Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
File: e5179068-cbcf-4f9a-864d-3c97430c84f4.roa (raw, json)
Hash identifier: Pyk7JJ6jAkSA+vCHuPg64SBGEz9KoqXdk2iy8G781ZU=
Subject key identifier: 5D:F9:4B:A4:B3:D2:92:B2:BB:55:38:EA:B6:63:BA:2A:93:24:1E:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43415F21B26A36447A1408F6CDD161E994D77C3D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
Signing time: Tue 05 Aug 2025 20:11:29 +0000
ROA not before: Tue 05 Aug 2025 20:11:29 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:41:5f:21:b2:6a:36:44:7a:14:08:f6:cd:d1:61:e9:94:d7:7c:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:11:29 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=38288181b7c45e4fa1b5241e1da9d6bd9fea2bdde64e65e234697a6e503b6b92, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:76:6b:b1:79:fc:eb:a1:e2:88:88:97:17:9c:
71:13:c1:25:94:a9:45:28:f0:3f:7e:ec:3f:c7:43:
a5:13:6f:f7:b2:e4:f6:15:74:75:c3:ba:e8:81:04:
50:eb:d0:e8:41:23:1e:66:2d:a5:79:1b:27:d9:2e:
2d:9d:71:8c:02:f7:7e:49:8a:10:3b:be:14:1e:b7:
3f:53:29:90:fc:0c:7e:4c:be:cf:70:f7:a6:e8:e5:
37:36:d8:eb:94:dc:98:1c:8d:9e:ee:f3:a2:51:3e:
9d:c4:ba:8f:f4:f1:8c:27:9a:97:5b:5f:ed:0b:63:
d8:da:4e:33:91:0c:b1:a1:6a:a2:fa:46:56:6b:8d:
5e:da:51:f4:0a:66:29:79:62:b7:3e:e1:97:d1:c7:
57:f9:59:5d:53:88:64:3a:b3:a9:ab:17:46:55:d7:
39:ad:bc:24:f7:de:5d:1e:53:51:fa:4b:77:40:a4:
ae:97:4a:1d:7d:fa:c8:e3:65:90:34:8e:e0:11:b6:
85:31:22:78:c3:f0:bf:30:08:10:6a:c6:fe:75:3d:
38:46:1b:5b:17:70:40:0a:80:e7:4c:cd:12:3a:89:
d9:eb:b9:f6:b8:8b:10:f5:7b:66:0a:d6:28:18:d8:
f0:74:8f:b7:7e:7e:43:22:ba:05:0c:c4:35:70:a9:
02:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F9:4B:A4:B3:D2:92:B2:BB:55:38:EA:B6:63:BA:2A:93:24:1E:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015::/38
Signature Algorithm: sha256WithRSAEncryption
c4:a9:32:76:ae:b4:1b:1f:12:e2:8c:99:b8:51:85:01:1b:6b:
2c:a0:98:48:02:98:09:bd:60:b8:7e:0d:34:b2:85:a9:a6:a6:
29:a2:be:2c:a9:55:5a:a4:14:12:66:f1:bb:2c:29:ca:85:a3:
77:33:52:85:c6:95:6b:df:d6:c2:ef:ef:8e:97:e4:4d:b6:c0:
d5:6e:0a:3f:55:60:4e:1c:77:2c:22:6a:ec:b7:d6:b9:ec:7e:
a0:b8:fb:ee:c2:91:a9:d6:b7:23:63:fd:ef:27:c5:36:06:86:
e4:ab:d1:6b:0e:06:bd:9f:4a:f7:21:28:bb:9c:6e:62:6d:50:
f4:de:8c:53:e2:2e:62:9c:fe:9c:97:06:42:c5:2e:55:31:5e:
6c:cf:e7:e4:23:dc:aa:6b:a7:03:12:c9:a3:bf:4d:a7:fa:ed:
ef:2e:fa:c1:c9:ce:3f:76:0a:e5:d1:ed:53:28:dd:14:6e:76:
6f:90:64:97:b4:c3:de:16:27:f2:ce:6b:f7:b4:6c:af:c8:d3:
0b:73:b3:db:7e:a7:54:4b:f2:fa:0e:b4:93:0f:37:5c:a9:4b:
d5:0f:d6:d2:34:39:b9:84:94:b2:8c:e4:f9:34:c1:2f:36:27:
c8:1b:8f:0e:14:c0:e9:5b:38:ce:56:e0:78:82:4b:a2:9a:00:
b9:d8:87:88
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQ0FfIbJqNkR6FAj2zdFh6ZTXfD0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDExMjlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4Mjg4MTgxYjdjNDVlNGZhMWI1MjQxZTFkYTlkNmJkOWZlYTJiZGRlNjRl
NjVlMjM0Njk3YTZlNTAzYjZiOTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMd2a7F5/Ouh4oiIlxeccRPBJZSpRSjwP37sP8dDpRNv97Lk9hV0dcO66IEE
UOvQ6EEjHmYtpXkbJ9kuLZ1xjAL3fkmKEDu+FB63P1MpkPwMfky+z3D3pujlNzbY
65TcmByNnu7zolE+ncS6j/TxjCeal1tf7Qtj2NpOM5EMsaFqovpGVmuNXtpR9Apm
KXlitz7hl9HHV/lZXVOIZDqzqasXRlXXOa28JPfeXR5TUfpLd0CkrpdKHX36yONl
kDSO4BG2hTEieMPwvzAIEGrG/nU9OEYbWxdwQAqA50zNEjqJ2eu59riLEPV7ZgrW
KBjY8HSPt35+QyK6BQzENXCpAmkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRd+Uuk
s9KSsrtVOOq2Y7oqkyQe2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTUxNzkwNjgtY2JjZi00ZjlhLTg2NGQtM2M5NzQzMGM4NGY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUA
MA0GCSqGSIb3DQEBCwUAA4IBAQDEqTJ2rrQbHxLijJm4UYUBG2ssoJhIApgJvWC4
fg00soWppqYpor4sqVVapBQSZvG7LCnKhaN3M1KFxpVr39bC7++Ol+RNtsDVbgo/
VWBOHHcsImrst9a57H6guPvuwpGp1rcjY/3vJ8U2Bobkq9FrDga9n0r3ISi7nG5i
bVD03oxT4i5inP6clwZCxS5VMV5sz+fkI9yqa6cDEsmjv02n+u3vLvrByc4/dgrl
0e1TKN0UbnZvkGSXtMPeFifyzmv3tGyvyNMLc7PbfqdUS/L6DrSTDzdcqUvVD9bS
NDm5hJSyjOT5NMEvNifIG48OFMDpWzjOVuB4gkuimgC52IeI
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:06 2025 by rpki-client