Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/593bb6f2-1ee0-4352-97de-e329502838f7.roa
File: 593bb6f2-1ee0-4352-97de-e329502838f7.roa (raw, json)
Hash identifier: XKWnjA7ghVBcMsO38S1c95LNYBiiYEnUdTOTd2JIpYw=
Subject key identifier: B4:AB:7A:F5:89:04:E0:2B:CF:33:83:D9:CF:B6:E0:82:D2:EB:82:D7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10434416FD3BFFBEEF2CE24ADD65D7B8F7481635
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/593bb6f2-1ee0-4352-97de-e329502838f7.roa
Signing time: Mon 07 Jul 2025 18:21:04 +0000
ROA not before: Mon 07 Jul 2025 18:21:04 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:43:44:16:fd:3b:ff:be:ef:2c:e2:4a:dd:65:d7:b8:f7:48:16:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:21:04 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=185d54429493d254505f81ee3892d46f3f645b4e4d39917f47ab4938c31e5fee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0a:b2:4b:f6:ed:eb:06:42:fb:b8:35:22:54:
47:24:b4:b0:f8:93:e8:7f:2e:d8:f9:07:f5:8a:d6:
7b:b4:0f:18:82:fc:bf:ef:cb:d6:11:92:01:31:2c:
95:14:d3:f8:82:37:ad:94:ff:2d:8f:42:c9:d0:fa:
c6:2a:ab:13:97:38:01:ec:9c:12:36:33:42:fd:01:
3f:70:5f:57:04:72:58:f2:4b:0b:b9:4f:db:bb:a3:
f6:f0:11:da:7e:2d:30:b2:4b:9a:96:05:84:95:a2:
36:b3:00:45:b0:2c:f0:95:a6:89:93:b7:cc:5b:5f:
8f:83:51:03:f2:79:a3:2d:4c:af:e8:b8:54:42:d1:
ab:2c:01:ac:c8:9e:bb:69:ab:db:ed:3c:96:b3:90:
5a:b3:22:10:28:61:d6:99:ca:92:a7:6c:1d:6f:15:
e7:20:08:64:37:92:3e:eb:51:5f:ad:72:4d:65:40:
ac:8b:3f:93:ea:9a:40:62:c8:43:5c:a8:a5:2b:51:
61:dd:4f:54:1d:23:e4:a0:59:b5:81:53:9f:63:5d:
b0:6f:91:4e:e5:76:24:b7:76:20:90:fa:e0:1d:e9:
00:50:76:7e:2d:78:d3:a8:fa:c3:eb:23:38:93:d4:
8f:9d:48:6b:f9:da:c1:3f:84:6d:78:41:1c:f0:e3:
92:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:AB:7A:F5:89:04:E0:2B:CF:33:83:D9:CF:B6:E0:82:D2:EB:82:D7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/593bb6f2-1ee0-4352-97de-e329502838f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:800::/40
Signature Algorithm: sha256WithRSAEncryption
3a:a5:0d:57:c7:db:dd:d7:8f:55:14:fe:f4:21:7f:e3:c5:e0:
fb:45:c9:3c:52:73:d9:f7:d7:f6:2d:d9:87:4c:2d:7e:02:53:
21:25:db:ec:1c:24:75:ea:9d:57:b9:4d:6d:5a:c3:9b:fd:0e:
6b:2b:40:74:14:0f:ff:22:bc:a6:90:5d:b2:95:73:5a:d8:93:
5d:75:ff:d2:c9:37:d9:14:84:0c:63:83:e9:ad:63:cb:ca:1e:
54:ec:c6:73:16:89:30:f7:87:8e:4a:df:a6:3b:39:81:e6:92:
78:fe:10:a8:d1:86:c2:da:ef:3c:73:eb:05:12:c1:69:90:f5:
ba:16:a8:e8:28:d4:0a:d2:16:b7:c3:0c:c4:a5:2d:2a:7c:df:
50:e0:9f:87:9d:7c:32:7b:64:80:c1:e4:1b:cf:17:82:27:52:
0d:1c:43:83:3b:18:36:71:af:16:56:9f:f3:02:5c:18:bf:ab:
9b:5b:7c:02:64:35:01:a9:e8:fe:8a:6e:4d:a1:31:78:ba:31:
48:ea:10:9d:fd:c7:2f:bb:81:d2:a7:9d:65:c4:76:1b:03:66:
0e:1f:93:64:07:6d:6f:c5:ed:c0:ec:9d:3c:ed:fe:30:8f:b6:
66:c1:9b:f3:05:e3:e4:2e:25:12:f6:b8:3c:ef:17:01:4c:00:
b5:e0:0a:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEENEFv07/77vLOJK3WXXuPdIFjUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIxMDRaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4NWQ1NDQyOTQ5M2QyNTQ1MDVmODFlZTM4OTJkNDZmM2Y2NDViNGU0ZDM5
OTE3ZjQ3YWI0OTM4YzMxZTVmZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsKskv27esGQvu4NSJURyS0sPiT6H8u2PkH9YrWe7QPGIL8v+/L1hGSATEs
lRTT+II3rZT/LY9CydD6xiqrE5c4AeycEjYzQv0BP3BfVwRyWPJLC7lP27uj9vAR
2n4tMLJLmpYFhJWiNrMARbAs8JWmiZO3zFtfj4NRA/J5oy1Mr+i4VELRqywBrMie
u2mr2+08lrOQWrMiEChh1pnKkqdsHW8V5yAIZDeSPutRX61yTWVArIs/k+qaQGLI
Q1yopStRYd1PVB0j5KBZtYFTn2NdsG+RTuV2JLd2IJD64B3pAFB2fi1406j6w+sj
OJPUj51Ia/nawT+EbXhBHPDjkqUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS0q3r1
iQTgK88zg9nPtuCC0uuC1zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTkzYmI2ZjItMWVlMC00MzUyLTk3ZGUtZTMyOTUwMjgzOGY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DQI
MA0GCSqGSIb3DQEBCwUAA4IBAQA6pQ1Xx9vd149VFP70IX/jxeD7Rck8UnPZ99f2
LdmHTC1+AlMhJdvsHCR16p1XuU1tWsOb/Q5rK0B0FA//IrymkF2ylXNa2JNddf/S
yTfZFIQMY4PprWPLyh5U7MZzFokw94eOSt+mOzmB5pJ4/hCo0YbC2u88c+sFEsFp
kPW6FqjoKNQK0ha3wwzEpS0qfN9Q4J+HnXwye2SAweQbzxeCJ1INHEODOxg2ca8W
Vp/zAlwYv6ubW3wCZDUBqej+im5NoTF4ujFI6hCd/ccvu4HSp51lxHYbA2YOH5Nk
B21vxe3A7J087f4wj7ZmwZvzBePkLiUS9rg87xcBTAC14Aq/
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:44:01 2025 by rpki-client