Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e348b574-c707-42a9-9b58-f3215857ae07.roa
File: e348b574-c707-42a9-9b58-f3215857ae07.roa (raw, json)
Hash identifier: AKlKFLlHp37KMSnK5EvtoX903lQbmFB3tG4xWiVTPQQ=
Subject key identifier: 58:49:CD:A3:A2:F8:ED:55:B4:B1:2C:99:FE:B2:3D:55:F1:7A:52:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D2486A59168E56384AF29917653FC3B62DBF628
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e348b574-c707-42a9-9b58-f3215857ae07.roa
Signing time: Tue 05 Aug 2025 18:51:18 +0000
ROA not before: Tue 05 Aug 2025 18:51:18 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:24:86:a5:91:68:e5:63:84:af:29:91:76:53:fc:3b:62:db:f6:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:51:18 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=fbeffd0583657c546ecd6a4fab9ba5d1cd6a7704c1e4dd6a2270dabb71b0d63c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e9:2e:18:de:87:94:bc:15:d9:55:71:7f:54:
15:0c:80:64:76:cb:9d:57:de:ae:8c:2d:a1:1f:7d:
e0:8e:b2:9c:bd:8b:e7:3c:55:c9:3b:87:13:fe:31:
50:9c:3a:47:78:bf:9c:5a:a3:e9:2a:7d:c5:d1:d2:
0b:a0:c7:b6:6e:85:65:ef:16:3d:91:f1:27:77:04:
8e:02:4a:72:e3:b5:74:6e:cb:94:6f:b6:24:60:b5:
ca:80:b0:9e:b9:e8:92:b1:8f:d9:c1:c0:99:4b:17:
7c:04:23:07:e5:95:fb:ac:61:89:bf:19:18:fe:73:
dd:4e:05:6d:6d:e9:7c:dc:58:d5:cb:d2:9d:9e:4f:
38:ca:20:22:86:25:f6:e6:86:5d:63:e7:00:d0:d5:
94:6f:01:39:c4:00:f9:e0:0e:1c:4f:ac:7b:5e:fc:
05:52:3e:6e:fb:96:45:05:5a:75:64:e6:c9:0c:7b:
bd:b5:b3:d8:4e:5e:62:97:53:4f:1c:ea:8b:a5:61:
f9:f7:d5:60:b8:94:48:1b:73:a2:ac:bd:2a:cf:f6:
11:e2:cb:82:d1:42:ba:fe:e3:1c:ca:b9:8c:57:71:
69:54:f8:cc:4a:90:d4:77:2d:6c:15:02:a1:45:69:
5a:ef:ce:5b:5b:7d:0f:ad:ed:d1:0f:35:3f:6b:c7:
9d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:49:CD:A3:A2:F8:ED:55:B4:B1:2C:99:FE:B2:3D:55:F1:7A:52:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e348b574-c707-42a9-9b58-f3215857ae07.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a080::/48
Signature Algorithm: sha256WithRSAEncryption
48:18:0a:b0:49:e5:3b:08:fc:47:5d:7e:1e:5f:47:e5:b9:d7:
02:34:f0:c3:86:93:ca:4c:f2:5c:d1:36:92:f1:1f:fd:7b:c4:
ab:29:10:88:2d:7d:f4:eb:a4:3f:c2:6d:59:65:3f:df:99:e7:
05:16:61:4a:a1:1b:85:b3:58:80:51:81:51:0b:b3:a5:cb:76:
b0:3e:25:13:1e:0f:19:3d:1b:b8:7a:02:d8:0f:fd:7b:58:30:
90:ca:54:d3:7f:a8:dc:8e:b0:c5:65:b6:0e:8b:bc:a4:12:04:
e2:0d:bd:ec:65:21:75:b4:44:f8:9a:71:d6:f7:a9:87:1f:41:
19:87:34:37:07:b1:3d:09:db:77:e5:ed:3a:be:a9:1c:4d:f9:
31:1a:2a:16:fc:c5:6b:9c:52:cc:ea:cb:32:71:11:62:db:cc:
32:23:2c:5d:cd:6e:88:5f:38:65:b0:59:c7:4b:0b:e2:65:2c:
2b:c1:07:e6:c0:63:c7:83:89:90:42:ee:54:58:e0:f1:d9:c9:
99:68:03:71:65:ac:97:4b:67:79:1c:7c:45:d9:94:de:d8:2d:
84:53:e7:8a:58:7f:87:19:b8:94:0a:e2:12:df:97:18:e9:97:
a4:09:41:ea:2c:68:a9:a2:75:0f:f0:24:f6:e2:90:92:15:ce:
ca:95:97:6f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHSSGpZFo5WOErymRdlP8O2Lb9igwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODUxMThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiZWZmZDA1ODM2NTdjNTQ2ZWNkNmE0ZmFiOWJhNWQxY2Q2YTc3MDRjMWU0
ZGQ2YTIyNzBkYWJiNzFiMGQ2M2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANXpLhjeh5S8FdlVcX9UFQyAZHbLnVferowtoR994I6ynL2L5zxVyTuHE/4x
UJw6R3i/nFqj6Sp9xdHSC6DHtm6FZe8WPZHxJ3cEjgJKcuO1dG7LlG+2JGC1yoCw
nrnokrGP2cHAmUsXfAQjB+WV+6xhib8ZGP5z3U4FbW3pfNxY1cvSnZ5POMogIoYl
9uaGXWPnANDVlG8BOcQA+eAOHE+se178BVI+bvuWRQVadWTmyQx7vbWz2E5eYpdT
Txzqi6Vh+ffVYLiUSBtzoqy9Ks/2EeLLgtFCuv7jHMq5jFdxaVT4zEqQ1HctbBUC
oUVpWu/OW1t9D63t0Q81P2vHnccCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRYSc2j
ovjtVbSxLJn+sj1V8XpSATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTM0OGI1NzQtYzcwNy00MmE5LTliNTgtZjMyMTU4NTdhZTA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg
gDANBgkqhkiG9w0BAQsFAAOCAQEASBgKsEnlOwj8R11+Hl9H5bnXAjTww4aTykzy
XNE2kvEf/XvEqykQiC199OukP8JtWWU/35nnBRZhSqEbhbNYgFGBUQuzpct2sD4l
Ex4PGT0buHoC2A/9e1gwkMpU03+o3I6wxWW2Dou8pBIE4g297GUhdbRE+Jpx1vep
hx9BGYc0NwexPQnbd+XtOr6pHE35MRoqFvzFa5xSzOrLMnERYtvMMiMsXc1uiF84
ZbBZx0sL4mUsK8EH5sBjx4OJkELuVFjg8dnJmWgDcWWsl0tneRx8RdmU3tgthFPn
ilh/hxm4lAriEt+XGOmXpAlB6ixoqaJ1D/Ak9uKQkhXOypWXbw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:06 2025 by rpki-client