Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
File: cead5bc0-2620-45bc-b97b-adb00020a426.roa (raw, json)
Hash identifier: 78/GagfIWXvvueT2ZMGBVvZRHjPmDau2wZM6jAe6fRc=
Subject key identifier: 5A:53:72:4A:3E:CE:44:D4:A4:E9:3A:6F:D3:2E:5D:1F:AD:3F:4D:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3653E5FDD93B91000164B264CA4F35C181FC9BC3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
Signing time: Tue 05 Aug 2025 19:20:15 +0000
ROA not before: Tue 05 Aug 2025 19:20:15 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:53:e5:fd:d9:3b:91:00:01:64:b2:64:ca:4f:35:c1:81:fc:9b:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:20:15 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=635badc65f05a69c03eb1cf73e9f473a43720ffe9c3bd516d8c983224cd19281, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:02:ea:27:71:cc:15:08:ec:0f:a2:0b:bb:0d:
d6:7e:78:93:b9:c0:22:20:dd:0d:63:bf:bd:88:d1:
8f:3e:eb:0e:bd:b3:d4:23:7e:00:ec:9b:74:c8:22:
6f:66:a9:d3:41:22:e8:1f:08:a7:60:8d:53:59:50:
e3:5e:0a:a5:10:be:e2:cb:8f:53:de:4b:95:52:37:
ed:fd:1e:25:c2:a0:de:aa:bd:a8:2a:1e:be:c4:54:
8a:71:81:33:b0:19:03:60:42:46:d9:03:50:ff:80:
1b:45:c5:68:85:ee:db:e7:b9:4b:44:8f:d3:64:63:
c1:8d:ab:3d:8a:60:fa:7f:3d:a8:ab:3f:d3:85:75:
87:3d:bd:7b:36:25:bc:05:c1:83:95:ad:fb:63:7a:
f4:2b:80:3d:f6:49:af:3f:aa:8f:e2:46:4b:ec:33:
cd:0e:fa:6a:98:22:b4:f0:ee:2d:2e:a1:16:c0:2d:
b2:24:57:85:df:5b:23:a0:99:d8:20:75:f5:1e:c1:
9a:dd:02:ff:51:d0:e9:74:30:f7:cc:28:b1:8e:57:
ed:d5:c8:75:a2:42:e2:11:85:33:d4:b3:03:41:04:
f1:9a:19:90:c8:2a:f0:ec:46:ea:0d:00:11:08:3c:
6a:78:ea:51:e3:90:3f:fc:f6:8b:c6:53:61:9f:2d:
f2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:53:72:4A:3E:CE:44:D4:A4:E9:3A:6F:D3:2E:5D:1F:AD:3F:4D:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cead5bc0-2620-45bc-b97b-adb00020a426.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e080::/48
Signature Algorithm: sha256WithRSAEncryption
b6:05:f4:da:ac:55:11:b0:10:d2:42:1d:ce:cc:ab:7c:74:f6:
8c:0d:34:1d:ed:5b:3b:40:f0:23:ab:25:96:7a:8d:c5:c2:b3:
51:ce:60:34:0c:de:dc:6c:4e:b9:09:c4:c4:4e:8e:28:f5:54:
04:97:bb:e0:1b:f1:69:90:6d:6b:8d:78:c1:0b:f2:65:ca:eb:
58:3c:75:30:e1:5a:11:1b:6b:c1:0a:e7:dc:89:97:32:a7:d6:
98:7c:51:ef:bf:90:71:7c:35:ee:a8:4c:82:c7:a2:04:d5:51:
6d:66:c6:10:de:8a:98:0b:48:f9:56:01:9f:2d:45:40:a6:25:
ea:31:83:c1:c1:74:f1:4e:ef:0f:18:eb:96:cf:75:ab:ae:af:
67:5d:ef:42:56:2a:03:6a:43:df:91:50:10:05:f9:33:65:98:
00:4f:a3:3d:48:7c:71:a7:04:b9:d0:05:12:b9:bf:97:69:6b:
89:1d:9b:0c:10:10:d3:84:74:a5:ef:a7:bb:e6:3e:39:c2:78:
ac:13:f1:01:a0:40:13:53:74:e0:e5:e7:e7:77:e1:c4:17:c6:
5e:93:78:d0:0c:1d:b3:35:99:65:49:3b:48:f0:b2:5e:4a:0e:
fc:af:41:6b:d4:91:37:bb:3f:17:27:ad:a7:f0:ef:54:dd:0c:
d0:52:b8:58
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNlPl/dk7kQABZLJkyk81wYH8m8MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIwMTVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzNWJhZGM2NWYwNWE2OWMwM2ViMWNmNzNlOWY0NzNhNDM3MjBmZmU5YzNi
ZDUxNmQ4Yzk4MzIyNGNkMTkyODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQC6idxzBUI7A+iC7sN1n54k7nAIiDdDWO/vYjRjz7rDr2z1CN+AOybdMgi
b2ap00Ei6B8Ip2CNU1lQ414KpRC+4suPU95LlVI37f0eJcKg3qq9qCoevsRUinGB
M7AZA2BCRtkDUP+AG0XFaIXu2+e5S0SP02RjwY2rPYpg+n89qKs/04V1hz29ezYl
vAXBg5Wt+2N69CuAPfZJrz+qj+JGS+wzzQ76apgitPDuLS6hFsAtsiRXhd9bI6CZ
2CB19R7Bmt0C/1HQ6XQw98wosY5X7dXIdaJC4hGFM9SzA0EE8ZoZkMgq8OxG6g0A
EQg8anjqUeOQP/z2i8ZTYZ8t8r8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRaU3JK
Ps5E1KTpOm/TLl0frT9NADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2VhZDViYzAtMjYyMC00NWJjLWI5N2ItYWRiMDAwMjBhNDI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
gDANBgkqhkiG9w0BAQsFAAOCAQEAtgX02qxVEbAQ0kIdzsyrfHT2jA00He1bO0Dw
I6sllnqNxcKzUc5gNAze3GxOuQnExE6OKPVUBJe74BvxaZBta414wQvyZcrrWDx1
MOFaERtrwQrn3ImXMqfWmHxR77+QcXw17qhMgseiBNVRbWbGEN6KmAtI+VYBny1F
QKYl6jGDwcF08U7vDxjrls91q66vZ13vQlYqA2pD35FQEAX5M2WYAE+jPUh8cacE
udAFErm/l2lriR2bDBAQ04R0pe+nu+Y+OcJ4rBPxAaBAE1N04OXn53fhxBfGXpN4
0AwdszWZZUk7SPCyXkoO/K9Ba9SRN7s/Fyetp/DvVN0M0FK4WA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:34:59 2025 by rpki-client