Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
File: d7ff0a46-4c68-43b8-be33-3f3098623685.roa (raw, json)
Hash identifier: P2etybVBUKip4iSuqLYXw2xlsXZplXm/27EbaJVeyAY=
Subject key identifier: 09:76:D3:69:1F:95:70:6E:3B:80:93:04:02:9C:E9:18:EB:E1:28:D8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B3059FE9CD11640A8E4EBCFC21C35E6DF3B2CA8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
Signing time: Tue 05 Aug 2025 18:50:15 +0000
ROA not before: Tue 05 Aug 2025 18:50:15 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:30:59:fe:9c:d1:16:40:a8:e4:eb:cf:c2:1c:35:e6:df:3b:2c:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:50:15 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=0cdf20a3f7233c626d4d9459e521c99ccb330dc2c638677a1f683a5607ef0cbc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b6:1c:69:71:a2:58:0d:0b:04:e0:d5:6f:96:
32:77:f2:19:2b:85:65:cb:57:d4:91:c3:ef:5b:de:
9e:13:d8:fc:de:87:b1:48:26:e3:b2:b0:72:3a:f3:
42:63:8e:20:31:ef:e1:00:62:3a:47:b8:ae:76:15:
d0:57:1d:e4:4e:ee:2a:3a:d1:f2:ba:04:17:56:ae:
1c:7d:38:40:02:f6:4b:d9:e7:8e:99:b0:c2:42:4e:
3e:4b:b5:db:3a:fe:17:52:3b:2f:a9:50:c5:76:05:
56:9c:e2:eb:6e:18:7a:37:42:8d:26:9d:15:18:a9:
1c:12:f6:fa:17:be:6a:ab:94:9d:9c:ed:d0:79:38:
e1:0d:bf:f8:5e:b8:1e:3b:dc:ef:02:23:21:7b:df:
14:f0:20:29:c2:fa:b6:e7:b9:2d:44:5e:7f:ab:c9:
89:ad:51:c2:eb:d3:ee:78:a8:99:15:6f:7f:e5:3a:
cb:12:a7:86:6b:cb:f8:b5:8f:3d:96:5d:f9:70:7e:
fb:70:04:66:10:88:cb:d7:bb:65:b4:1b:a4:6a:26:
a6:95:af:1b:7e:5d:46:b2:11:56:d9:b1:ea:25:61:
8e:fe:12:56:a7:9e:50:e0:5d:6a:6a:3e:a2:52:2f:
12:fb:5c:35:3b:f2:69:18:ba:28:f3:75:7e:c4:89:
e9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:76:D3:69:1F:95:70:6E:3B:80:93:04:02:9C:E9:18:EB:E1:28:D8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7ff0a46-4c68-43b8-be33-3f3098623685.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80d0::/48
Signature Algorithm: sha256WithRSAEncryption
49:ce:cb:fd:cf:8d:e2:ae:a4:aa:e7:7d:6b:71:ad:b2:46:b1:
3f:90:bd:20:04:a1:2a:61:e6:58:ae:c1:e3:4a:f0:47:66:eb:
b7:71:4e:be:6e:e2:69:9c:a6:06:b4:f1:b4:31:6b:7d:38:c1:
00:5b:f0:60:6b:72:1e:cf:96:5a:27:4e:c2:d7:6d:49:c5:f5:
0b:ab:7a:13:0e:cc:cd:b3:e5:f2:48:16:50:dc:c0:5d:39:03:
e0:19:40:66:64:92:0b:7e:f1:50:80:e3:3f:84:a5:14:fd:ef:
59:67:9b:00:ca:8c:32:be:92:90:59:46:cf:50:70:f3:20:dd:
11:2a:d8:ce:d3:a1:12:37:91:80:13:b9:30:64:e3:c1:80:67:
2b:4b:e6:e4:98:22:af:25:d0:85:96:a3:71:92:00:69:a3:53:
2e:44:88:e6:5d:36:3f:65:d4:e7:ca:0a:9d:84:de:6c:eb:b4:
0b:19:a4:d5:5d:09:f0:24:01:6b:39:0b:0c:34:68:c0:3e:22:
de:e0:cd:61:66:9a:64:ff:50:4c:1e:e3:c5:fa:ad:d2:58:57:
8b:1e:63:34:eb:08:6d:10:0f:47:5e:73:63:ee:f9:f7:3d:78:
a4:0d:2c:89:ab:5c:30:30:e8:47:05:79:82:e2:4d:9f:7d:27:
29:57:bc:06
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWzBZ/pzRFkCo5OvPwhw15t87LKgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODUwMTVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjZGYyMGEzZjcyMzNjNjI2ZDRkOTQ1OWU1MjFjOTljY2IzMzBkYzJjNjM4
Njc3YTFmNjgzYTU2MDdlZjBjYmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMS2HGlxolgNCwTg1W+WMnfyGSuFZctX1JHD71venhPY/N6HsUgm47Kwcjrz
QmOOIDHv4QBiOke4rnYV0Fcd5E7uKjrR8roEF1auHH04QAL2S9nnjpmwwkJOPku1
2zr+F1I7L6lQxXYFVpzi624YejdCjSadFRipHBL2+he+aquUnZzt0Hk44Q2/+F64
Hjvc7wIjIXvfFPAgKcL6tue5LURef6vJia1RwuvT7niomRVvf+U6yxKnhmvL+LWP
PZZd+XB++3AEZhCIy9e7ZbQbpGomppWvG35dRrIRVtmx6iVhjv4SVqeeUOBdamo+
olIvEvtcNTvyaRi6KPN1fsSJ6a0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQJdtNp
H5VwbjuAkwQCnOkY6+Eo2DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdmZjBhNDYtNGM2OC00M2I4LWJlMzMtM2YzMDk4NjIzNjg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
0DANBgkqhkiG9w0BAQsFAAOCAQEASc7L/c+N4q6kqud9a3GtskaxP5C9IAShKmHm
WK7B40rwR2brt3FOvm7iaZymBrTxtDFrfTjBAFvwYGtyHs+WWidOwtdtScX1C6t6
Ew7MzbPl8kgWUNzAXTkD4BlAZmSSC37xUIDjP4SlFP3vWWebAMqMMr6SkFlGz1Bw
8yDdESrYztOhEjeRgBO5MGTjwYBnK0vm5JgiryXQhZajcZIAaaNTLkSI5l02P2XU
58oKnYTebOu0Cxmk1V0J8CQBazkLDDRowD4i3uDNYWaaZP9QTB7jxfqt0lhXix5j
NOsIbRAPR15zY+759z14pA0siatcMDDoRwV5guJNn30nKVe8Bg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:34:40 2025 by rpki-client