Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
File: d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa (raw, json)
Hash identifier: 3ir6/bGZ6Ls83/nY3GtBZHbkMq3wbjPZxiwUaLjaM5w=
Subject key identifier: 57:11:AA:9E:C8:A6:02:6B:2C:93:3B:4A:D4:CD:CD:55:94:AE:D7:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5FD9A5E698AC396F0F3BA78D92066DE905AB5057
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
Signing time: Tue 05 Aug 2025 19:50:13 +0000
ROA not before: Tue 05 Aug 2025 19:50:13 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:d9:a5:e6:98:ac:39:6f:0f:3b:a7:8d:92:06:6d:e9:05:ab:50:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:50:13 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=6f31e9e32b8241d2fa568ec010e49c00e83263a26c07d872225f622ad49f0a01, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:61:14:54:fa:65:9b:45:3a:54:54:5b:f9:b2:
4c:56:60:54:36:eb:b9:80:2b:82:17:25:97:31:a2:
5d:9c:2e:86:0d:bc:ed:16:da:ed:a2:57:84:c1:5f:
c4:0b:48:76:59:02:c5:f6:a2:bd:fa:4f:0d:13:54:
16:2a:a0:09:e5:0e:83:03:d2:ed:f3:52:c3:7a:51:
42:e2:47:a5:10:d7:d2:84:7b:fa:57:bf:1a:8d:a7:
fd:e6:b0:1f:8d:3b:63:79:6c:8c:22:a9:2c:7e:18:
07:a0:54:a6:bc:0e:70:ee:84:8e:07:ec:86:5c:60:
3d:b2:1f:e6:f8:91:90:5e:7c:2c:10:dc:d2:8d:5c:
46:83:85:58:d6:68:ca:1e:93:2c:b4:01:24:c6:62:
78:06:38:83:68:ed:1f:1d:89:0d:20:a3:b6:19:c5:
88:19:7f:d0:33:d5:05:e6:c3:16:1b:27:e6:be:10:
4b:c5:37:76:d6:cb:ee:f0:e4:eb:7c:aa:42:a9:e0:
99:c1:7b:a1:7b:8a:4f:9a:3f:25:24:ad:6f:c9:b3:
7b:e4:7a:e0:ae:93:6f:ff:bd:8e:b4:87:12:13:cb:
84:e1:ea:e0:2a:17:6c:dc:38:2f:de:b0:10:63:24:
6d:c7:11:fd:43:38:de:59:db:37:a8:26:9a:64:1b:
fb:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:11:AA:9E:C8:A6:02:6B:2C:93:3B:4A:D4:CD:CD:55:94:AE:D7:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d385ff4b-7f8e-45d2-8f8b-fcde1426a050.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:1000::/40
Signature Algorithm: sha256WithRSAEncryption
6d:eb:72:0a:b7:30:ca:2c:ca:68:3c:c2:49:e5:3c:b5:bd:86:
41:89:d5:0b:3b:a5:f7:9f:c3:07:e7:0a:e7:27:e2:e3:9a:e3:
b6:f0:b1:8c:67:ff:46:70:0c:c3:15:94:e2:27:bc:1d:ae:77:
6d:ad:e7:19:29:4e:18:57:04:22:21:ac:74:9f:2b:c2:a0:7b:
5a:75:3a:21:02:0e:93:1d:89:ef:3b:21:eb:c3:9d:fd:2f:2d:
7e:1c:b2:05:93:bf:3e:d4:a3:09:9a:43:81:12:f3:0c:7c:14:
5b:3b:fa:76:19:a9:3d:c8:a6:41:5a:1b:65:eb:5c:59:5c:1c:
47:78:52:8d:85:fe:83:5f:f5:c3:84:7d:31:b7:3d:cf:a5:23:
a1:7f:23:74:65:d2:e5:88:22:08:5d:70:7f:ae:4c:f3:ac:fe:
29:11:09:35:76:85:bd:6f:0e:d5:09:d9:c6:07:2e:1e:b3:88:
3b:bb:7e:d1:5e:59:6f:ae:df:9c:26:05:71:19:08:02:a9:68:
24:7f:a2:16:28:c6:47:4c:83:73:ca:be:1f:bc:05:f0:12:aa:
2f:0a:85:36:29:99:c7:dd:0b:62:3a:e8:22:97:d0:66:18:42:
c2:ba:69:65:cc:7d:41:46:b6:82:81:38:e7:da:51:31:0f:fe:
7a:dc:32:63
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX9ml5pisOW8PO6eNkgZt6QWrUFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUwMTNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmMzFlOWUzMmI4MjQxZDJmYTU2OGVjMDEwZTQ5YzAwZTgzMjYzYTI2YzA3
ZDg3MjIyNWY2MjJhZDQ5ZjBhMDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIthFFT6ZZtFOlRUW/myTFZgVDbruYArghcllzGiXZwuhg287Rba7aJXhMFf
xAtIdlkCxfaivfpPDRNUFiqgCeUOgwPS7fNSw3pRQuJHpRDX0oR7+le/Go2n/eaw
H407Y3lsjCKpLH4YB6BUprwOcO6EjgfshlxgPbIf5viRkF58LBDc0o1cRoOFWNZo
yh6TLLQBJMZieAY4g2jtHx2JDSCjthnFiBl/0DPVBebDFhsn5r4QS8U3dtbL7vDk
63yqQqngmcF7oXuKT5o/JSStb8mze+R64K6Tb/+9jrSHEhPLhOHq4CoXbNw4L96w
EGMkbccR/UM43lnbN6gmmmQb+90CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRXEaqe
yKYCayyTO0rUzc1VlK7X0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDM4NWZmNGItN2Y4ZS00NWQyLThmOGItZmNkZTE0MjZhMDUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBt63IKtzDKLMpoPMJJ5Ty1vYZBidULO6X3n8MH
5wrnJ+LjmuO28LGMZ/9GcAzDFZTiJ7wdrndtrecZKU4YVwQiIax0nyvCoHtadToh
Ag6THYnvOyHrw539Ly1+HLIFk78+1KMJmkOBEvMMfBRbO/p2Gak9yKZBWhtl61xZ
XBxHeFKNhf6DX/XDhH0xtz3PpSOhfyN0ZdLliCIIXXB/rkzzrP4pEQk1doW9bw7V
CdnGBy4es4g7u37RXllvrt+cJgVxGQgCqWgkf6IWKMZHTINzyr4fvAXwEqovCoU2
KZnH3QtiOugil9BmGELCumllzH1BRraCgTjn2lExD/563DJj
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:34 2025 by rpki-client