Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
File: f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa (raw, json)
Hash identifier: ZiZpfwQygx156rMJH27zspcgbqLD6CW2WMgDP7ifVaA=
Subject key identifier: 3A:7B:89:48:D3:11:48:1E:50:12:8A:6A:A3:17:35:2B:A5:5D:7A:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36C13A269A1A42B5281D031FD339E986A1D1C7D0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
Signing time: Wed 06 Aug 2025 00:50:07 +0000
ROA not before: Wed 06 Aug 2025 00:50:07 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:c1:3a:26:9a:1a:42:b5:28:1d:03:1f:d3:39:e9:86:a1:d1:c7:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:07 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=7e74317823e796a9653c1f237545a0b2acc94164a6328cb14be89f5e6327479c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7e:43:4c:d2:04:a6:b2:12:4c:9e:ca:56:27:
95:18:93:43:83:c9:bd:18:35:2c:7c:a6:0a:dd:82:
5a:81:fc:1f:63:3d:eb:3e:38:53:5e:31:f9:11:f2:
a2:c4:d7:41:a6:f7:11:12:d7:f4:b1:9d:b7:cc:db:
01:b1:3e:ae:1c:9b:a5:f2:d3:0b:f1:46:86:cc:4e:
6a:da:9c:b1:7f:e4:a2:96:7a:8b:23:dc:4b:47:8e:
b5:97:60:91:07:f0:a2:78:29:24:b7:6f:24:b0:33:
84:77:6e:28:8e:7e:a1:d0:7c:49:a3:05:ae:b5:41:
20:17:28:37:b9:3a:d6:63:7e:bb:68:c6:16:24:25:
07:5a:b1:a5:94:65:50:dc:54:87:b1:88:7a:01:36:
f3:b8:b4:da:80:d4:b0:af:cb:ea:71:ba:8b:02:c9:
4d:e6:66:70:76:f3:ee:1e:46:2e:ff:0f:5e:7b:c9:
7b:ad:7f:40:4a:d0:2a:d1:7a:41:58:46:35:3a:53:
0d:6b:19:64:ea:b3:b5:5e:8e:cd:99:9a:a5:5e:7c:
87:84:b3:ed:92:1e:b6:33:65:58:ae:af:4b:33:60:
98:ae:c6:55:22:a4:26:34:f0:b6:f3:13:d1:da:ae:
d0:ec:89:45:97:ac:3b:07:b1:a5:be:d3:41:03:24:
d2:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7B:89:48:D3:11:48:1E:50:12:8A:6A:A3:17:35:2B:A5:5D:7A:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8000::/38
Signature Algorithm: sha256WithRSAEncryption
2e:16:87:0b:66:ab:20:16:16:f8:60:22:69:e4:dd:04:49:8d:
a3:a6:2a:e6:42:e2:e1:d1:b6:71:46:5c:49:f1:73:95:32:4b:
77:01:fe:3c:01:fb:c2:cd:bb:48:6a:19:22:00:89:ce:02:e9:
3a:be:59:fc:10:82:a4:7d:0e:3c:9a:38:05:b8:d7:3d:df:30:
1a:32:aa:cd:a6:04:3c:90:bf:99:e5:42:93:cf:aa:4e:e3:6e:
f1:dc:f7:96:a6:c3:bb:51:82:62:d6:7f:e2:fc:68:ad:bf:33:
8e:05:10:e0:f0:d2:81:db:cc:fa:9d:34:05:26:70:1a:e5:1c:
4a:52:7f:c1:af:18:26:1b:d1:60:92:d5:2a:27:95:de:03:21:
be:04:47:d1:b7:de:0b:c3:4d:25:e8:ce:55:1a:49:9b:a7:3f:
61:60:72:b8:86:a4:2f:bc:ed:01:b7:19:d6:43:59:37:0f:b7:
d7:ac:8b:21:da:63:42:c3:d4:76:51:c8:fc:90:b6:3b:17:78:
93:65:26:05:1b:9a:bd:a6:62:68:4e:78:c0:c5:ec:d3:1c:db:
4d:52:ce:18:42:1e:02:ed:d7:ee:f4:ba:7a:0f:f2:24:8b:97:
c7:40:57:43:a4:15:63:30:df:25:b8:a5:f5:c7:17:79:5d:e7:
25:9e:60:41
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNsE6JpoaQrUoHQMf0znphqHRx9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwMDdaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlNzQzMTc4MjNlNzk2YTk2NTNjMWYyMzc1NDVhMGIyYWNjOTQxNjRhNjMy
OGNiMTRiZTg5ZjVlNjMyNzQ3OWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9+Q0zSBKayEkyeylYnlRiTQ4PJvRg1LHymCt2CWoH8H2M96z44U14x+RHy
osTXQab3ERLX9LGdt8zbAbE+rhybpfLTC/FGhsxOatqcsX/kopZ6iyPcS0eOtZdg
kQfwongpJLdvJLAzhHduKI5+odB8SaMFrrVBIBcoN7k61mN+u2jGFiQlB1qxpZRl
UNxUh7GIegE287i02oDUsK/L6nG6iwLJTeZmcHbz7h5GLv8PXnvJe61/QErQKtF6
QVhGNTpTDWsZZOqztV6OzZmapV58h4Sz7ZIetjNlWK6vSzNgmK7GVSKkJjTwtvMT
0dqu0OyJRZesOwexpb7TQQMk0mcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ6e4lI
0xFIHlASimqjFzUrpV16HDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjViMjViMDgtZWMyNC00ZTE4LTg0YzktMDVhYzAzNWIxNWE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCA
MA0GCSqGSIb3DQEBCwUAA4IBAQAuFocLZqsgFhb4YCJp5N0ESY2jpirmQuLh0bZx
RlxJ8XOVMkt3Af48AfvCzbtIahkiAInOAuk6vln8EIKkfQ48mjgFuNc93zAaMqrN
pgQ8kL+Z5UKTz6pO427x3PeWpsO7UYJi1n/i/GitvzOOBRDg8NKB28z6nTQFJnAa
5RxKUn/BrxgmG9FgktUqJ5XeAyG+BEfRt94Lw00l6M5VGkmbpz9hYHK4hqQvvO0B
txnWQ1k3D7fXrIsh2mNCw9R2Ucj8kLY7F3iTZSYFG5q9pmJoTnjAxezTHNtNUs4Y
Qh4C7dfu9Lp6D/Iki5fHQFdDpBVjMN8luKX1xxd5XeclnmBB
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:42 2025 by rpki-client