Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa
File: 5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa (raw, json)
Hash identifier: oHBNSGgYe3QXhSwn80XSc0AWUX48DLz2tpnnrNmdoZ0=
Subject key identifier: BA:37:16:C8:99:BD:9C:E4:B5:75:92:9B:8F:D0:E7:23:D5:5E:0B:D7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 609F494889E003B9439A4059FAB9D5D83478D7E1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa
Signing time: Mon 07 Jul 2025 18:20:44 +0000
ROA not before: Mon 07 Jul 2025 18:20:44 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:9f:49:48:89:e0:03:b9:43:9a:40:59:fa:b9:d5:d8:34:78:d7:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 7 18:20:44 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=f751d7cc1ec61185c1e4d7fde6fc802527931e728ace2690fe7e3c1a686ee14e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b2:fd:55:35:24:f7:46:b6:2c:83:b4:f6:49:
15:80:62:83:1b:f9:28:92:ec:dc:fb:96:f1:4e:fa:
6b:57:db:c5:48:a8:8a:a9:ea:77:d6:74:d2:d7:28:
66:c5:0e:a1:cf:6b:9c:5b:1c:ee:db:12:b3:8b:82:
52:9c:39:ef:af:ad:d1:1c:ea:36:77:c3:d6:54:fc:
cc:88:bb:e0:e0:7b:9b:58:4f:e7:85:cb:51:03:40:
6e:70:c3:9a:95:64:9b:98:90:39:3c:c0:f7:5c:66:
98:ca:e7:d6:ff:7a:61:a8:3e:d4:64:3a:dc:0e:a4:
f5:7a:a8:66:e2:23:d8:27:ed:63:3b:f1:57:a1:c6:
21:00:96:93:18:a6:c7:7e:ad:d8:6c:b0:96:79:28:
2e:35:a5:a4:01:7f:94:29:ed:89:b9:a1:bc:d5:93:
00:3a:23:5a:be:0c:87:44:be:06:16:a3:9b:f2:07:
33:7c:36:7d:c7:7a:64:be:98:1d:ce:5f:81:4b:e2:
fa:56:c0:95:35:9b:32:c2:11:99:a3:64:2d:ff:65:
0f:a7:92:3c:2f:c0:3a:e7:6b:17:3f:f2:b8:74:58:
c9:b9:b0:96:10:45:43:a3:3a:48:0a:16:a9:bb:fa:
e4:c1:e9:51:f3:35:cb:ff:c8:3a:09:95:f8:94:81:
3e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:37:16:C8:99:BD:9C:E4:B5:75:92:9B:8F:D0:E7:23:D5:5E:0B:D7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
b5:a7:51:28:30:70:a0:da:05:d4:d1:d8:5c:ab:e7:46:bc:13:
de:0b:6d:fe:b8:6d:68:02:15:f1:c1:16:ff:b4:8c:3a:7a:11:
aa:39:03:2e:5e:07:45:6e:58:17:f3:f7:39:2e:91:c7:c6:d5:
d4:d6:6a:ab:65:4e:22:ee:2a:16:d8:51:2f:99:db:c3:54:12:
6f:17:d7:53:83:a9:48:50:d3:e7:2f:12:30:06:61:1a:8b:8d:
4b:2b:e1:02:f0:b6:c7:a5:70:d1:6e:55:6d:bc:43:4a:eb:a1:
94:a9:6b:3a:87:ca:44:29:0e:68:a2:e3:e5:67:b7:f5:eb:71:
7c:52:40:94:e4:ad:b0:7b:9d:ca:db:b2:67:8f:37:1d:68:d5:
a1:a6:5b:d5:5b:42:af:4c:ca:a7:e8:05:de:f3:a9:3c:93:97:
e3:8d:5d:00:b1:d8:88:42:b2:33:00:ca:59:96:4c:83:f6:74:
4f:77:f5:32:23:8c:de:dd:28:75:be:cc:92:fb:0d:bb:75:c8:
17:50:1c:8c:72:78:51:22:fd:e7:96:f4:e4:0b:07:40:59:ff:
53:ef:cb:96:e6:b3:7c:e2:ab:fc:33:aa:3c:29:8c:7d:12:e5:
a5:8c:38:d2:18:90:ff:ca:50:b6:f8:d4:03:74:6a:6b:06:e6:
bf:c5:3e:16
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYJ9JSIngA7lDmkBZ+rnV2DR41+EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDcxODIwNDRaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3NTFkN2NjMWVjNjExODVjMWU0ZDdmZGU2ZmM4MDI1Mjc5MzFlNzI4YWNl
MjY5MGZlN2UzYzFhNjg2ZWUxNGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ2y/VU1JPdGtiyDtPZJFYBigxv5KJLs3PuW8U76a1fbxUioiqnqd9Z00tco
ZsUOoc9rnFsc7tsSs4uCUpw576+t0RzqNnfD1lT8zIi74OB7m1hP54XLUQNAbnDD
mpVkm5iQOTzA91xmmMrn1v96Yag+1GQ63A6k9XqoZuIj2CftYzvxV6HGIQCWkxim
x36t2GywlnkoLjWlpAF/lCntibmhvNWTADojWr4Mh0S+Bhajm/IHM3w2fcd6ZL6Y
Hc5fgUvi+lbAlTWbMsIRmaNkLf9lD6eSPC/AOudrFz/yuHRYybmwlhBFQ6M6SAoW
qbv65MHpUfM1y//IOgmV+JSBPg0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS6NxbI
mb2c5LV1kpuP0Ocj1V4L1zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWEwMjNiYTctNmRiZS00NmFjLWJjNmYtNjIxZWQ2OTQ2YjZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8I
wDANBgkqhkiG9w0BAQsFAAOCAQEAtadRKDBwoNoF1NHYXKvnRrwT3gtt/rhtaAIV
8cEW/7SMOnoRqjkDLl4HRW5YF/P3OS6Rx8bV1NZqq2VOIu4qFthRL5nbw1QSbxfX
U4OpSFDT5y8SMAZhGouNSyvhAvC2x6Vw0W5VbbxDSuuhlKlrOofKRCkOaKLj5We3
9etxfFJAlOStsHudytuyZ483HWjVoaZb1VtCr0zKp+gF3vOpPJOX441dALHYiEKy
MwDKWZZMg/Z0T3f1MiOM3t0odb7MkvsNu3XIF1AcjHJ4USL955b05AsHQFn/U+/L
luazfOKr/DOqPCmMfRLlpYw40hiQ/8pQtvjUA3Rqawbmv8U+Fg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:42:27 2025 by rpki-client