Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
File: f51bf20f-531a-411e-baff-37a38bc29ce9.roa (raw, json)
Hash identifier: aPChFKyTF6sNqC/OjaeCHrySt3RrA7zcj564J5tRx+k=
Subject key identifier: 87:33:49:26:C9:0F:64:37:A2:75:9C:39:B4:D5:DC:7D:B2:3B:4F:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C941DC6A834A4BCDBEE1363ED08D6B213EDE710
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
Signing time: Tue 05 Aug 2025 19:11:10 +0000
ROA not before: Tue 05 Aug 2025 19:11:10 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:94:1d:c6:a8:34:a4:bc:db:ee:13:63:ed:08:d6:b2:13:ed:e7:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:11:10 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=0c33b798f9c962acf5076a20066086cb5c3c5cc9f51a4954aa8092415b0cc14b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:98:c7:2d:9e:17:66:5e:92:de:42:20:09:ed:
d5:5a:ce:2f:80:9e:6f:4f:a9:b6:13:c7:e5:21:e9:
1a:6d:eb:2f:a5:9f:c2:40:e3:a9:e9:0b:81:fc:b0:
05:32:f8:9c:33:8d:c6:5d:bd:e8:bf:53:cf:62:f1:
cf:bc:0b:c4:45:ff:f0:11:26:b6:53:a8:db:32:96:
6c:7c:4a:74:e8:1b:ce:55:10:6b:d8:20:41:2d:a9:
ad:6a:ec:41:ea:a4:43:00:6c:c1:68:ed:d6:35:ab:
4f:71:de:81:0d:07:e4:f9:22:87:48:1d:e0:43:d1:
e5:f2:9f:53:50:5c:2b:c9:8d:ef:49:3a:46:18:38:
54:4c:f5:74:4d:c4:79:55:6c:0b:35:57:35:24:83:
37:49:4c:07:be:52:47:c2:e3:0a:97:0c:9c:43:9a:
1e:de:93:c4:71:b5:65:46:7f:ef:a3:a5:55:b7:66:
75:d9:f4:e7:3a:66:5b:60:11:af:6a:f4:4a:67:cf:
d3:cd:f4:9b:f8:c1:1f:6d:81:f4:26:1e:dd:5a:c4:
82:f0:fa:2a:bd:1a:a9:e6:22:31:76:ee:f6:7e:7f:
d1:fd:ff:d4:36:e8:b6:81:e8:38:67:90:66:73:bd:
87:38:92:60:64:d6:70:7a:87:4c:24:91:2c:43:5e:
70:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:33:49:26:C9:0F:64:37:A2:75:9C:39:B4:D5:DC:7D:B2:3B:4F:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8020::/48
Signature Algorithm: sha256WithRSAEncryption
91:c6:af:e4:bb:55:89:f6:8b:f3:81:42:46:d0:fd:7f:fe:8e:
51:bd:5a:96:01:e6:f2:64:ce:bf:a7:03:72:f1:e1:57:30:f7:
9f:57:c8:1c:39:9b:4d:10:05:3d:40:85:e3:c6:3c:e1:39:97:
f5:24:f5:26:21:81:3f:e3:a3:71:25:6e:56:f3:fe:53:8c:af:
3a:c7:94:18:ea:ef:be:9c:b0:18:8e:b3:19:e0:99:c0:cf:c1:
46:6c:0b:d7:7e:30:4e:f1:7a:4a:d2:cc:12:31:71:6d:e6:2c:
0a:40:cb:0f:c5:c2:71:4c:52:c6:95:8f:36:27:b5:28:e1:1e:
37:72:0b:37:bd:64:79:a1:53:03:3a:c8:fd:44:ed:ce:30:72:
99:f8:65:ec:73:58:0b:b4:9d:50:e0:68:f6:8c:94:ed:6b:c9:
bd:35:39:10:89:bd:dd:c6:3b:7f:c3:f5:0e:4b:eb:9c:4d:96:
23:c4:91:3b:fe:ad:68:e1:e8:5f:4c:49:f6:75:85:e7:0b:83:
ee:2e:4f:73:59:e7:07:1b:fa:53:fe:bd:c5:55:1b:5a:d9:cf:
12:e3:12:48:4a:c2:4e:45:80:d2:00:0c:e1:51:a7:f9:7e:0b:
af:ce:fb:68:77:31:69:06:ac:82:0a:6d:6b:4f:c3:fe:97:07:
91:31:77:60
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfJQdxqg0pLzb7hNj7QjWshPt5xAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTExMTBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjMzNiNzk4ZjljOTYyYWNmNTA3NmEyMDA2NjA4NmNiNWMzYzVjYzlmNTFh
NDk1NGFhODA5MjQxNWIwY2MxNGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKYxy2eF2Zekt5CIAnt1VrOL4Ceb0+pthPH5SHpGm3rL6WfwkDjqekLgfyw
BTL4nDONxl296L9Tz2Lxz7wLxEX/8BEmtlOo2zKWbHxKdOgbzlUQa9ggQS2prWrs
QeqkQwBswWjt1jWrT3HegQ0H5Pkih0gd4EPR5fKfU1BcK8mN70k6Rhg4VEz1dE3E
eVVsCzVXNSSDN0lMB75SR8LjCpcMnEOaHt6TxHG1ZUZ/76OlVbdmddn05zpmW2AR
r2r0SmfP0830m/jBH22B9CYe3VrEgvD6Kr0aqeYiMXbu9n5/0f3/1DbotoHoOGeQ
ZnO9hziSYGTWcHqHTCSRLENecAsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSHM0km
yQ9kN6J1nDm01dx9sjtPITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjUxYmYyMGYtNTMxYS00MTFlLWJhZmYtMzdhMzhiYzI5Y2U5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
IDANBgkqhkiG9w0BAQsFAAOCAQEAkcav5LtVifaL84FCRtD9f/6OUb1algHm8mTO
v6cDcvHhVzD3n1fIHDmbTRAFPUCF48Y84TmX9ST1JiGBP+OjcSVuVvP+U4yvOseU
GOrvvpywGI6zGeCZwM/BRmwL134wTvF6StLMEjFxbeYsCkDLD8XCcUxSxpWPNie1
KOEeN3ILN71keaFTAzrI/UTtzjBymfhl7HNYC7SdUOBo9oyU7WvJvTU5EIm93cY7
f8P1DkvrnE2WI8SRO/6taOHoX0xJ9nWF5wuD7i5Pc1nnBxv6U/69xVUbWtnPEuMS
SErCTkWA0gAM4VGn+X4Lr877aHcxaQasggpta0/D/pcHkTF3YA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:41 2025 by rpki-client