Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c5796c8a-c7f2-4888-9a17-c80093c07957.roa
File: c5796c8a-c7f2-4888-9a17-c80093c07957.roa (raw, json)
Hash identifier: d2BvJB7RheShAy/tccmmrOgKcz5bYrYDWsqkcsUa2vI=
Subject key identifier: 3D:C6:05:20:D5:E9:62:B2:97:90:B9:81:8B:A0:7A:6B:58:8C:A6:49
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33D5A0FD3FF0FB7D5A30030B8F7B1FCC90D77184
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c5796c8a-c7f2-4888-9a17-c80093c07957.roa
Signing time: Fri 11 Jul 2025 19:50:06 +0000
ROA not before: Fri 11 Jul 2025 19:50:06 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:80c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:d5:a0:fd:3f:f0:fb:7d:5a:30:03:0b:8f:7b:1f:cc:90:d7:71:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:50:06 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=b115203557e89dd95e8e43d3e9256d8120cd4abe776eab216e5715e2fe35dbe2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:75:37:07:36:dc:fd:cd:63:92:33:58:bd:f7:
95:6b:c1:7e:b3:73:9d:12:2b:73:06:84:88:3a:13:
03:2b:44:48:e7:7e:06:51:57:7b:45:09:f5:50:15:
a2:32:e2:56:65:48:43:81:eb:33:75:4e:b5:f9:cf:
5b:e1:99:38:ac:47:44:4b:c2:90:c0:c0:e4:d8:dc:
05:ac:a7:23:a2:f0:f7:82:01:1a:fb:3d:c0:76:75:
12:c7:db:30:e7:5e:2d:7d:de:bd:26:e0:b3:68:71:
95:03:e0:6c:ec:39:54:f6:6d:ee:26:3b:3a:df:df:
48:88:33:cd:3b:6c:62:41:7f:a8:92:fc:0c:3e:9f:
1b:26:a3:43:1d:be:49:9b:79:b6:4e:11:03:86:16:
f7:6d:9b:fc:00:59:d8:43:7d:92:08:b5:13:12:b0:
e0:5c:36:d3:fb:31:f5:78:2e:24:76:cf:b3:25:79:
25:f1:0d:24:7f:7b:ba:45:c0:14:95:2a:9f:ec:46:
6b:97:67:9e:ca:a0:e6:41:37:f7:d1:98:2e:99:f0:
ea:c3:fd:06:85:d5:a3:9d:1c:eb:23:00:86:c0:cb:
aa:35:91:7e:83:0b:74:ef:86:64:91:73:90:1f:ad:
7b:04:8d:df:93:03:d9:b5:3c:00:17:e9:0c:d6:4d:
d9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:C6:05:20:D5:E9:62:B2:97:90:B9:81:8B:A0:7A:6B:58:8C:A6:49
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c5796c8a-c7f2-4888-9a17-c80093c07957.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:80c0::/46
Signature Algorithm: sha256WithRSAEncryption
2d:c7:96:8d:89:a9:af:49:69:5d:5b:73:ba:95:57:fc:18:c8:
ed:cf:0e:86:43:6d:d6:46:e6:45:87:e8:06:cf:57:de:2a:e5:
e4:a9:5c:a2:4d:4b:05:60:9b:a6:89:de:c3:51:82:78:e2:2b:
bd:6f:f0:db:01:50:5e:88:68:73:43:3f:6d:20:01:9d:39:31:
7b:40:a4:41:08:71:b1:72:78:73:23:84:76:f2:72:14:29:2d:
0b:34:36:72:e0:a5:af:d1:ac:94:ff:b7:f0:e7:e8:c4:79:38:
28:b6:65:74:1e:cb:62:5d:d5:63:3e:95:6b:fa:50:e2:99:1b:
bf:d0:1f:b2:c1:64:be:17:52:4e:fe:ab:a7:41:73:03:0c:05:
91:3d:72:7f:08:01:32:79:9f:82:c3:5d:0a:44:9a:56:97:09:
05:a7:d3:f9:b5:5b:d9:e7:e0:d9:02:87:25:82:4b:8a:6d:9e:
b9:a5:a5:f1:6d:b9:f8:ca:4f:d6:e4:41:bf:35:9d:04:9f:82:
85:99:39:06:36:c0:b3:4d:2e:62:59:b5:b4:f7:01:46:77:a1:
f2:4b:b2:51:c2:94:c7:82:0d:78:6a:a3:04:3c:d8:b1:35:2e:
f0:6e:0c:5e:43:b5:7b:57:c0:13:77:07:59:a5:a2:82:f9:ef:
d5:f1:4c:74
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUM9Wg/T/w+31aMAMLj3sfzJDXcYQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTUwMDZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxMTUyMDM1NTdlODlkZDk1ZThlNDNkM2U5MjU2ZDgxMjBjZDRhYmU3NzZl
YWIyMTZlNTcxNWUyZmUzNWRiZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIR1Nwc23P3NY5IzWL33lWvBfrNznRIrcwaEiDoTAytESOd+BlFXe0UJ9VAV
ojLiVmVIQ4HrM3VOtfnPW+GZOKxHREvCkMDA5NjcBaynI6Lw94IBGvs9wHZ1Esfb
MOdeLX3evSbgs2hxlQPgbOw5VPZt7iY7Ot/fSIgzzTtsYkF/qJL8DD6fGyajQx2+
SZt5tk4RA4YW922b/ABZ2EN9kgi1ExKw4Fw20/sx9XguJHbPsyV5JfENJH97ukXA
FJUqn+xGa5dnnsqg5kE399GYLpnw6sP9BoXVo50c6yMAhsDLqjWRfoMLdO+GZJFz
kB+tewSN35MD2bU8ABfpDNZN2YECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ9xgUg
1elispeQuYGLoHprWIymSTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzU3OTZjOGEtYzdmMi00ODg4LTlhMTctYzgwMDkzYzA3OTU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DWA
wDANBgkqhkiG9w0BAQsFAAOCAQEALceWjYmpr0lpXVtzupVX/BjI7c8OhkNt1kbm
RYfoBs9X3irl5Klcok1LBWCbponew1GCeOIrvW/w2wFQXohoc0M/bSABnTkxe0Ck
QQhxsXJ4cyOEdvJyFCktCzQ2cuClr9GslP+38OfoxHk4KLZldB7LYl3VYz6Va/pQ
4pkbv9AfssFkvhdSTv6rp0FzAwwFkT1yfwgBMnmfgsNdCkSaVpcJBafT+bVb2efg
2QKHJYJLim2euaWl8W25+MpP1uRBvzWdBJ+ChZk5BjbAs00uYlm1tPcBRneh8kuy
UcKUx4INeGqjBDzYsTUu8G4MXkO1e1fAE3cHWaWigvnv1fFMdA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 03:48:00 2025 by rpki-client