Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
File: 5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa (raw, json)
Hash identifier: b2IlgKfccI7dmtlfNZfzRgRkcMtH45R49IEQkIocQx8=
Subject key identifier: 6D:68:D9:BE:F9:17:C5:95:8A:FF:52:4B:87:FE:C6:75:34:D9:7B:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 48857B046B957DBF3E86B4DC39C9F44F579205D6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
Signing time: Fri 11 Jul 2025 20:51:01 +0000
ROA not before: Fri 11 Jul 2025 20:51:01 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:85:7b:04:6b:95:7d:bf:3e:86:b4:dc:39:c9:f4:4f:57:92:05:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:51:01 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=92c416c8d1a3cc5920a5eebb8946a5ecf0963d13a1cd12a62a2acd1db4db749e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:aa:b6:46:de:86:e1:21:41:8e:3e:fc:b3:b0:
a6:ca:84:e8:6a:43:8b:74:0a:c4:56:1f:e2:fe:4c:
3a:03:74:42:12:bd:79:09:5b:a2:92:f0:1d:df:ed:
97:94:4d:76:46:64:d7:b8:47:a0:0d:4f:83:58:72:
ab:3d:60:7a:fa:3b:0f:28:b1:4c:ce:33:81:0a:52:
f5:10:db:b1:a0:40:f2:f6:b1:71:5b:6c:75:be:1e:
da:a4:06:f0:b2:13:5c:43:32:8a:13:d9:f8:8e:e4:
a8:8b:14:d2:27:cc:15:30:e1:3a:83:10:2e:5e:44:
fa:fb:c8:87:d1:6e:c1:03:b8:ee:ab:67:fa:54:1e:
b8:09:b3:23:58:5e:8b:fd:ef:9c:71:26:84:9c:df:
ea:4f:8c:03:1b:b8:0b:75:75:7c:82:53:a2:58:42:
7a:76:3a:f9:3c:33:97:87:03:d2:7b:e9:be:fd:96:
74:80:4b:33:e3:73:ad:b1:07:d5:45:0f:be:54:3b:
00:38:b4:cf:d4:09:60:cf:04:56:40:9c:c8:83:3b:
80:a1:2f:9a:70:e6:20:68:f3:3a:2e:53:37:f3:95:
c9:f3:f9:e1:63:de:cb:02:f0:b6:54:6f:9c:49:3d:
55:05:8e:c8:d5:06:0b:47:f8:38:a4:03:41:71:e6:
c4:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:68:D9:BE:F9:17:C5:95:8A:FF:52:4B:87:FE:C6:75:34:D9:7B:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025:1000::/36
Signature Algorithm: sha256WithRSAEncryption
1b:17:46:d3:34:ab:15:1d:c5:0b:72:e1:07:7a:7f:0b:47:5c:
0e:bb:4f:e3:39:d5:7f:fc:34:2c:46:97:e0:b8:c7:47:da:ca:
f9:e5:44:ea:eb:e8:e1:48:6b:d5:a2:72:73:4f:88:82:28:04:
20:20:2c:25:43:26:d0:61:c4:91:87:78:b4:98:51:93:8e:2b:
6e:cd:47:8f:bd:8d:ca:af:e2:e6:09:d5:8e:8e:ce:10:5d:51:
c8:03:bd:8d:28:82:5d:a9:36:82:34:2c:bf:39:6d:59:2a:ef:
9b:4f:59:37:87:e3:fe:90:40:7c:4d:7c:68:60:2e:dd:d4:51:
c7:a5:92:5a:a4:b9:e4:09:b6:46:8c:eb:bf:9d:db:d2:40:f3:
c7:8a:3e:b4:13:5e:8c:7a:a8:ec:10:ad:f0:06:bd:50:b0:23:
53:1e:f7:62:9f:b2:1a:e8:c6:fc:fa:c6:a5:73:18:9b:f8:b8:
79:fe:48:09:67:af:b9:9e:1f:52:57:30:d4:23:45:5a:45:45:
ae:b9:85:93:1c:8d:46:bd:f6:93:ee:3a:29:a5:ca:fa:d6:86:
0e:a2:6d:3f:42:30:89:27:a9:40:66:24:c5:a1:1b:ba:71:1c:
fe:60:e0:1e:0b:06:f8:af:9e:be:79:3f:20:a6:d7:73:85:bc:
51:c9:40:75
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSIV7BGuVfb8+hrTcOcn0T1eSBdYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDUxMDFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyYzQxNmM4ZDFhM2NjNTkyMGE1ZWViYjg5NDZhNWVjZjA5NjNkMTNhMWNk
MTJhNjJhMmFjZDFkYjRkYjc0OWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKOqtkbehuEhQY4+/LOwpsqE6GpDi3QKxFYf4v5MOgN0QhK9eQlbopLwHd/t
l5RNdkZk17hHoA1Pg1hyqz1gevo7DyixTM4zgQpS9RDbsaBA8vaxcVtsdb4e2qQG
8LITXEMyihPZ+I7kqIsU0ifMFTDhOoMQLl5E+vvIh9FuwQO47qtn+lQeuAmzI1he
i/3vnHEmhJzf6k+MAxu4C3V1fIJTolhCenY6+Twzl4cD0nvpvv2WdIBLM+NzrbEH
1UUPvlQ7ADi0z9QJYM8EVkCcyIM7gKEvmnDmIGjzOi5TN/OVyfP54WPeywLwtlRv
nEk9VQWOyNUGC0f4OKQDQXHmxLsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRtaNm+
+RfFlYr/UkuH/sZ1NNl7xzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWE1ODVlOWQtOGJmMC00YmMxLWFkN2ItYjZjM2UwYmY5YjkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAbF0bTNKsVHcULcuEHen8LR1wOu0/jOdV//DQs
RpfguMdH2sr55UTq6+jhSGvVonJzT4iCKAQgICwlQybQYcSRh3i0mFGTjituzUeP
vY3Kr+LmCdWOjs4QXVHIA72NKIJdqTaCNCy/OW1ZKu+bT1k3h+P+kEB8TXxoYC7d
1FHHpZJapLnkCbZGjOu/ndvSQPPHij60E16MeqjsEK3wBr1QsCNTHvdin7Ia6Mb8
+salcxib+Lh5/kgJZ6+5nh9SVzDUI0VaRUWuuYWTHI1GvfaT7joppcr61oYOom0/
QjCJJ6lAZiTFoRu6cRz+YOAeCwb4r56+eT8gptdzhbxRyUB1
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:47:44 2025 by rpki-client