Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f1951bda-59cd-4b11-b7a1-19b1f5d32116.roa
File: f1951bda-59cd-4b11-b7a1-19b1f5d32116.roa (raw, json)
Hash identifier: 6wiXygcNudI+SDVQGZBaLp3tE/5gmczEZ8L8jEDw2Rs=
Subject key identifier: 1B:64:F5:2D:A0:D0:D9:6F:5E:77:55:F8:62:60:61:30:CC:81:5D:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54608BE9497ABB4143ECF04AD8699B3C86E20856
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f1951bda-59cd-4b11-b7a1-19b1f5d32116.roa
Signing time: Tue 05 Aug 2025 19:11:15 +0000
ROA not before: Tue 05 Aug 2025 19:11:15 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:60:8b:e9:49:7a:bb:41:43:ec:f0:4a:d8:69:9b:3c:86:e2:08:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:11:15 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=7bd23e0a27dbc667cb1d8c25db94e6f92b36e59447b2dec4a450af848925a0d1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:2e:db:9b:35:dd:66:a8:53:47:91:e6:fc:f8:
34:71:d1:12:99:a5:84:32:b9:65:3e:90:2b:a4:27:
3c:87:93:77:d1:ac:30:c9:5b:61:ff:a8:38:48:eb:
03:44:a7:18:78:50:d5:ab:87:3b:0f:6d:f9:d5:fe:
99:ac:f4:57:20:ce:17:38:22:7c:13:96:5c:4f:64:
2f:ce:cb:0d:c1:79:73:64:d0:2b:68:45:75:76:b9:
a2:91:5e:28:d5:39:da:d1:85:52:35:08:bf:d4:7c:
7d:17:d9:87:55:a5:6d:5c:1d:c0:8d:be:04:4d:c7:
3d:12:0e:a1:1c:e1:21:2d:63:2c:f6:76:1e:e6:f9:
52:13:6f:3d:5d:ff:4d:d7:8f:58:a9:45:a1:23:ae:
30:c9:79:51:7b:6c:ee:b1:66:8a:22:43:fd:fe:1a:
86:61:e8:ae:0a:ef:77:b0:9c:94:38:9e:7c:fc:b1:
e2:45:d5:35:ea:13:65:20:86:5a:cf:53:41:21:c0:
69:91:f4:2d:0d:ff:d2:09:8b:d1:64:71:44:93:f6:
76:db:f9:9e:97:59:53:a0:58:02:03:8a:61:a3:7c:
ab:56:c8:19:61:c1:57:3c:5f:3c:1e:4d:ec:64:a6:
8a:74:c6:fd:1a:d1:72:02:c7:75:d7:91:31:75:23:
97:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:64:F5:2D:A0:D0:D9:6F:5E:77:55:F8:62:60:61:30:CC:81:5D:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f1951bda-59cd-4b11-b7a1-19b1f5d32116.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:5080::/48
Signature Algorithm: sha256WithRSAEncryption
72:9d:4e:f6:f4:67:9a:b0:3a:a2:d8:57:38:ed:03:39:7c:1e:
8d:c7:c3:5d:16:c3:5f:d4:fa:2a:aa:69:d0:e8:73:bd:04:ca:
19:42:30:e9:b6:ea:86:f5:21:d3:c2:45:4f:56:b7:f4:0f:ef:
e1:e5:f1:bd:7e:6c:6a:39:87:11:c2:e1:81:65:01:55:c4:4d:
74:89:b3:ed:44:40:77:b3:82:1a:99:d0:73:16:f0:55:fe:fc:
84:4f:42:c2:86:da:42:a9:6d:1c:4e:f1:e6:61:2e:6d:7d:58:
b6:9e:db:65:69:8c:23:8b:ee:4b:f9:09:dd:52:a9:cf:28:5c:
f6:5c:31:71:d0:64:0c:cd:09:d6:f5:09:e2:b7:58:34:b2:f5:
64:13:3a:f8:ae:b3:a0:27:a0:b7:08:8f:c4:2e:70:73:55:be:
30:0a:85:b6:ce:f5:b5:90:1a:2e:17:3f:99:bb:b6:ba:49:b3:
a4:e1:f6:41:42:c0:46:3c:d8:24:0f:0f:eb:6f:20:1f:cb:63:
51:32:39:05:52:16:57:47:6e:7d:e2:7c:79:9d:a6:91:9b:97:
d1:10:73:af:3c:7d:fd:98:37:9e:c3:9b:66:4f:ac:d1:97:03:
98:60:0f:bb:be:27:56:40:cd:84:fd:95:91:bb:2f:39:3c:3a:
3d:d6:b0:28
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVGCL6Ul6u0FD7PBK2GmbPIbiCFYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTExMTVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiZDIzZTBhMjdkYmM2NjdjYjFkOGMyNWRiOTRlNmY5MmIzNmU1OTQ0N2Iy
ZGVjNGE0NTBhZjg0ODkyNWEwZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPMu25s13WaoU0eR5vz4NHHREpmlhDK5ZT6QK6QnPIeTd9GsMMlbYf+oOEjr
A0SnGHhQ1auHOw9t+dX+maz0VyDOFzgifBOWXE9kL87LDcF5c2TQK2hFdXa5opFe
KNU52tGFUjUIv9R8fRfZh1WlbVwdwI2+BE3HPRIOoRzhIS1jLPZ2Hub5UhNvPV3/
TdePWKlFoSOuMMl5UXts7rFmiiJD/f4ahmHorgrvd7CclDiefPyx4kXVNeoTZSCG
Ws9TQSHAaZH0LQ3/0gmL0WRxRJP2dtv5npdZU6BYAgOKYaN8q1bIGWHBVzxfPB5N
7GSminTG/RrRcgLHddeRMXUjl1UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQbZPUt
oNDZb153VfhiYGEwzIFdGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjE5NTFiZGEtNTljZC00YjExLWI3YTEtMTliMWY1ZDMyMTE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAcp1O9vRnmrA6othXOO0DOXwejcfDXRbDX9T6
Kqpp0OhzvQTKGUIw6bbqhvUh08JFT1a39A/v4eXxvX5sajmHEcLhgWUBVcRNdImz
7URAd7OCGpnQcxbwVf78hE9CwobaQqltHE7x5mEubX1Ytp7bZWmMI4vuS/kJ3VKp
zyhc9lwxcdBkDM0J1vUJ4rdYNLL1ZBM6+K6zoCegtwiPxC5wc1W+MAqFts71tZAa
Lhc/mbu2ukmzpOH2QULARjzYJA8P628gH8tjUTI5BVIWV0dufeJ8eZ2mkZuX0RBz
rzx9/Zg3nsObZk+s0ZcDmGAPu74nVkDNhP2VkbsvOTw6PdawKA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:03:53 2025 by rpki-client