Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
File: f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa (raw, json)
Hash identifier: 3XJpaK50bhTOpHn3UO+6xV31NQ/sg3vSR1O6WzXEmrg=
Subject key identifier: 82:3F:8B:56:33:2C:01:3D:EA:00:A2:F4:D5:C2:95:00:02:B1:09:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51712812888FAFD38BBB3E1246890BBF512A5BFF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
Signing time: Fri 15 Aug 2025 15:50:09 +0000
ROA not before: Fri 15 Aug 2025 15:50:09 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:71:28:12:88:8f:af:d3:8b:bb:3e:12:46:89:0b:bf:51:2a:5b:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:50:09 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=599973b909b757f168869ba0aec990e19546b4e1538d52cd91f19d3906ddfba4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:78:cb:e3:34:be:28:11:e6:e0:59:5f:f5:d4:
1e:9e:3f:cb:dd:e8:bd:3a:a1:13:64:ed:de:0c:03:
41:cd:86:88:60:fa:d4:1b:a4:72:cb:40:2a:fb:87:
cb:4d:d5:07:fc:29:bc:c6:f1:13:a1:51:5b:b9:84:
72:4d:d1:0d:6e:ba:93:77:01:65:49:f5:04:17:4f:
15:cb:15:d6:60:ea:53:51:db:53:65:98:0c:dd:e3:
18:13:0c:ee:2c:4e:3a:02:45:2f:7b:6f:40:f4:a4:
9a:79:33:1a:af:33:67:56:ee:dc:13:a1:52:1f:e1:
b4:07:09:e2:6e:9a:83:29:b0:74:f9:a4:a5:cb:96:
68:d0:f0:ca:18:49:dc:21:5c:7c:53:b7:71:b6:81:
9f:5d:40:a7:f1:77:4a:6a:8d:5d:b2:a7:1c:94:0a:
ec:36:52:92:9f:fb:41:49:39:db:ad:60:20:34:e7:
28:50:1e:a5:74:12:62:69:2d:76:32:b7:c6:5b:b1:
37:89:4e:4b:48:d9:c0:c5:7d:0d:6a:72:96:eb:51:
f4:db:95:de:09:71:17:53:98:b8:fb:82:07:1e:7a:
ff:70:52:80:0e:03:d9:4e:02:12:0c:ea:2e:6d:d1:
4e:16:0e:16:3f:58:8a:de:d1:24:28:6f:21:82:49:
25:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:3F:8B:56:33:2C:01:3D:EA:00:A2:F4:D5:C2:95:00:02:B1:09:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f13f5444-377a-4e51-a1c7-10c2a3a3d6ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040::/32
Signature Algorithm: sha256WithRSAEncryption
38:7c:cc:a9:b3:6f:a8:5d:26:ee:3c:c2:9c:4e:ff:1a:b1:d0:
33:d2:60:05:a3:1a:60:18:d0:c7:71:b1:b1:8b:67:72:29:43:
94:48:0f:d0:ae:65:90:d1:32:00:cb:1e:ff:49:da:90:de:5b:
3b:54:b4:55:2d:17:c3:43:59:44:48:2c:87:d7:22:54:24:bd:
a2:01:a8:07:e8:c6:73:21:a3:58:d9:a9:03:64:f9:81:03:94:
4e:9d:e2:a9:07:0c:23:21:00:7e:bf:a9:86:a0:59:50:00:1e:
17:f2:69:b0:a2:16:08:68:eb:de:6a:e2:a9:c9:a1:0c:a4:f0:
35:f8:6c:51:f4:e3:5f:bc:b5:5c:e7:42:a1:96:a0:b6:ad:37:
36:f7:cd:b4:47:aa:f2:e8:01:89:ee:aa:cc:af:cf:f3:7f:c1:
02:a9:76:bd:cc:9f:76:b0:1a:99:81:e8:ac:e2:a6:f7:b0:72:
5e:4f:2a:dd:4b:10:c5:37:3e:e4:e6:c2:33:e5:a8:e2:c8:d0:
bb:55:58:d7:19:8f:da:7e:4e:1e:52:6a:74:50:54:24:ba:aa:
71:0e:3c:b3:bd:90:4c:96:03:ea:15:27:c5:89:56:fe:ef:cd:
34:66:86:bf:81:4c:c9:1d:b8:d8:bb:0e:02:f3:51:e1:e4:8b:
32:64:b9:fe
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUUXEoEoiPr9OLuz4SRokLv1EqW/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTUwMDlaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5OTk3M2I5MDliNzU3ZjE2ODg2OWJhMGFlYzk5MGUxOTU0NmI0ZTE1Mzhk
NTJjZDkxZjE5ZDM5MDZkZGZiYTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKl4y+M0vigR5uBZX/XUHp4/y93ovTqhE2Tt3gwDQc2GiGD61BukcstAKvuH
y03VB/wpvMbxE6FRW7mEck3RDW66k3cBZUn1BBdPFcsV1mDqU1HbU2WYDN3jGBMM
7ixOOgJFL3tvQPSkmnkzGq8zZ1bu3BOhUh/htAcJ4m6agymwdPmkpcuWaNDwyhhJ
3CFcfFO3cbaBn11Ap/F3SmqNXbKnHJQK7DZSkp/7QUk5261gIDTnKFAepXQSYmkt
djK3xluxN4lOS0jZwMV9DWpylutR9NuV3glxF1OYuPuCBx56/3BSgA4D2U4CEgzq
Lm3RThYOFj9Yit7RJChvIYJJJX0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSCP4tW
MywBPeoAovTVwpUAArEJzjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjEzZjU0NDQtMzc3YS00ZTUxLWExYzctMTBjMmEzYTNkNmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0EAw
DQYJKoZIhvcNAQELBQADggEBADh8zKmzb6hdJu48wpxO/xqx0DPSYAWjGmAY0Mdx
sbGLZ3IpQ5RID9CuZZDRMgDLHv9J2pDeWztUtFUtF8NDWURILIfXIlQkvaIBqAfo
xnMho1jZqQNk+YEDlE6d4qkHDCMhAH6/qYagWVAAHhfyabCiFgho695q4qnJoQyk
8DX4bFH041+8tVznQqGWoLatNzb3zbRHqvLoAYnuqsyvz/N/wQKpdr3Mn3awGpmB
6Kzipvewcl5PKt1LEMU3PuTmwjPlqOLI0LtVWNcZj9p+Th5SanRQVCS6qnEOPLO9
kEyWA+oVJ8WJVv7vzTRmhr+BTMkduNi7DgLzUeHkizJkuf4=
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:12 2025 by rpki-client