Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa
File: eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa (raw, json)
Hash identifier: Z4jJ4dDWPuIMxueffS859kPiATTwwZaZ+0Iaxm/FRAY=
Subject key identifier: 04:B0:D8:D5:AD:AB:D9:35:A7:75:9D:A5:55:7F:33:2A:CD:97:4C:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53CA2734F57D3FB4660028CC9A3CA0DF99C675A9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa
Signing time: Tue 05 Aug 2025 19:10:18 +0000
ROA not before: Tue 05 Aug 2025 19:10:18 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:ca:27:34:f5:7d:3f:b4:66:00:28:cc:9a:3c:a0:df:99:c6:75:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:10:18 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=7ff71f34c565ad0ac71e0665c94984296faa7840e56208897d49a60599fab94f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ad:f9:a8:fb:69:1f:24:3e:18:fa:2e:cd:1a:
5a:43:82:6b:c8:4e:26:9c:0c:39:d4:4d:f8:5c:16:
78:a4:76:9e:18:79:30:1f:5b:32:61:58:b4:0b:7d:
0d:50:85:b6:39:30:d3:70:c5:0f:36:29:6a:c7:93:
ce:2d:73:b5:57:26:69:a2:7f:db:07:82:4d:b0:72:
56:20:5b:62:71:ef:16:d8:dc:37:92:33:23:a9:be:
dd:27:6c:15:9b:5f:7e:4c:44:73:da:ec:32:28:9a:
e4:db:7a:26:ab:03:bd:17:20:bf:f7:df:54:3f:8c:
06:69:1b:46:6b:19:13:59:36:31:de:6a:38:45:b7:
5e:bc:71:95:d0:c5:36:c1:19:4c:4d:7e:9d:5b:d9:
b7:ce:84:3c:5d:cf:2d:fe:0f:5d:46:d3:33:60:ab:
b6:54:71:6e:5d:e5:40:c6:bd:e0:6c:e1:49:78:6e:
4d:0f:88:b6:fa:dd:ae:7c:4e:77:bc:5c:48:c3:ea:
02:c1:da:e8:60:82:2b:3e:ac:af:12:46:8e:ec:4a:
e5:c0:1b:dd:8b:05:df:99:4f:01:a0:0a:32:a5:0f:
4c:23:8a:48:44:d6:fc:40:33:c2:1b:0c:cc:40:63:
25:6b:5f:c3:b3:ca:35:f2:3f:8d:00:ca:97:c3:da:
91:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B0:D8:D5:AD:AB:D9:35:A7:75:9D:A5:55:7F:33:2A:CD:97:4C:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eedddbbd-2bbd-4e64-9b37-dddd3392ce8f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4040::/48
Signature Algorithm: sha256WithRSAEncryption
7c:75:41:8a:b0:db:e7:1c:00:84:a9:9f:52:22:41:63:e4:c1:
c1:20:93:14:48:ae:ed:53:7d:8a:a2:bd:80:eb:23:11:50:b3:
24:f5:d1:8a:13:c9:7f:8b:b4:e6:57:b5:44:65:45:39:34:79:
8e:2f:fc:49:49:56:20:eb:91:74:e8:51:61:9d:39:37:eb:c4:
81:55:04:97:42:7f:fb:26:9b:e5:13:d8:7d:97:6d:bc:6f:2e:
96:e1:e0:ae:8b:f6:46:fc:39:4f:93:47:e4:5b:1c:a7:59:c4:
44:a8:c2:49:c8:0d:36:37:1d:f0:64:09:28:d3:cc:87:fc:d9:
3e:80:5c:94:f4:89:37:1e:0d:01:07:33:23:5f:63:c6:62:18:
ea:b0:b2:a7:b7:40:48:9e:32:f1:8f:78:e8:ea:8d:1a:e6:7e:
0a:15:97:ae:4b:6d:d7:14:00:a9:1a:76:31:0e:00:39:e1:c0:
26:b3:6e:28:a8:b8:82:d3:1c:23:58:aa:20:95:2c:83:19:f8:
bf:4e:57:65:28:7c:ce:15:bc:7c:0b:95:28:02:38:4c:f6:d8:
18:48:81:19:da:a3:4b:49:8b:a9:17:7b:e4:9c:4d:77:df:fb:
de:d3:eb:a0:0b:02:30:3f:20:ca:56:c7:aa:bd:8f:60:4f:dd:
b0:3c:58:db
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUU8onNPV9P7RmACjMmjyg35nGdakwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTEwMThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmZjcxZjM0YzU2NWFkMGFjNzFlMDY2NWM5NDk4NDI5NmZhYTc4NDBlNTYy
MDg4OTdkNDlhNjA1OTlmYWI5NGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJqt+aj7aR8kPhj6Ls0aWkOCa8hOJpwMOdRN+FwWeKR2nhh5MB9bMmFYtAt9
DVCFtjkw03DFDzYpaseTzi1ztVcmaaJ/2weCTbByViBbYnHvFtjcN5IzI6m+3Sds
FZtffkxEc9rsMiia5Nt6JqsDvRcgv/ffVD+MBmkbRmsZE1k2Md5qOEW3XrxxldDF
NsEZTE1+nVvZt86EPF3PLf4PXUbTM2CrtlRxbl3lQMa94GzhSXhuTQ+ItvrdrnxO
d7xcSMPqAsHa6GCCKz6srxJGjuxK5cAb3YsF35lPAaAKMqUPTCOKSETW/EAzwhsM
zEBjJWtfw7PKNfI/jQDKl8PakcsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQEsNjV
ravZNad1naVVfzMqzZdMkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWVkZGRiYmQtMmJiZC00ZTY0LTliMzctZGRkZDMzOTJjZThmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
QDANBgkqhkiG9w0BAQsFAAOCAQEAfHVBirDb5xwAhKmfUiJBY+TBwSCTFEiu7VN9
iqK9gOsjEVCzJPXRihPJf4u05le1RGVFOTR5ji/8SUlWIOuRdOhRYZ05N+vEgVUE
l0J/+yab5RPYfZdtvG8uluHgrov2Rvw5T5NH5Fscp1nERKjCScgNNjcd8GQJKNPM
h/zZPoBclPSJNx4NAQczI19jxmIY6rCyp7dASJ4y8Y946OqNGuZ+ChWXrktt1xQA
qRp2MQ4AOeHAJrNuKKi4gtMcI1iqIJUsgxn4v05XZSh8zhW8fAuVKAI4TPbYGEiB
GdqjS0mLqRd75JxNd9/73tProAsCMD8gylbHqr2PYE/dsDxY2w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:13 2025 by rpki-client