Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
File: dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa (raw, json)
Hash identifier: H6S4ljrOY/N296Q3gnkAWGYn/0GkiKoY/u7lrvxgAfg=
Subject key identifier: 73:9A:FA:3D:31:CE:E5:48:89:2C:54:46:55:E7:B1:EE:B2:D1:7B:F2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B00127040457BC3BF8D8509FD2928D302B72ABB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
Signing time: Tue 05 Aug 2025 19:30:12 +0000
ROA not before: Tue 05 Aug 2025 19:30:12 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:00:12:70:40:45:7b:c3:bf:8d:85:09:fd:29:28:d3:02:b7:2a:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:30:12 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=14d652c57493508274b9d07f4efd9474afcfb72f3501bc67df06d142cbfcd23e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:2c:e1:17:f5:f3:9f:ac:a0:c7:68:f4:7f:b0:
ed:8c:98:87:b0:d0:f2:bc:ab:bf:62:70:4a:e3:41:
7b:5a:4c:de:fc:79:85:16:c2:8d:d3:83:90:f0:50:
6f:82:dc:20:31:aa:bb:d5:10:03:87:c3:7d:89:d2:
23:35:11:88:b8:6f:ad:ee:a3:10:8b:ad:ba:8f:71:
43:cb:c0:e0:3c:9a:37:18:f8:9b:82:72:57:a7:1d:
0d:73:1c:99:ce:e8:f5:78:f8:9a:da:9d:50:27:36:
e3:3b:f4:be:7c:a5:43:01:7e:21:5b:5c:c2:71:46:
b9:87:5d:79:20:93:87:da:f0:7e:09:4a:b9:d6:1a:
79:ce:21:b9:2f:de:ee:96:f7:89:4e:97:24:76:ee:
f5:d7:48:1f:09:62:ad:be:a9:eb:32:5f:c1:2a:55:
b6:30:3a:72:7f:33:90:0e:14:46:b3:7c:a2:bd:f9:
7a:9c:9f:81:a6:da:b8:92:70:84:0c:6d:f5:e9:f6:
9c:48:8d:d2:12:f7:a9:c0:4f:11:33:fb:b7:c3:c4:
39:5a:81:2b:84:0c:ff:5d:e2:1d:ca:7e:7f:42:08:
fa:9a:3d:dd:75:97:ac:3c:a7:91:ba:d0:cf:ce:5b:
49:4e:e5:5d:fc:da:4b:4d:61:d3:d7:85:5d:4c:cd:
a9:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:9A:FA:3D:31:CE:E5:48:89:2C:54:46:55:E7:B1:EE:B2:D1:7B:F2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbd2d56a-b699-4b33-a153-fa826b6b80c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4000::/40
Signature Algorithm: sha256WithRSAEncryption
97:6d:6a:84:2d:9e:6a:0e:3e:e7:6e:a3:3f:4d:e7:cf:ee:20:
45:99:34:45:33:53:5a:f9:93:fe:b7:f9:c0:d9:f6:2d:b9:be:
25:f7:44:15:9c:c6:08:e0:08:4c:00:ec:cb:8d:dc:d3:0b:13:
e4:59:25:7d:d1:a2:8c:57:21:10:40:6c:34:b3:c7:66:9a:37:
54:69:4b:6f:c0:87:8e:f5:a0:a2:d5:9a:46:52:67:2f:cd:5b:
80:c1:2e:c9:81:cb:56:de:56:2c:ad:de:dd:0a:af:c6:dc:59:
9c:12:7b:a4:12:2c:e0:6d:bc:7c:70:ca:06:06:12:98:8d:bf:
dc:34:d7:22:bc:c3:a5:04:96:e8:89:97:64:80:79:a6:15:dd:
0b:16:4a:9c:3a:0e:a0:dc:1d:0c:cd:93:2d:94:19:c8:7d:7b:
47:64:45:81:d1:91:18:c2:67:6c:2d:d9:b9:7f:49:5e:8f:fb:
86:8f:13:42:36:4f:7c:d9:f3:c8:f0:61:9d:58:77:e1:d2:b8:
d3:ab:14:12:e9:04:2d:e8:db:99:81:5b:74:27:94:34:22:ca:
ea:77:02:80:7a:a0:62:49:1f:0c:60:4e:59:9d:4d:ea:14:eb:
31:99:f8:b7:e6:05:16:13:84:25:a1:dc:12:73:cc:49:9f:32:
05:f2:79:45
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWwAScEBFe8O/jYUJ/Sko0wK3KrswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMwMTJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0ZDY1MmM1NzQ5MzUwODI3NGI5ZDA3ZjRlZmQ5NDc0YWZjZmI3MmYzNTAx
YmM2N2RmMDZkMTQyY2JmY2QyM2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOQs4Rf185+soMdo9H+w7YyYh7DQ8ryrv2JwSuNBe1pM3vx5hRbCjdODkPBQ
b4LcIDGqu9UQA4fDfYnSIzURiLhvre6jEIutuo9xQ8vA4DyaNxj4m4JyV6cdDXMc
mc7o9Xj4mtqdUCc24zv0vnylQwF+IVtcwnFGuYddeSCTh9rwfglKudYaec4huS/e
7pb3iU6XJHbu9ddIHwlirb6p6zJfwSpVtjA6cn8zkA4URrN8or35epyfgabauJJw
hAxt9en2nEiN0hL3qcBPETP7t8PEOVqBK4QM/13iHcp+f0II+po93XWXrDynkbrQ
z85bSU7lXfzaS01h09eFXUzNqVsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRzmvo9
Mc7lSIksVEZV57HustF78jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGJkMmQ1NmEtYjY5OS00YjMzLWExNTMtZmE4MjZiNmI4MGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABA
MA0GCSqGSIb3DQEBCwUAA4IBAQCXbWqELZ5qDj7nbqM/TefP7iBFmTRFM1Na+ZP+
t/nA2fYtub4l90QVnMYI4AhMAOzLjdzTCxPkWSV90aKMVyEQQGw0s8dmmjdUaUtv
wIeO9aCi1ZpGUmcvzVuAwS7JgctW3lYsrd7dCq/G3FmcEnukEizgbbx8cMoGBhKY
jb/cNNcivMOlBJboiZdkgHmmFd0LFkqcOg6g3B0MzZMtlBnIfXtHZEWB0ZEYwmds
Ldm5f0lej/uGjxNCNk982fPI8GGdWHfh0rjTqxQS6QQt6NuZgVt0J5Q0IsrqdwKA
eqBiSR8MYE5ZnU3qFOsxmfi35gUWE4QlodwSc8xJnzIF8nlF
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:13 2025 by rpki-client