Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcc2c855-ca62-4b4c-a1c6-8b4152bc7a05.roa
File: fcc2c855-ca62-4b4c-a1c6-8b4152bc7a05.roa (raw, json)
Hash identifier: 4XguEeHZ9eba3Fs1t6xA3sInAFQb+innJK6yZZi04xA=
Subject key identifier: 51:E9:EE:FE:8E:93:6A:F9:B8:17:94:A9:9D:83:3A:0A:70:56:E4:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 291E8CF886FCEC31D01C6BD8320ED8878AD6AF06
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcc2c855-ca62-4b4c-a1c6-8b4152bc7a05.roa
Signing time: Tue 05 Aug 2025 19:40:45 +0000
ROA not before: Tue 05 Aug 2025 19:40:45 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:1e:8c:f8:86:fc:ec:31:d0:1c:6b:d8:32:0e:d8:87:8a:d6:af:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:40:45 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=d06c70169b3c534665bfbe95e0d4e6bc8f13a1911e4e3486d56404d47a15069d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:f1:f5:1e:07:77:0c:66:54:be:6d:1c:49:c0:
47:5f:06:14:a1:4a:45:49:33:eb:c9:a6:67:56:95:
9b:9a:65:85:47:5f:f8:fe:9f:3d:84:15:a0:e3:7f:
58:e6:7d:04:e3:35:df:10:b8:f7:23:42:d4:d5:40:
48:a5:a1:b4:ef:58:7a:b1:ff:70:e5:63:ed:6b:95:
bd:22:52:22:3b:de:f0:25:4e:9b:64:fb:18:d3:b5:
81:c9:19:f8:f8:f2:55:b6:12:00:5e:eb:8c:c2:98:
77:a0:f8:ce:4c:e8:62:a9:df:59:cc:e9:a7:62:ea:
41:58:c7:ae:a0:42:5c:d4:fc:1b:82:56:3e:63:e1:
6d:72:16:0f:e3:b4:ce:ed:3c:33:41:b9:2f:c0:e0:
ad:de:8b:07:1c:30:09:76:7b:13:e2:5b:61:15:72:
c2:a9:38:4a:73:ea:0f:8b:85:07:eb:cb:25:36:89:
a9:50:42:ee:6c:3c:f1:cb:dd:89:2b:cf:fb:d5:8c:
e6:e6:4d:a7:7c:22:5f:fb:47:00:97:91:d6:e0:ca:
cd:dc:00:2a:08:ac:1f:ac:f4:c3:22:f7:b9:a0:78:
39:ad:e4:3b:1f:1d:1e:62:00:1d:ba:5c:21:e0:73:
d5:f0:99:02:83:0c:3e:16:24:e5:c6:59:b9:7b:68:
b1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:E9:EE:FE:8E:93:6A:F9:B8:17:94:A9:9D:83:3A:0A:70:56:E4:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcc2c855-ca62-4b4c-a1c6-8b4152bc7a05.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:c000::/40
Signature Algorithm: sha256WithRSAEncryption
3e:7f:42:53:d8:c6:c6:47:a2:5b:12:9b:01:c1:f0:7b:b2:e9:
e0:3f:70:fc:be:20:13:e3:61:61:f1:c7:be:71:b2:83:ea:07:
16:72:69:ad:3c:90:46:90:a7:5c:cb:64:09:4f:32:76:c0:8d:
5b:1b:57:05:7a:c4:a2:b8:c6:94:16:09:6e:47:76:d4:ec:63:
8b:63:f8:ef:b3:e0:61:44:b2:c8:e6:ce:6c:1c:f0:5e:5a:5d:
25:0e:c5:7a:e2:c0:f8:db:55:e4:98:d5:ee:35:d4:56:46:fd:
0a:a7:83:95:2e:23:11:af:5f:a1:0a:cf:d2:36:5f:ed:84:7e:
5e:cb:1d:01:16:24:72:67:61:74:f9:20:93:04:5d:c4:c1:ca:
aa:a5:04:d5:8a:8e:35:80:22:d8:e3:e1:4a:bf:f9:6d:d4:a6:
f9:a3:85:b2:73:ba:bd:c9:de:ce:9c:02:14:65:fa:1a:65:15:
2d:fd:23:66:28:8d:04:e5:77:1a:ca:88:e7:da:fe:72:37:c4:
00:74:8e:2f:34:47:de:fd:12:78:4b:90:2c:f0:d0:50:e2:73:
5b:ed:38:81:19:d3:1f:74:2e:d7:c5:92:81:92:11:d6:14:a6:
98:ca:b8:f8:06:eb:d8:a1:67:c8:ef:94:75:6f:13:cf:7b:14:
29:49:0e:d6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKR6M+Ib87DHQHGvYMg7Yh4rWrwYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQwNDVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwNmM3MDE2OWIzYzUzNDY2NWJmYmU5NWUwZDRlNmJjOGYxM2ExOTExZTRl
MzQ4NmQ1NjQwNGQ0N2ExNTA2OWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO/x9R4HdwxmVL5tHEnAR18GFKFKRUkz68mmZ1aVm5plhUdf+P6fPYQVoON/
WOZ9BOM13xC49yNC1NVASKWhtO9YerH/cOVj7WuVvSJSIjve8CVOm2T7GNO1gckZ
+PjyVbYSAF7rjMKYd6D4zkzoYqnfWczpp2LqQVjHrqBCXNT8G4JWPmPhbXIWD+O0
zu08M0G5L8Dgrd6LBxwwCXZ7E+JbYRVywqk4SnPqD4uFB+vLJTaJqVBC7mw88cvd
iSvP+9WM5uZNp3wiX/tHAJeR1uDKzdwAKgisH6z0wyL3uaB4Oa3kOx8dHmIAHbpc
IeBz1fCZAoMMPhYk5cZZuXtosdECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRR6e7+
jpNq+bgXlKmdgzoKcFbkKzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNjMmM4NTUtY2E2Mi00YjRjLWExYzYtOGI0MTUyYmM3YTA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HXA
MA0GCSqGSIb3DQEBCwUAA4IBAQA+f0JT2MbGR6JbEpsBwfB7sungP3D8viAT42Fh
8ce+cbKD6gcWcmmtPJBGkKdcy2QJTzJ2wI1bG1cFesSiuMaUFgluR3bU7GOLY/jv
s+BhRLLI5s5sHPBeWl0lDsV64sD421XkmNXuNdRWRv0Kp4OVLiMRr1+hCs/SNl/t
hH5eyx0BFiRyZ2F0+SCTBF3EwcqqpQTVio41gCLY4+FKv/lt1Kb5o4Wyc7q9yd7O
nAIUZfoaZRUt/SNmKI0E5Xcayojn2v5yN8QAdI4vNEfe/RJ4S5As8NBQ4nNb7TiB
GdMfdC7XxZKBkhHWFKaYyrj4BuvYoWfI75R1bxPPexQpSQ7W
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:17 2025 by rpki-client