Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
File: d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa (raw, json)
Hash identifier: tUHTV5i3AcfviXTujI2WrItd2F1nb9j1vGa1EitifQI=
Subject key identifier: 52:4B:46:9F:08:FA:83:11:FB:87:41:BC:80:ED:F6:76:3D:39:D3:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1603B1BE9C1EAB6A78409DB32A8114F1B66D5BFD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
Signing time: Tue 05 Aug 2025 20:00:25 +0000
ROA not before: Tue 05 Aug 2025 20:00:25 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:03:b1:be:9c:1e:ab:6a:78:40:9d:b3:2a:81:14:f1:b6:6d:5b:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:00:25 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=8575bbad8819ba41c9fb81e76e6e4dde8f49029a5bbe435fc39ebc67795847ce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:49:21:85:63:2b:c2:5c:dc:60:8d:d0:c5:0d:
a0:c4:93:7d:05:75:99:51:ed:82:a4:42:ed:f1:4b:
55:60:b7:e9:30:29:70:12:4e:0b:73:da:75:4c:aa:
fe:46:c1:67:d4:e3:99:5a:66:a6:05:a4:f6:30:93:
e6:ca:61:ba:dd:64:73:2a:c9:fb:17:32:2a:07:d6:
ac:84:05:3d:ca:c8:c8:b9:eb:0c:14:30:ee:34:0c:
1a:b4:17:04:20:de:c7:2c:5f:e1:c2:f0:9e:02:a5:
43:83:06:aa:76:b6:37:ef:17:f5:64:aa:6f:4a:fd:
0a:8a:91:f5:cd:ac:4c:8b:15:3d:2e:c6:e3:87:ae:
6e:42:1d:93:ad:a6:93:61:2f:ee:ef:b8:c5:f2:f0:
43:fd:0b:ed:01:18:72:9c:64:76:da:78:29:84:d1:
1f:4f:95:10:b9:9e:f3:8f:3d:36:21:ff:51:29:ce:
33:61:0a:8e:a1:b9:df:e8:7d:85:73:95:c7:4a:8e:
ff:3b:72:d1:c1:76:19:05:20:6e:48:26:cf:e6:8e:
82:95:75:d0:69:c1:9d:f5:43:5e:2f:ba:5b:6a:01:
ee:f8:f8:5e:c4:e8:5a:0b:72:e2:29:a6:f9:4b:1e:
b7:e4:9c:43:fa:fd:17:c1:c3:6e:eb:2a:fb:f3:8d:
df:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:4B:46:9F:08:FA:83:11:FB:87:41:BC:80:ED:F6:76:3D:39:D3:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3ac8a0a-8d06-40de-a292-cb824b7c48b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016:400::/38
Signature Algorithm: sha256WithRSAEncryption
5c:28:ef:97:5e:04:72:21:67:13:04:f4:20:0e:8a:93:6a:ba:
9e:08:32:ec:df:11:cd:c3:e1:45:18:58:a6:46:d0:51:61:8b:
c0:c9:f2:06:23:92:89:20:ef:57:8c:5c:d8:c5:89:c6:9f:16:
fe:39:19:80:81:fb:10:92:a1:68:79:a6:45:cf:f8:1c:61:48:
48:bf:89:ed:c6:d5:45:df:99:54:e9:ff:41:58:97:18:c0:be:
c0:23:4e:be:47:99:55:7f:5e:ac:0e:0e:be:f8:4f:54:f7:24:
8f:87:54:cd:08:94:33:60:bf:c8:53:31:e6:de:06:e4:1f:0f:
5f:ac:ab:0d:d0:36:a2:1d:ec:79:87:5c:dd:b7:b0:c7:09:59:
e9:58:a0:d8:24:b1:32:45:1f:64:f5:d7:cb:17:29:e3:97:e8:
f7:49:6d:80:a6:14:dd:be:be:06:cd:43:be:be:8b:ea:33:0c:
e3:57:b2:8e:ff:d4:44:55:82:97:a3:e3:45:ee:33:98:5b:3f:
03:43:6e:80:10:89:3c:33:82:1f:69:32:82:86:e1:f1:0e:bb:
56:7b:58:29:ae:c5:2c:43:c8:1c:37:3d:59:9c:36:15:78:ad:
00:51:4a:f2:04:27:6f:c7:1b:23:1f:4b:ca:58:a8:13:9a:e6:
ed:55:2b:1d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFgOxvpweq2p4QJ2zKoEU8bZtW/0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAwMjVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1NzViYmFkODgxOWJhNDFjOWZiODFlNzZlNmU0ZGRlOGY0OTAyOWE1YmJl
NDM1ZmMzOWViYzY3Nzk1ODQ3Y2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOxJIYVjK8Jc3GCN0MUNoMSTfQV1mVHtgqRC7fFLVWC36TApcBJOC3PadUyq
/kbBZ9TjmVpmpgWk9jCT5sphut1kcyrJ+xcyKgfWrIQFPcrIyLnrDBQw7jQMGrQX
BCDexyxf4cLwngKlQ4MGqna2N+8X9WSqb0r9CoqR9c2sTIsVPS7G44eubkIdk62m
k2Ev7u+4xfLwQ/0L7QEYcpxkdtp4KYTRH0+VELme8489NiH/USnOM2EKjqG53+h9
hXOVx0qO/zty0cF2GQUgbkgmz+aOgpV10GnBnfVDXi+6W2oB7vj4XsToWgty4imm
+Uset+ScQ/r9F8HDbusq+/ON33ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRSS0af
CPqDEfuHQbyA7fZ2PTnTLDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDNhYzhhMGEtOGQwNi00MGRlLWEyOTItY2I4MjRiN2M0OGI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYE
MA0GCSqGSIb3DQEBCwUAA4IBAQBcKO+XXgRyIWcTBPQgDoqTarqeCDLs3xHNw+FF
GFimRtBRYYvAyfIGI5KJIO9XjFzYxYnGnxb+ORmAgfsQkqFoeaZFz/gcYUhIv4nt
xtVF35lU6f9BWJcYwL7AI06+R5lVf16sDg6++E9U9ySPh1TNCJQzYL/IUzHm3gbk
Hw9frKsN0DaiHex5h1zdt7DHCVnpWKDYJLEyRR9k9dfLFynjl+j3SW2AphTdvr4G
zUO+vovqMwzjV7KO/9REVYKXo+NF7jOYWz8DQ26AEIk8M4IfaTKChuHxDrtWe1gp
rsUsQ8gcNz1ZnDYVeK0AUUryBCdvxxsjH0vKWKgTmubtVSsd
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:14 2025 by rpki-client