOGE1YWZhYzEwMjQ3YTJlOWZm
NjlmNjk4MTAwYmRiMjI5YmYyYzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQdy6PV53wUFzOiZRhJzAtAiSB1Bma46614ZYbB/f4x56Nz1rIhFjjis6Vc
qqOAGBwFgySsLe3CJAd2BA4qnKdOnOPYkcHbivNwxxjL4xb9T4dK7RtbqJASgtUe
DTNXk/yRVcsB6AZx617vuZsFUEBoPe2c7MLa/YaQVZWcFIevba/u/TjcARasVk9m
fmuMQJkReHaLMxscyPgteUE4tWeuUgC4znPqWs5IAv4Vt/k873t8ahyaHHdjdfN7
NNtuNVkTyPxjEqTHfFyDqVlIUFpdw8bhWCBjY/WNP6mDVI0lWXv1gr8s9kCoRhXM
BS+TNHDXpy5fBIKlcAqxoJE2qr8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRH1B5D
9jDJL6jTvLkJVWMyZTw/wjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I1ZWU0YzEtZGQzNi00OWE5LThiMDktODlkNThhYTgwMzVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEM
MA0GCSqGSIb3DQEBCwUAA4IBAQADZJD4XY/q9pV3kpJB+LP0WPPQEQjl6OTPAJab
LGkVxCAns9mcTw7CSMR+P5BEh61glCQPnEq79d8C7g4B7ryrZclRMytjtri3cNJO
MXyxNm8joklBQ4XL0I0UP2oXgqSNcsTEMSZ8CTNfbJM+UrN8NaGw7+qYodVSsVst
/+PUsH3FA5Pbln+rplcH9o/N4wr/lEk5yCIzjM+UwBParQy4Dm2hSrd5ved4fuVN
7IMmwcoWsNdv9+lmY27pdu0IkENconL1NNl3x56KWrm7zlIFbPpd/cMdKLj9EC9K
FAURLwmDb8+6ySPfBhlbXzNzpVi5wqPXEIl2wgQ+sXcoiSFB
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:42 2025 by rpki-client