Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
File: 543bc67d-08f9-4a99-bf5e-68100e034395.roa (raw, json)
Hash identifier: gOPJLUL1hWqp3iMByqQxKLJYVOAB2ZEF8MPKK3fASJ4=
Subject key identifier: 72:A3:F8:CA:5C:78:68:30:F6:AD:5C:CD:C0:97:A4:11:5E:B8:C9:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5EF3D2F7E12EDAAFF4BA63F9CD0F38D55D8DC167
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
Signing time: Fri 11 Jul 2025 19:10:15 +0000
ROA not before: Fri 11 Jul 2025 19:10:15 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:f3:d2:f7:e1:2e:da:af:f4:ba:63:f9:cd:0f:38:d5:5d:8d:c1:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:10:15 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=9cf949f541a765e50277cbef95c0d9dcf4ae98bfdfaeffc7dd51e8373061c900, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:17:e8:36:73:43:49:c8:1f:66:c4:4d:25:34:
77:cb:1a:39:85:b6:cd:36:0a:cc:39:28:c8:bc:ac:
3d:52:70:0a:d1:87:50:fd:af:f8:28:b9:f1:2d:05:
c4:b4:7c:ca:45:58:17:3d:eb:85:04:6f:fb:70:92:
dc:9b:9a:5d:a6:ac:6a:2d:6c:91:bd:5f:00:09:f5:
91:81:ed:0d:91:50:37:c7:e1:0d:c2:0b:c9:46:c3:
64:f2:56:af:ca:47:e0:af:2a:17:c4:b8:9e:70:85:
1b:2f:ae:a7:c0:e1:cb:b6:20:ed:9c:f5:5b:26:b7:
0b:05:c5:04:a8:54:4d:f4:a1:2e:44:02:98:0f:43:
9d:b3:b8:57:ca:67:7b:cd:28:72:99:03:c2:dd:19:
dc:44:a3:1d:b6:c9:ba:9d:03:e8:73:1a:ee:13:ad:
0f:18:2b:25:93:f2:10:0c:55:24:e0:f1:df:3b:17:
35:4e:7a:45:17:76:9a:50:32:d5:ba:0e:25:b5:0d:
66:8f:bf:d0:4a:3e:47:7c:02:d2:32:2d:e8:82:49:
db:b3:79:3b:4a:88:cd:70:27:80:f9:9a:d6:dd:a3:
69:7d:5b:37:40:fc:c1:0f:7e:fc:41:d9:d0:91:6b:
47:22:0e:3d:d4:a3:a6:38:39:5f:e0:0d:bf:e4:e7:
f9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A3:F8:CA:5C:78:68:30:F6:AD:5C:CD:C0:97:A4:11:5E:B8:C9:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4080::/48
Signature Algorithm: sha256WithRSAEncryption
45:90:b8:73:11:24:e2:db:1c:d1:86:31:fc:bc:7b:12:df:e2:
e2:fc:a4:eb:a6:87:2d:8f:fe:9e:5c:a8:88:5f:39:dd:06:ee:
8a:5e:a8:ea:ba:4b:8f:f1:c8:60:de:0f:c0:12:22:c3:4f:c2:
ff:49:a1:9e:72:72:a7:21:0a:25:33:51:3e:19:49:a8:06:01:
71:2a:f7:db:7d:ad:5e:d6:d1:18:3d:c5:bf:19:e6:46:ea:0b:
3e:a6:ed:81:d3:13:2d:4f:c3:80:67:37:fd:ff:99:ba:18:0e:
b2:77:7e:10:9e:0a:aa:89:a7:53:e4:2e:e7:f2:08:96:c5:e5:
34:54:a2:72:25:c0:9c:c0:3f:79:b8:45:ba:fd:ea:50:da:95:
c5:89:c6:19:65:fc:64:6d:f7:94:6b:51:26:6c:3b:b3:8a:90:
d4:6b:c4:09:9c:66:1d:c2:db:59:c1:d5:ad:55:5e:f6:65:44:
a2:c9:e8:55:9a:71:01:62:26:19:56:6d:7f:ce:f4:92:85:0a:
b7:2d:e1:fe:0f:0d:70:a3:f9:ba:33:f9:5a:f7:8f:2d:e5:6b:
c6:74:76:b6:a5:68:e9:8e:01:d7:36:c8:0b:22:ee:1a:c7:47:
41:5b:2d:9e:c3:c4:c7:f8:00:1e:b6:e8:20:98:ad:32:78:a8:
99:6f:f6:56
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXvPS9+Eu2q/0umP5zQ841V2NwWcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTEwMTVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDljZjk0OWY1NDFhNzY1ZTUwMjc3Y2JlZjk1YzBkOWRjZjRhZTk4YmZkZmFl
ZmZjN2RkNTFlODM3MzA2MWM5MDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcX6DZzQ0nIH2bETSU0d8saOYW2zTYKzDkoyLysPVJwCtGHUP2v+Ci58S0F
xLR8ykVYFz3rhQRv+3CS3JuaXaasai1skb1fAAn1kYHtDZFQN8fhDcILyUbDZPJW
r8pH4K8qF8S4nnCFGy+up8Dhy7Yg7Zz1Wya3CwXFBKhUTfShLkQCmA9DnbO4V8pn
e80ocpkDwt0Z3ESjHbbJup0D6HMa7hOtDxgrJZPyEAxVJODx3zsXNU56RRd2mlAy
1boOJbUNZo+/0Eo+R3wC0jIt6IJJ27N5O0qIzXAngPma1t2jaX1bN0D8wQ9+/EHZ
0JFrRyIOPdSjpjg5X+ANv+Tn+S8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRyo/jK
XHhoMPatXM3Al6QRXrjJWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQzYmM2N2QtMDhmOS00YTk5LWJmNWUtNjgxMDBlMDM0Mzk1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
gDANBgkqhkiG9w0BAQsFAAOCAQEARZC4cxEk4tsc0YYx/Lx7Et/i4vyk66aHLY/+
nlyoiF853Qbuil6o6rpLj/HIYN4PwBIiw0/C/0mhnnJypyEKJTNRPhlJqAYBcSr3
232tXtbRGD3FvxnmRuoLPqbtgdMTLU/DgGc3/f+ZuhgOsnd+EJ4KqomnU+Qu5/II
lsXlNFSiciXAnMA/ebhFuv3qUNqVxYnGGWX8ZG33lGtRJmw7s4qQ1GvECZxmHcLb
WcHVrVVe9mVEosnoVZpxAWImGVZtf870koUKty3h/g8NcKP5ujP5WvePLeVrxnR2
tqVo6Y4B1zbICyLuGsdHQVstnsPEx/gAHrboIJitMniomW/2Vg==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:15 2025 by rpki-client