Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5848fa6-ac6d-40a4-82b6-9f25776b23df.roa
File: f5848fa6-ac6d-40a4-82b6-9f25776b23df.roa (raw, json)
Hash identifier: R/fHspk80TIEUbBxxuzhiReaigRntFAD3NULbQodJHs=
Subject key identifier: 0B:9B:FB:38:54:30:D1:F4:8F:EC:13:C2:D9:B1:9B:87:70:FC:9F:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5906CC221ED4301D157272F22F87F4FDC601BA6F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5848fa6-ac6d-40a4-82b6-9f25776b23df.roa
Signing time: Fri 11 Jul 2025 20:00:17 +0000
ROA not before: Fri 11 Jul 2025 20:00:17 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:4040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:06:cc:22:1e:d4:30:1d:15:72:72:f2:2f:87:f4:fd:c6:01:ba:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:00:17 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a774327c2a32327e86f60091a1fb35fa75118f0b950853133b95c4f24071fb0c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:d2:3b:9b:60:37:a9:a0:bd:df:f6:db:78:7e:
23:9e:fc:23:ad:3e:3e:05:87:c3:ed:b9:ba:0d:b8:
2d:0f:f5:86:6d:24:93:5b:15:57:ad:ad:e0:2f:71:
b1:57:9d:d6:66:c1:f2:5b:fd:93:bb:78:f3:ab:32:
41:64:79:72:37:46:0a:77:7f:8e:d9:8a:01:fd:ea:
8b:d7:ec:31:9e:ae:e7:81:a0:50:6a:d4:3a:c5:50:
d0:4f:5f:21:10:5a:ed:02:52:73:af:25:38:48:2a:
7e:f1:25:82:b3:41:e5:28:c8:70:84:69:6c:a1:40:
8e:fe:3e:17:94:a3:bc:c4:9a:98:0b:6f:22:c0:0b:
c7:b9:2c:2a:a1:cf:b6:de:3d:a6:0e:95:7c:e9:c7:
2f:a3:e5:37:5b:20:b8:11:a1:5c:d8:bc:16:da:8b:
5c:6a:e1:5b:f3:36:35:2a:e1:1f:bf:c3:1f:1a:0c:
88:04:ed:a5:f0:14:db:b6:b1:04:b7:bd:a0:c5:79:
61:6c:38:4b:63:83:ec:5f:65:8e:b9:bc:5e:90:0b:
89:eb:b3:48:5d:3d:f8:16:32:d9:7e:40:b6:64:49:
6f:f5:9b:53:3b:47:1d:b5:58:b6:86:76:77:24:d0:
0d:c8:e5:f1:e2:d3:bf:35:63:dc:c8:f5:20:c5:44:
89:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:9B:FB:38:54:30:D1:F4:8F:EC:13:C2:D9:B1:9B:87:70:FC:9F:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5848fa6-ac6d-40a4-82b6-9f25776b23df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:4040::/46
Signature Algorithm: sha256WithRSAEncryption
14:95:9a:b2:30:8b:ab:fe:97:d0:3c:60:0f:86:42:9c:c2:af:
28:48:07:87:85:c0:e2:2d:2e:cc:c2:ec:06:34:96:5f:3d:d2:
b1:0f:a8:3c:f9:f4:ff:c1:53:24:24:9e:41:55:84:d7:8f:e5:
31:70:c0:aa:fe:20:a9:75:e1:bf:29:92:ec:20:fe:b1:cc:bb:
18:ce:13:30:d9:67:f4:4a:77:eb:2d:47:99:37:50:a3:f4:d4:
21:f8:63:82:b5:53:7e:68:95:87:a1:69:1f:66:cc:bb:dd:e0:
f3:ad:fd:d9:24:51:f3:3c:75:50:1d:d5:19:e1:ea:7a:97:d2:
ee:df:8f:8a:61:99:c4:e2:c1:57:c1:10:b7:54:1a:68:b0:3c:
7f:90:18:6b:70:3a:2e:de:bc:c9:a1:90:9d:fb:fb:91:bf:84:
ef:63:43:77:21:94:60:fd:af:02:f4:1c:6e:cd:97:6b:66:0d:
02:a7:9e:2f:0b:39:85:be:d0:c9:ea:15:60:70:d3:64:c1:88:
54:08:6a:76:4b:2a:44:99:66:d9:e5:51:f8:54:ef:bc:b4:4b:
56:ac:27:48:f4:1c:cd:dc:24:06:2e:fd:04:a3:4a:58:d8:5e:
0d:80:5b:f1:b1:48:29:a7:19:08:b7:35:b6:92:40:4f:ff:13:
ac:f4:cc:50
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWQbMIh7UMB0VcnLyL4f0/cYBum8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDAwMTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3NzQzMjdjMmEzMjMyN2U4NmY2MDA5MWExZmIzNWZhNzUxMThmMGI5NTA4
NTMxMzNiOTVjNGYyNDA3MWZiMGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOzSO5tgN6mgvd/223h+I578I60+PgWHw+25ug24LQ/1hm0kk1sVV62t4C9x
sVed1mbB8lv9k7t486syQWR5cjdGCnd/jtmKAf3qi9fsMZ6u54GgUGrUOsVQ0E9f
IRBa7QJSc68lOEgqfvElgrNB5SjIcIRpbKFAjv4+F5SjvMSamAtvIsALx7ksKqHP
tt49pg6VfOnHL6PlN1sguBGhXNi8FtqLXGrhW/M2NSrhH7/DHxoMiATtpfAU27ax
BLe9oMV5YWw4S2OD7F9ljrm8XpALieuzSF09+BYy2X5AtmRJb/WbUztHHbVYtoZ2
dyTQDcjl8eLTvzVj3Mj1IMVEifMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQLm/s4
VDDR9I/sE8LZsZuHcPyftzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjU4NDhmYTYtYWM2ZC00MGE0LTgyYjYtOWYyNTc3NmIyM2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DVA
QDANBgkqhkiG9w0BAQsFAAOCAQEAFJWasjCLq/6X0DxgD4ZCnMKvKEgHh4XA4i0u
zMLsBjSWXz3SsQ+oPPn0/8FTJCSeQVWE14/lMXDAqv4gqXXhvymS7CD+scy7GM4T
MNln9Ep36y1HmTdQo/TUIfhjgrVTfmiVh6FpH2bMu93g86392SRR8zx1UB3VGeHq
epfS7t+PimGZxOLBV8EQt1QaaLA8f5AYa3A6Lt68yaGQnfv7kb+E72NDdyGUYP2v
AvQcbs2Xa2YNAqeeLws5hb7QyeoVYHDTZMGIVAhqdksqRJlm2eVR+FTvvLRLVqwn
SPQczdwkBi79BKNKWNheDYBb8bFIKacZCLc1tpJAT/8TrPTMUA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:49 2025 by rpki-client