Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
File: 52b24640-f60c-42e4-9476-345e951e2387.roa (raw, json)
Hash identifier: lFGnJbCvzZNqqRA+xpkVljJVC8945dqfQbPySuPkPOo=
Subject key identifier: 9F:56:01:7E:9A:FC:3C:9E:F5:F6:54:FE:40:EB:19:2E:42:9C:79:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6457A5AFE73F5C4B39D96D949A2FF2BEFD19E10D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
Signing time: Fri 11 Jul 2025 18:50:16 +0000
ROA not before: Fri 11 Jul 2025 18:50:16 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:57:a5:af:e7:3f:5c:4b:39:d9:6d:94:9a:2f:f2:be:fd:19:e1:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:50:16 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=6b5eacdcca2fc16cbd82c32efc31bbada841850b2b5657aa3d5e04e3de3f129f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:44:39:aa:5d:73:50:80:61:65:ab:54:cd:38:
68:ff:78:d0:1d:a7:58:97:20:ae:b1:7b:04:88:ff:
ed:18:8c:bd:61:e0:66:43:73:c6:68:63:43:8e:cd:
cd:c8:37:44:72:a4:f4:cd:06:70:47:7c:d7:f3:9e:
86:7b:da:1d:8a:1b:89:d8:2c:e0:b0:6e:bd:07:a2:
71:b8:45:10:d3:7a:7a:47:d7:61:ff:0f:0c:5a:08:
03:5d:ec:0d:78:16:3d:42:df:6a:b0:10:49:50:ed:
dd:a7:c4:9c:99:39:1d:7e:01:f9:dd:dc:95:f0:32:
5b:35:63:6f:90:65:a9:26:2f:30:27:a8:4b:fe:79:
57:60:f7:0a:3f:ab:db:cf:13:c8:4a:52:76:62:84:
d6:aa:8b:4b:16:37:0e:92:11:01:77:b5:18:90:cc:
03:4f:44:6a:d6:23:49:a2:d4:19:aa:3e:ad:bc:ab:
12:93:12:fc:28:e3:3b:84:b4:78:55:91:ec:f8:14:
08:8c:7d:ac:31:b7:56:35:d2:5b:e9:ef:82:91:cb:
d9:93:a4:14:57:f6:42:65:a6:7a:9e:cb:fe:05:27:
60:68:71:cc:94:36:e2:de:95:4f:fe:86:b9:b8:8d:
f6:a1:9c:b3:a4:3c:17:a1:9f:96:38:3f:e0:87:27:
0e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:56:01:7E:9A:FC:3C:9E:F5:F6:54:FE:40:EB:19:2E:42:9C:79:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52b24640-f60c-42e4-9476-345e951e2387.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:5040::/48
Signature Algorithm: sha256WithRSAEncryption
60:29:c3:71:37:b6:c4:bd:20:8f:38:4c:bf:fc:5b:e2:03:90:
df:a8:03:53:7e:d5:31:06:e9:b9:7f:be:2b:88:bf:90:5e:8d:
fd:07:13:52:1d:41:2e:3d:a2:a4:6b:8f:62:3d:ea:77:d5:a3:
4a:c4:a8:7f:84:57:67:ab:85:ea:79:62:39:b0:2f:37:d0:6b:
64:66:11:ec:1c:df:99:07:ab:75:00:5d:09:b7:23:18:74:54:
a3:a1:62:33:e1:bf:4f:4b:4d:d1:a7:7c:ad:4a:78:d1:9e:19:
40:2c:9e:58:e5:77:4a:34:af:4e:bc:f8:de:39:31:7e:41:f6:
5a:62:5e:77:e9:ff:3b:c0:1b:a6:24:0d:66:22:e0:47:07:52:
89:c5:f2:82:c5:f0:16:dc:1c:75:ad:92:80:5a:34:79:1c:ed:
74:78:82:c1:b7:51:49:c7:ca:5b:81:97:5c:bf:3d:71:9e:76:
24:58:38:e8:a2:ec:c7:30:3e:0a:f2:c7:22:67:25:e7:45:44:
aa:58:86:d6:08:6f:0e:d4:d6:d1:18:23:d7:7d:94:01:a6:f9:
28:39:4a:3f:cf:61:56:db:40:a5:58:b5:f6:d4:bc:ae:c2:fb:
91:20:eb:31:dc:c2:d9:27:a2:47:67:db:a5:51:29:96:b6:b9:
09:66:5c:28
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZFelr+c/XEs52W2Umi/yvv0Z4Q0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODUwMTZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiNWVhY2RjY2EyZmMxNmNiZDgyYzMyZWZjMzFiYmFkYTg0MTg1MGIyYjU2
NTdhYTNkNWUwNGUzZGUzZjEyOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFEOapdc1CAYWWrVM04aP940B2nWJcgrrF7BIj/7RiMvWHgZkNzxmhjQ47N
zcg3RHKk9M0GcEd81/OehnvaHYobidgs4LBuvQeicbhFENN6ekfXYf8PDFoIA13s
DXgWPULfarAQSVDt3afEnJk5HX4B+d3clfAyWzVjb5BlqSYvMCeoS/55V2D3Cj+r
288TyEpSdmKE1qqLSxY3DpIRAXe1GJDMA09EatYjSaLUGao+rbyrEpMS/CjjO4S0
eFWR7PgUCIx9rDG3VjXSW+nvgpHL2ZOkFFf2QmWmep7L/gUnYGhxzJQ24t6VT/6G
ubiN9qGcs6Q8F6Gfljg/4IcnDkMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSfVgF+
mvw8nvX2VP5A6xkuQpx5kzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTJiMjQ2NDAtZjYwYy00MmU0LTk0NzYtMzQ1ZTk1MWUyMzg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAYCnDcTe2xL0gjzhMv/xb4gOQ36gDU37VMQbp
uX++K4i/kF6N/QcTUh1BLj2ipGuPYj3qd9WjSsSof4RXZ6uF6nliObAvN9BrZGYR
7BzfmQerdQBdCbcjGHRUo6FiM+G/T0tN0ad8rUp40Z4ZQCyeWOV3SjSvTrz43jkx
fkH2WmJed+n/O8AbpiQNZiLgRwdSicXygsXwFtwcda2SgFo0eRztdHiCwbdRScfK
W4GXXL89cZ52JFg46KLsxzA+CvLHImcl50VEqliG1ghvDtTW0Rgj132UAab5KDlK
P89hVttApVi19tS8rsL7kSDrMdzC2SeiR2fbpVEplra5CWZcKA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:46:49 2025 by rpki-client