Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
File: 91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa (raw, json)
Hash identifier: r5Y+fFC8LdYQbGfnBzM9vh7/OFFyxgkydfJe9+X/cXU=
Subject key identifier: C5:2A:F6:B9:81:C4:8A:0E:B3:26:19:0B:8E:B3:60:0B:F4:89:DC:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27170564A39ED24AF0EE8BCBA2C60CAD73E72821
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
Signing time: Fri 11 Jul 2025 18:41:12 +0000
ROA not before: Fri 11 Jul 2025 18:41:12 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:17:05:64:a3:9e:d2:4a:f0:ee:8b:cb:a2:c6:0c:ad:73:e7:28:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:41:12 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=ab5f003f73253436b6d8900668132a2390e38039129557be919b69e510079ef6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1e:34:af:65:49:34:f1:a8:de:d7:4e:25:5f:
35:34:01:74:bd:ec:89:4f:6b:45:8c:32:96:ad:41:
ff:68:91:8b:33:95:ea:9a:78:07:e8:18:1f:c9:fd:
d0:e5:bf:cc:78:07:85:7e:48:c6:6d:79:15:da:63:
23:b1:75:3b:7a:14:2a:53:1a:fa:b5:8f:f9:2b:9b:
15:48:02:3c:d5:48:60:47:08:bc:76:4d:5a:46:98:
36:1e:58:f4:c6:90:6a:0d:61:80:95:66:90:85:6e:
97:fc:ef:dd:41:5b:62:71:17:4a:6e:42:80:4b:12:
72:fc:c8:2d:6c:5b:4c:a4:25:1c:5f:2b:a4:f2:24:
eb:bd:70:40:bc:26:65:4f:9b:40:cb:ef:f2:69:3c:
ae:37:89:ce:2b:07:b6:dc:41:d0:45:e4:33:84:77:
e9:51:5b:81:24:f8:06:d6:5d:83:5e:00:7d:96:08:
af:9e:63:28:35:18:c2:a8:6c:59:f1:32:e2:f4:95:
ac:47:2e:e3:44:3f:7b:fa:08:54:6b:40:03:bf:f6:
d2:9c:cc:9d:e6:da:d5:da:c3:ee:82:9d:39:0d:fd:
f7:f3:87:46:a0:f1:dd:e4:df:c9:7d:61:b1:5b:c8:
be:48:b2:4d:b7:a0:e5:a1:d3:de:a7:a3:71:6a:f4:
bb:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:2A:F6:B9:81:C4:8A:0E:B3:26:19:0B:8E:B3:60:0B:F4:89:DC:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8080::/48
Signature Algorithm: sha256WithRSAEncryption
0e:8e:87:4c:38:e4:4a:f7:4b:bf:bd:92:88:68:cf:e1:8e:ce:
ce:41:ca:cf:6f:e2:1c:79:e0:6a:3a:81:ec:44:ff:25:da:d2:
22:e0:a6:56:0d:8b:18:5d:34:b2:79:83:d1:76:05:ce:16:8b:
2f:db:1d:64:25:f1:3a:0f:e8:7c:39:91:80:46:1d:7b:b8:a1:
92:8e:1a:18:37:b2:8c:95:0e:f2:6c:b1:c3:d2:c4:8b:d1:aa:
9c:91:ce:5f:d2:dd:2f:9f:4b:64:84:ed:af:42:c9:fc:e8:94:
3b:5d:dd:fb:07:3b:9c:5d:30:59:0a:84:8a:b8:ec:9f:bb:46:
c0:e2:4f:e4:de:5f:53:1f:08:ea:79:2f:9b:c8:ef:95:ad:ef:
b0:1d:4f:6c:b6:c3:c6:39:31:17:87:94:61:18:02:f3:71:bd:
f3:df:f9:ac:61:20:c5:cd:bb:76:f2:34:60:d9:f2:93:db:68:
c6:ef:d9:ff:f2:b9:7e:02:80:fe:41:79:0f:26:da:51:08:aa:
a1:31:c4:57:12:a9:8b:c5:35:02:4d:17:0a:36:73:31:cf:55:
36:01:34:5f:ad:0b:9c:7a:30:e5:8f:c7:07:69:be:dc:7a:7b:
8f:07:b1:1c:e0:a9:38:fa:20:53:f9:ea:14:63:b7:4f:fe:b3:
aa:d5:12:c1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJxcFZKOe0krw7ovLosYMrXPnKCEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQxMTJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiNWYwMDNmNzMyNTM0MzZiNmQ4OTAwNjY4MTMyYTIzOTBlMzgwMzkxMjk1
NTdiZTkxOWI2OWU1MTAwNzllZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAeNK9lSTTxqN7XTiVfNTQBdL3siU9rRYwylq1B/2iRizOV6pp4B+gYH8n9
0OW/zHgHhX5Ixm15FdpjI7F1O3oUKlMa+rWP+SubFUgCPNVIYEcIvHZNWkaYNh5Y
9MaQag1hgJVmkIVul/zv3UFbYnEXSm5CgEsScvzILWxbTKQlHF8rpPIk671wQLwm
ZU+bQMvv8mk8rjeJzisHttxB0EXkM4R36VFbgST4BtZdg14AfZYIr55jKDUYwqhs
WfEy4vSVrEcu40Q/e/oIVGtAA7/20pzMneba1drD7oKdOQ399/OHRqDx3eTfyX1h
sVvIvkiyTbeg5aHT3qejcWr0uzsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTFKva5
gcSKDrMmGQuOs2AL9IncIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTFlZTM2NTUtZGNiNC00MWM2LWI0YTQtMjcwY2E1Y2FjZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
gDANBgkqhkiG9w0BAQsFAAOCAQEADo6HTDjkSvdLv72SiGjP4Y7OzkHKz2/iHHng
ajqB7ET/JdrSIuCmVg2LGF00snmD0XYFzhaLL9sdZCXxOg/ofDmRgEYde7ihko4a
GDeyjJUO8myxw9LEi9GqnJHOX9LdL59LZITtr0LJ/OiUO13d+wc7nF0wWQqEirjs
n7tGwOJP5N5fUx8I6nkvm8jvla3vsB1PbLbDxjkxF4eUYRgC83G989/5rGEgxc27
dvI0YNnyk9toxu/Z//K5fgKA/kF5DybaUQiqoTHEVxKpi8U1Ak0XCjZzMc9VNgE0
X60LnHow5Y/HB2m+3Hp7jwexHOCpOPogU/nqFGO3T/6zqtUSwQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:47 2025 by rpki-client