Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54aaecbd-f237-4e42-9d78-c366846bfd11.roa
File: 54aaecbd-f237-4e42-9d78-c366846bfd11.roa (raw, json)
Hash identifier: AQRurScNke3PbFoy95uWSkDd9oEPj7zxqjL7ndkgvmQ=
Subject key identifier: E2:9C:DA:25:8E:75:45:CD:1E:C5:15:11:55:61:4E:6B:41:B1:8F:43
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5EB961185141C4DCAD500295726747D66846B3EC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54aaecbd-f237-4e42-9d78-c366846bfd11.roa
Signing time: Fri 11 Jul 2025 19:50:48 +0000
ROA not before: Fri 11 Jul 2025 19:50:48 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:b9:61:18:51:41:c4:dc:ad:50:02:95:72:67:47:d6:68:46:b3:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:50:48 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=c97faf891c97c07062da4baceac08ca30b4c7c8879406aa274645a5931c5a374, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7b:ab:9a:e1:50:ec:3e:5a:8f:dd:62:19:93:
59:eb:78:85:ca:65:62:fc:2c:8f:3a:f5:72:13:bb:
02:dc:c9:32:70:8d:7f:9c:80:5c:b2:d3:2c:79:1b:
56:b0:8a:c6:a9:64:99:55:78:60:25:f0:e8:d5:c2:
4e:9c:83:70:29:d3:09:6a:42:fa:41:ea:d8:14:54:
50:af:fd:15:14:6d:b3:42:81:bd:b5:f6:bd:93:04:
f6:c4:fa:82:4c:dc:e4:89:9f:8c:85:58:79:3a:41:
b7:c9:f8:ef:cc:f3:9e:76:27:e2:35:12:22:88:2f:
1e:fb:a7:d9:8d:54:e7:9c:8b:2f:ae:4f:0f:26:a7:
90:5d:e6:40:b2:29:bd:42:28:e9:3b:a4:03:fd:57:
6d:56:66:68:95:d7:ab:bb:b9:80:b0:99:47:f8:6b:
1b:c8:12:5a:61:9a:1a:5d:e0:7d:4c:fd:52:08:58:
ed:d5:d9:a3:43:72:68:d2:8f:84:68:35:63:a1:b0:
7a:b4:d1:a9:8a:07:cb:f4:61:3d:3a:ab:23:bf:9f:
68:42:9f:bb:51:fc:75:f4:e2:6b:c9:29:0d:31:38:
86:b7:98:3d:3b:b8:ae:cb:c9:8b:72:03:08:d1:ed:
78:51:49:4d:d6:14:8b:85:52:bd:47:4d:32:e6:87:
95:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:9C:DA:25:8E:75:45:CD:1E:C5:15:11:55:61:4E:6B:41:B1:8F:43
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/54aaecbd-f237-4e42-9d78-c366846bfd11.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:a000::/40
Signature Algorithm: sha256WithRSAEncryption
b9:0f:cb:e2:2a:89:b1:2d:ed:6a:3e:5e:2d:04:b5:b6:ab:87:
61:eb:b0:57:37:5d:7c:27:98:b2:43:59:3c:03:6e:5a:5d:82:
fd:b0:fc:6f:51:ae:9a:9d:aa:bc:d9:41:1a:92:22:21:05:0b:
19:bc:ac:07:de:60:5e:61:6f:f3:bf:e0:b6:7c:27:a2:6e:f2:
ce:8d:bd:a5:fa:e0:55:4a:2e:5a:2c:d6:8b:ac:ee:1c:40:42:
bb:ec:9e:f9:b4:06:a6:e7:ed:73:d2:9f:44:53:31:db:ac:23:
9d:4f:42:4b:41:77:56:15:30:a9:d0:6c:f6:26:b6:ef:32:a9:
90:d9:59:35:f3:10:6a:ad:5f:f2:41:f6:00:ec:dd:ea:31:99:
21:60:1c:02:22:70:87:e2:db:a0:be:6c:48:b7:28:06:c1:11:
ca:5c:2a:a5:2a:b5:4f:65:44:35:20:f3:3e:b7:84:89:c5:73:
57:d2:6f:b0:1d:c3:ce:a6:f9:2b:c9:3e:1c:8d:92:4d:5a:dd:
b8:bc:ca:9f:20:17:57:28:20:d2:32:29:20:60:7a:92:fe:66:
9e:6e:99:65:ff:df:77:ab:05:93:f6:53:4d:d2:77:a3:9e:9f:
95:5d:aa:7f:34:07:00:b0:6b:9f:77:3d:a7:c2:26:c7:be:57:
6e:6f:01:51
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXrlhGFFBxNytUAKVcmdH1mhGs+wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUwNDhaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5N2ZhZjg5MWM5N2MwNzA2MmRhNGJhY2VhYzA4Y2EzMGI0YzdjODg3OTQw
NmFhMjc0NjQ1YTU5MzFjNWEzNzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKd7q5rhUOw+Wo/dYhmTWet4hcplYvwsjzr1chO7AtzJMnCNf5yAXLLTLHkb
VrCKxqlkmVV4YCXw6NXCTpyDcCnTCWpC+kHq2BRUUK/9FRRts0KBvbX2vZME9sT6
gkzc5ImfjIVYeTpBt8n478zznnYn4jUSIogvHvun2Y1U55yLL65PDyankF3mQLIp
vUIo6TukA/1XbVZmaJXXq7u5gLCZR/hrG8gSWmGaGl3gfUz9UghY7dXZo0NyaNKP
hGg1Y6GwerTRqYoHy/RhPTqrI7+faEKfu1H8dfTia8kpDTE4hreYPTu4rsvJi3ID
CNHteFFJTdYUi4VSvUdNMuaHleECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTinNol
jnVFzR7FFRFVYU5rQbGPQzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTRhYWVjYmQtZjIzNy00ZTQyLTlkNzgtYzM2Njg0NmJmZDExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Heg
MA0GCSqGSIb3DQEBCwUAA4IBAQC5D8viKomxLe1qPl4tBLW2q4dh67BXN118J5iy
Q1k8A25aXYL9sPxvUa6anaq82UEakiIhBQsZvKwH3mBeYW/zv+C2fCeibvLOjb2l
+uBVSi5aLNaLrO4cQEK77J75tAam5+1z0p9EUzHbrCOdT0JLQXdWFTCp0Gz2Jrbv
MqmQ2Vk18xBqrV/yQfYA7N3qMZkhYBwCInCH4tugvmxItygGwRHKXCqlKrVPZUQ1
IPM+t4SJxXNX0m+wHcPOpvkryT4cjZJNWt24vMqfIBdXKCDSMikgYHqS/maebpll
/993qwWT9lNN0nejnp+VXap/NAcAsGufdz2nwibHvldubwFR
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:44 2025 by rpki-client