Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03416ce5-042a-4b8b-81dd-819c5e1cdf09.roa
File: 03416ce5-042a-4b8b-81dd-819c5e1cdf09.roa (raw, json)
Hash identifier: 6r18PSplv3Jnl2mf9iP98c9IZsi7n4XmhIsC66FWyNw=
Subject key identifier: 6E:C0:36:02:88:6E:2F:DA:00:F5:1D:2A:55:8B:C0:A8:D2:BF:3B:F9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B0FEB4D0A7053CB0A8792FBE593DF52F6A24011
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03416ce5-042a-4b8b-81dd-819c5e1cdf09.roa
Signing time: Fri 11 Jul 2025 19:21:16 +0000
ROA not before: Fri 11 Jul 2025 19:21:16 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:0f:eb:4d:0a:70:53:cb:0a:87:92:fb:e5:93:df:52:f6:a2:40:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:21:16 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=53b1bbd0d7963b0de805182e07c2aa7706ed9280c289c3ce199fb1501ea38976, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8c:df:02:05:d8:68:96:97:40:64:ab:8d:0b:
1d:6c:12:f1:f7:df:5b:b0:06:49:78:ff:73:43:50:
c3:77:97:ef:9f:3f:d3:c3:c3:13:a8:e2:9e:dc:b6:
32:83:4f:33:df:52:f6:84:3a:e0:52:ba:69:94:5d:
4f:b7:25:14:d1:95:97:38:71:24:18:56:81:16:62:
0e:16:d9:39:7c:9c:af:10:3e:5f:3f:28:26:2a:19:
58:6e:cd:b6:8d:e8:9b:aa:00:f8:a3:d6:cc:93:37:
5b:17:c9:35:a9:6b:d0:3a:4c:5e:cc:59:07:04:67:
65:34:18:1d:2d:4b:6b:4d:cc:4a:18:34:03:e6:26:
f4:f0:fa:9c:1e:56:c3:3f:7d:f1:7a:8d:8f:27:15:
62:e7:47:c4:cb:d3:86:7d:58:66:3c:bd:00:70:dc:
ec:d1:30:17:e3:dc:8e:ab:92:07:ec:5c:a1:a5:7f:
aa:51:ab:1f:5d:6e:6e:a7:37:5c:4b:54:7b:aa:f3:
48:4e:e2:2d:7a:60:04:a3:e7:1e:38:cf:ea:b3:ac:
3f:13:5e:42:7a:0a:65:11:de:37:85:78:bb:43:26:
80:72:d4:6e:00:39:01:e3:d9:ea:a7:e9:c6:f0:07:
cc:69:94:99:08:18:6d:af:8c:3b:51:4a:ac:86:10:
13:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C0:36:02:88:6E:2F:DA:00:F5:1D:2A:55:8B:C0:A8:D2:BF:3B:F9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03416ce5-042a-4b8b-81dd-819c5e1cdf09.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8040::/48
Signature Algorithm: sha256WithRSAEncryption
1f:b7:e2:91:57:27:1b:60:a6:8d:bd:e5:a2:a2:c7:58:5d:89:
44:b1:a2:f4:ba:ab:50:f1:e7:1d:f1:60:f3:17:fa:8b:62:33:
99:40:10:77:1f:00:bb:9a:0e:91:b3:2c:23:56:1f:b5:22:af:
f7:58:1c:64:40:6f:fd:96:76:cc:67:78:48:c6:8d:75:ba:67:
48:fc:1d:4b:38:b9:02:20:e4:9f:9a:6f:54:3f:15:ef:e8:92:
88:35:9f:29:eb:73:b5:a2:93:ff:4a:95:40:f7:50:6a:72:ac:
51:46:ec:1a:5f:ca:78:c3:33:71:31:29:2e:e1:4b:39:15:d2:
30:ad:54:4b:40:10:26:0b:85:a5:7c:af:11:0f:a2:cb:2d:a7:
7b:bb:f2:53:33:2a:05:cb:5b:fa:b4:79:15:cf:f1:43:52:0a:
ea:11:a0:3e:04:03:a2:c8:f1:f7:17:57:2c:b3:8f:43:04:4f:
6c:7c:96:04:60:91:0a:e3:1c:a3:49:f6:65:12:58:1d:72:e5:
35:0d:7a:ff:7b:8f:f4:48:4d:b1:23:99:d7:f8:c2:65:ff:42:
0e:bb:eb:38:5a:c6:60:40:6f:9b:5d:ed:3d:06:dc:8c:13:b1:
fa:9c:34:dd:53:b0:5d:e5:28:e2:14:3e:20:11:78:e7:b3:57:
b5:43:99:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWw/rTQpwU8sKh5L75ZPfUvaiQBEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIxMTZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzYjFiYmQwZDc5NjNiMGRlODA1MTgyZTA3YzJhYTc3MDZlZDkyODBjMjg5
YzNjZTE5OWZiMTUwMWVhMzg5NzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+M3wIF2GiWl0Bkq40LHWwS8fffW7AGSXj/c0NQw3eX758/08PDE6jinty2
MoNPM99S9oQ64FK6aZRdT7clFNGVlzhxJBhWgRZiDhbZOXycrxA+Xz8oJioZWG7N
to3om6oA+KPWzJM3WxfJNalr0DpMXsxZBwRnZTQYHS1La03MShg0A+Ym9PD6nB5W
wz998XqNjycVYudHxMvThn1YZjy9AHDc7NEwF+PcjquSB+xcoaV/qlGrH11ubqc3
XEtUe6rzSE7iLXpgBKPnHjjP6rOsPxNeQnoKZRHeN4V4u0MmgHLUbgA5AePZ6qfp
xvAHzGmUmQgYba+MO1FKrIYQEwkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRuwDYC
iG4v2gD1HSpVi8Co0r87+TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDM0MTZjZTUtMDQyYS00YjhiLTgxZGQtODE5YzVlMWNkZjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
QDANBgkqhkiG9w0BAQsFAAOCAQEAH7fikVcnG2Cmjb3loqLHWF2JRLGi9LqrUPHn
HfFg8xf6i2IzmUAQdx8Au5oOkbMsI1YftSKv91gcZEBv/ZZ2zGd4SMaNdbpnSPwd
Szi5AiDkn5pvVD8V7+iSiDWfKetztaKT/0qVQPdQanKsUUbsGl/KeMMzcTEpLuFL
ORXSMK1US0AQJguFpXyvEQ+iyy2ne7vyUzMqBctb+rR5Fc/xQ1IK6hGgPgQDosjx
9xdXLLOPQwRPbHyWBGCRCuMco0n2ZRJYHXLlNQ16/3uP9EhNsSOZ1/jCZf9CDrvr
OFrGYEBvm13tPQbcjBOx+pw03VOwXeUo4hQ+IBF457NXtUOZjw==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:48 2025 by rpki-client