Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa
File: cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa (raw, json)
Hash identifier: LIejduc1LRhGR3/qbb8Jy3A2v44LFs+oBKYh9+02wOE=
Subject key identifier: 3A:AF:B5:DF:8D:04:66:7F:77:21:54:2C:30:31:EF:8F:74:AD:97:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01D7AAA1650559B91CFA24FFD06A32465C4C61AB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa
Signing time: Tue 19 Aug 2025 16:50:37 +0000
ROA not before: Tue 19 Aug 2025 16:50:37 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:d7:aa:a1:65:05:59:b9:1c:fa:24:ff:d0:6a:32:46:5c:4c:61:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:37 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=2d2fc64a9ab540ba416f07cf6fd01f777ec169e667a24ec37e9fdd4f10cab00e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5e:18:36:a8:fc:bd:55:08:fb:d0:57:9c:cd:
50:8e:23:f4:8d:14:d3:1b:fc:8a:69:2f:07:65:54:
24:9c:5e:3c:d0:ad:86:23:ac:94:33:8f:48:8f:2f:
0c:87:5e:a9:c2:0f:e7:91:75:97:89:ae:b7:77:10:
66:09:c3:0a:24:ce:3a:f9:2a:a5:c6:c5:2c:d5:5a:
37:94:5d:dc:82:77:f3:80:52:bf:7e:9d:7c:f6:2d:
b1:23:bf:f8:89:ef:d3:0d:16:22:d0:be:9b:2e:1d:
cb:2d:d8:ac:89:db:e1:6c:0c:cb:b1:1d:67:eb:5d:
49:fb:3a:47:db:15:ff:9f:46:4b:2c:85:aa:9f:ee:
af:5b:5b:ed:f5:b4:ec:86:dd:e2:88:7f:26:52:7e:
50:63:e7:8c:f5:8f:85:57:a9:4b:d2:e5:f2:a6:20:
2c:69:0c:05:0c:7f:a1:8b:6f:73:24:fe:e1:87:cf:
e2:ba:27:1c:d1:e9:e6:64:cf:05:1b:a6:8e:22:31:
8c:d0:58:09:dc:69:4d:7c:d8:e2:82:46:68:10:41:
bc:1f:8a:dd:c3:f6:15:05:5e:ca:ad:c7:77:7e:69:
f2:9c:f0:5a:8f:d8:90:6f:5a:2b:3a:4b:dc:d4:77:
6e:6b:44:4d:b4:c2:c0:cc:8a:a3:8b:b0:50:25:f3:
37:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:AF:B5:DF:8D:04:66:7F:77:21:54:2C:30:31:EF:8F:74:AD:97:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cbd21b9e-7627-4ebc-a1f8-63890b5d4144.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:800::/40
Signature Algorithm: sha256WithRSAEncryption
5d:90:1d:9d:50:3d:a8:e7:1e:21:5a:1b:67:f6:68:36:16:e5:
ab:b5:ed:fd:a4:31:17:64:9d:37:c1:15:04:13:46:74:7b:74:
57:09:7b:d3:e0:a4:8a:10:1c:de:be:c6:20:97:2c:fa:4d:93:
f7:0d:b9:ac:e5:59:b2:14:8a:50:f8:e1:7e:72:f9:f6:3b:e2:
f9:8b:c0:dc:ec:42:9b:fd:39:cf:a5:b4:c4:d8:b1:58:33:c3:
f4:aa:03:7b:13:c4:3c:fe:80:57:39:45:45:f1:65:1a:72:5a:
ef:24:b8:cf:7f:8c:e7:4e:88:5b:ca:25:0c:91:cb:63:48:82:
29:79:48:09:88:29:8a:41:89:54:f1:79:92:be:12:7b:31:9b:
8c:d7:60:26:2d:18:81:b9:ae:49:24:1e:4c:f7:eb:36:ee:dc:
e4:7a:ca:e1:66:9d:73:21:60:c7:01:68:15:28:25:a8:b6:e9:
3f:7c:0a:1c:fa:f2:50:cb:17:64:74:c1:90:8d:e2:67:80:53:
1c:87:84:13:cc:e3:4b:85:fa:88:7a:38:bc:d9:0f:4e:87:37:
92:cb:f2:62:b2:c9:a7:a0:8f:99:93:48:54:de:03:23:e9:d0:
5c:16:55:62:fe:7b:7c:7d:21:b5:1f:08:73:05:7e:b8:9c:80:
5b:af:f6:b4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAdeqoWUFWbkc+iT/0GoyRlxMYaswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwMzdaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkMmZjNjRhOWFiNTQwYmE0MTZmMDdjZjZmZDAxZjc3N2VjMTY5ZTY2N2Ey
NGVjMzdlOWZkZDRmMTBjYWIwMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJeGDao/L1VCPvQV5zNUI4j9I0U0xv8imkvB2VUJJxePNCthiOslDOPSI8v
DIdeqcIP55F1l4mut3cQZgnDCiTOOvkqpcbFLNVaN5Rd3IJ384BSv36dfPYtsSO/
+Inv0w0WItC+my4dyy3YrInb4WwMy7EdZ+tdSfs6R9sV/59GSyyFqp/ur1tb7fW0
7Ibd4oh/JlJ+UGPnjPWPhVepS9Ll8qYgLGkMBQx/oYtvcyT+4YfP4ronHNHp5mTP
BRumjiIxjNBYCdxpTXzY4oJGaBBBvB+K3cP2FQVeyq3Hd35p8pzwWo/YkG9aKzpL
3NR3bmtETbTCwMyKo4uwUCXzN80CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ6r7Xf
jQRmf3chVCwwMe+PdK2XKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2JkMjFiOWUtNzYyNy00ZWJjLWExZjgtNjM4OTBiNWQ0MTQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkI
MA0GCSqGSIb3DQEBCwUAA4IBAQBdkB2dUD2o5x4hWhtn9mg2FuWrte39pDEXZJ03
wRUEE0Z0e3RXCXvT4KSKEBzevsYglyz6TZP3Dbms5VmyFIpQ+OF+cvn2O+L5i8Dc
7EKb/TnPpbTE2LFYM8P0qgN7E8Q8/oBXOUVF8WUaclrvJLjPf4znTohbyiUMkctj
SIIpeUgJiCmKQYlU8XmSvhJ7MZuM12AmLRiBua5JJB5M9+s27tzkesrhZp1zIWDH
AWgVKCWotuk/fAoc+vJQyxdkdMGQjeJngFMch4QTzONLhfqIeji82Q9OhzeSy/Ji
ssmnoI+Zk0hU3gMj6dBcFlVi/nt8fSG1HwhzBX64nIBbr/a0
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:31 2025 by rpki-client