Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
File: fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa (raw, json)
Hash identifier: VtBSWzyUo9eMsnlsTo/S8uTcndTW4hW/NGmuNIW9xBU=
Subject key identifier: 5A:4D:9A:C0:7D:0E:E3:51:BC:22:4F:FC:1D:89:9E:75:95:D0:5F:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E062BF081675B0B3FD8964135FF81CCA7735708
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
Signing time: Wed 06 Aug 2025 00:51:28 +0000
ROA not before: Wed 06 Aug 2025 00:51:28 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:06:2b:f0:81:67:5b:0b:3f:d8:96:41:35:ff:81:cc:a7:73:57:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:51:28 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=bac88ad8212990982f35a06782b2102c0e0cbe05104292a0b48abbb07d3e867a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3d:ee:e1:00:d7:83:71:4c:8b:99:6d:c1:a2:
e3:04:2e:f7:46:c4:bd:a1:f4:03:27:5a:b1:6e:e6:
d7:64:65:91:30:38:c6:5b:55:90:8f:af:de:5a:71:
2b:36:cb:3d:82:9d:da:82:49:56:87:bb:85:0d:6c:
96:84:70:fd:5b:11:86:14:c1:c8:1a:eb:27:5e:d7:
80:15:b0:f6:07:22:92:5d:67:90:b1:2a:ae:7f:0a:
30:bb:9b:26:0b:b4:51:66:f2:3f:73:31:ce:58:c8:
a9:eb:76:dc:53:ec:bf:a4:0d:2c:9c:14:f4:10:a1:
f5:bf:88:45:77:90:a6:95:54:11:79:68:51:19:9d:
79:d6:f2:c1:1c:b9:56:d3:5b:09:ed:88:f2:51:da:
f5:58:9c:fe:38:11:57:25:a3:88:42:22:0e:91:b5:
ad:29:01:6f:5a:7e:ed:8e:aa:e6:ce:93:24:f9:a1:
b6:2c:57:3f:fb:f1:c7:62:82:db:9d:b2:f1:31:5a:
1f:8c:75:3a:45:c1:9c:d3:0b:5e:3f:32:b2:3f:38:
1d:39:94:08:75:57:95:25:72:79:4b:7b:19:4a:cd:
72:ba:34:60:e2:e8:fd:14:b9:25:c5:11:93:32:6b:
07:61:af:eb:1b:6a:77:43:d7:9e:b3:a5:ad:cb:3d:
c4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:4D:9A:C0:7D:0E:E3:51:BC:22:4F:FC:1D:89:9E:75:95:D0:5F:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd329ab5-ae5c-4b68-a4c6-b82f6ea29dd6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
86:6b:cc:64:e5:38:38:b6:b7:6d:87:5f:fc:f0:d1:be:3b:62:
10:7b:64:fa:55:53:f4:c9:9d:ef:47:ed:be:0b:3b:9e:44:d3:
ab:e8:93:dd:bb:47:49:18:0d:27:2f:a6:ad:07:e4:dd:e3:b1:
0e:89:c2:68:7d:56:f4:80:5d:ed:f0:95:f4:e8:11:87:1b:e1:
09:57:96:78:c6:8f:13:18:f1:eb:09:75:e8:87:c7:b2:f3:c7:
e2:fb:16:c1:74:68:b5:e9:b5:77:76:8a:b2:1f:22:04:e8:f0:
e8:18:98:4f:72:c9:d6:31:54:02:5d:ba:49:7f:57:05:70:0e:
ed:d2:cc:bd:c0:13:2e:47:f9:bf:e3:1d:05:89:6c:25:dd:dc:
81:07:49:47:72:82:70:34:d6:6d:f9:22:8a:1e:fe:8a:fe:3c:
09:a9:40:d4:bc:54:8b:c6:e2:ff:a3:04:ee:f7:cb:fb:59:ff:
c0:3f:96:1b:a4:c0:bc:df:eb:9f:a7:0b:d4:d5:50:48:95:82:
54:69:6a:ea:31:b5:dc:9b:3a:15:38:a6:55:19:78:5a:fe:98:
12:de:18:de:99:62:81:64:a9:c7:7e:b7:5a:76:7f:a1:63:ff:
4f:c6:83:3c:fa:27:4c:ab:35:7e:ee:73:21:ca:c6:b2:a0:ed:
6c:17:85:e0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHgYr8IFnWws/2JZBNf+BzKdzVwgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUxMjhaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhYzg4YWQ4MjEyOTkwOTgyZjM1YTA2NzgyYjIxMDJjMGUwY2JlMDUxMDQy
OTJhMGI0OGFiYmIwN2QzZTg2N2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMM97uEA14NxTIuZbcGi4wQu90bEvaH0AydasW7m12RlkTA4xltVkI+v3lpx
KzbLPYKd2oJJVoe7hQ1sloRw/VsRhhTByBrrJ17XgBWw9gcikl1nkLEqrn8KMLub
Jgu0UWbyP3MxzljIqet23FPsv6QNLJwU9BCh9b+IRXeQppVUEXloURmdedbywRy5
VtNbCe2I8lHa9Vic/jgRVyWjiEIiDpG1rSkBb1p+7Y6q5s6TJPmhtixXP/vxx2KC
252y8TFaH4x1OkXBnNMLXj8ysj84HTmUCHVXlSVyeUt7GUrNcro0YOLo/RS5JcUR
kzJrB2Gv6xtqd0PXnrOlrcs9xJ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRaTZrA
fQ7jUbwiT/wdiZ51ldBfTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmQzMjlhYjUtYWU1Yy00YjY4LWE0YzYtYjgyZjZlYTI5ZGQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCGa8xk5Tg4trdth1/88NG+O2IQe2T6VVP0yZ3v
R+2+CzueRNOr6JPdu0dJGA0nL6atB+Td47EOicJofVb0gF3t8JX06BGHG+EJV5Z4
xo8TGPHrCXXoh8ey88fi+xbBdGi16bV3doqyHyIE6PDoGJhPcsnWMVQCXbpJf1cF
cA7t0sy9wBMuR/m/4x0FiWwl3dyBB0lHcoJwNNZt+SKKHv6K/jwJqUDUvFSLxuL/
owTu98v7Wf/AP5YbpMC83+ufpwvU1VBIlYJUaWrqMbXcmzoVOKZVGXha/pgS3hje
mWKBZKnHfrdadn+hY/9PxoM8+idMqzV+7nMhysayoO1sF4Xg
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:55 2025 by rpki-client