Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
File: f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa (raw, json)
Hash identifier: GhyjjoUsrCT4CgDDaXrmrWFNOxk/R4jI8oMLzE3TsxQ=
Subject key identifier: 05:43:04:AD:88:ED:BB:27:6C:4E:6F:2B:40:E8:ED:22:0C:0E:1A:46
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A3E3261545C9C807B7F85F5F830D60A5E3B2FC6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
Signing time: Tue 05 Aug 2025 18:40:53 +0000
ROA not before: Tue 05 Aug 2025 18:40:53 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:3e:32:61:54:5c:9c:80:7b:7f:85:f5:f8:30:d6:0a:5e:3b:2f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:40:53 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=e18d095d20352223cc5082db46de4e9fbe7ab362a5ffd5de27820209e11040c3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b9:98:49:7e:62:df:1c:2f:da:65:33:56:9e:
97:8d:2b:8a:a5:5d:bf:43:be:9f:03:4c:b2:28:17:
b2:d9:04:be:49:1b:b1:5f:50:ed:0d:69:d9:f2:e1:
0c:e0:3f:ab:80:b4:fc:a8:19:55:7d:f4:3e:11:1f:
cc:00:51:2d:9f:c2:d4:11:66:b9:fc:d5:67:d0:6b:
7b:12:44:7f:99:ce:0b:59:bc:28:07:6a:0e:f9:78:
b6:cf:a0:63:ba:8e:bf:8a:34:9f:ee:e1:58:0d:40:
49:96:a4:91:0d:70:3a:91:fe:d4:93:0f:e4:13:02:
8b:48:42:fc:5a:95:62:01:02:4f:d1:9a:f4:3a:8d:
ef:c1:24:c4:cc:5c:b2:2a:71:bd:b7:7c:b2:61:d2:
8c:ce:37:e3:80:c9:f4:12:47:c5:24:14:77:66:26:
b7:60:fe:5a:5c:44:ce:e7:6c:f5:7d:3f:a7:0c:39:
a9:a1:66:94:f9:f6:92:50:4c:37:d2:c1:d8:4b:33:
74:65:91:c2:a7:3b:e4:b7:b4:0d:0d:72:f1:b4:ac:
49:a5:91:34:71:e9:98:5a:56:94:5d:2b:0c:07:c9:
32:dd:ce:b2:7b:a5:16:52:34:05:bf:99:5c:9c:1e:
e8:7f:62:b8:e7:25:38:e3:96:76:65:0d:40:7c:09:
d2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:43:04:AD:88:ED:BB:27:6C:4E:6F:2B:40:E8:ED:22:0C:0E:1A:46
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5e64938-fc2d-4971-b2da-aabc9fe556fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6040::/48
Signature Algorithm: sha256WithRSAEncryption
13:2c:8d:35:ed:da:02:d5:1d:10:96:32:ef:a4:00:85:e5:88:
94:ba:3a:7e:6b:ce:d7:ea:d5:e6:7c:ac:b5:fe:4d:69:68:6f:
b9:6e:b5:1e:ee:5d:ac:9d:b9:28:19:1a:fd:9b:4b:47:c5:20:
78:94:41:77:43:00:8d:1b:26:bb:1a:d1:58:77:f9:63:5d:7c:
6b:4f:e4:1d:d5:4a:41:c8:1b:1a:f0:a2:9b:78:7e:d6:d3:d1:
d9:d2:b4:9a:3a:b9:2d:2d:09:a4:c7:9b:dd:11:45:33:2d:36:
8b:94:4d:39:fe:43:32:ba:aa:40:b5:67:fc:6b:4b:57:d1:a1:
51:7b:63:9a:a9:b2:aa:f4:e6:eb:56:a7:85:a9:3e:52:29:45:
92:79:b2:7a:fc:59:f3:6c:04:4e:9f:67:8d:6e:e3:62:aa:9a:
9f:fb:6b:38:f1:49:dd:4f:37:fb:bc:ec:b9:ac:d3:01:7e:28:
1d:cb:ce:6e:a3:cc:e3:aa:6e:e3:0c:99:37:4b:55:a5:06:47:
d0:50:42:52:d7:e5:1d:15:54:9b:14:55:0e:54:14:0a:3c:d4:
9e:7f:ad:0f:c2:4d:1a:28:b2:03:63:db:5a:e0:68:4c:39:1a:
f8:29:ac:4f:31:22:52:2b:c4:3c:71:48:97:65:11:3b:c1:86:
0d:bb:e6:ab
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCj4yYVRcnIB7f4X1+DDWCl47L8YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQwNTNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxOGQwOTVkMjAzNTIyMjNjYzUwODJkYjQ2ZGU0ZTlmYmU3YWIzNjJhNWZm
ZDVkZTI3ODIwMjA5ZTExMDQwYzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL25mEl+Yt8cL9plM1ael40riqVdv0O+nwNMsigXstkEvkkbsV9Q7Q1p2fLh
DOA/q4C0/KgZVX30PhEfzABRLZ/C1BFmufzVZ9BrexJEf5nOC1m8KAdqDvl4ts+g
Y7qOv4o0n+7hWA1ASZakkQ1wOpH+1JMP5BMCi0hC/FqVYgECT9Ga9DqN78EkxMxc
sipxvbd8smHSjM4344DJ9BJHxSQUd2Ymt2D+WlxEzuds9X0/pww5qaFmlPn2klBM
N9LB2EszdGWRwqc75Le0DQ1y8bSsSaWRNHHpmFpWlF0rDAfJMt3OsnulFlI0Bb+Z
XJwe6H9iuOclOOOWdmUNQHwJ0ncCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQFQwSt
iO27J2xObytA6O0iDA4aRjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjVlNjQ5MzgtZmMyZC00OTcxLWIyZGEtYWFiYzlmZTU1NmZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
QDANBgkqhkiG9w0BAQsFAAOCAQEAEyyNNe3aAtUdEJYy76QAheWIlLo6fmvO1+rV
5nystf5NaWhvuW61Hu5drJ25KBka/ZtLR8UgeJRBd0MAjRsmuxrRWHf5Y118a0/k
HdVKQcgbGvCim3h+1tPR2dK0mjq5LS0JpMeb3RFFMy02i5RNOf5DMrqqQLVn/GtL
V9GhUXtjmqmyqvTm61anhak+UilFknmyevxZ82wETp9njW7jYqqan/trOPFJ3U83
+7zsuazTAX4oHcvObqPM46pu4wyZN0tVpQZH0FBCUtflHRVUmxRVDlQUCjzUnn+t
D8JNGiiyA2PbWuBoTDka+CmsTzEiUivEPHFIl2URO8GGDbvmqw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:26:28 2025 by rpki-client