Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
File: f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa (raw, json)
Hash identifier: caXMI/VtP31373ckSomZBddOXwU+/OsuJFwD8MAk4D0=
Subject key identifier: DA:4E:0C:DC:CF:90:C2:DB:9B:4B:E8:B6:68:AA:CF:2E:24:40:BF:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 18678DD72413029E84C8FF36F1B0AC09509A196E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
Signing time: Sat 12 Jul 2025 00:50:47 +0000
ROA not before: Sat 12 Jul 2025 00:50:47 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:67:8d:d7:24:13:02:9e:84:c8:ff:36:f1:b0:ac:09:50:9a:19:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:50:47 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=83fe11e6951b853c88b9856d5bcf68ccd69dba9ad27d2b9420ebe32ce79e3f69, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d6:34:bc:b6:9c:df:91:7e:c6:5c:ef:9b:41:
f0:98:3c:42:3b:85:46:de:d5:f7:94:f0:41:7d:c3:
f7:6d:da:7b:67:18:d3:eb:74:4d:18:2e:de:bd:a7:
c1:24:ad:ab:0f:39:6e:ac:be:18:f3:37:f2:24:b3:
4e:79:d1:22:7a:0e:96:3a:49:62:b3:ea:62:98:08:
bb:a1:15:cb:ef:9f:d4:4b:47:ef:15:67:93:bc:16:
d4:dd:05:99:6a:f2:7e:4d:8d:12:9e:6e:65:9b:9e:
68:93:90:bb:1d:0b:60:26:7d:80:d7:55:6b:4a:ce:
7d:9c:ae:7d:0b:b1:02:6c:6f:8e:3e:fb:85:09:81:
70:cf:82:89:d6:8f:cd:9f:3b:c2:62:b9:48:ee:1c:
0d:2a:7b:63:7b:c3:26:dc:99:55:37:1d:48:95:45:
df:97:5c:7e:ed:c6:9b:c3:56:e5:a6:72:e4:35:60:
79:8c:95:04:66:c3:74:1d:3a:73:29:6a:fe:82:ae:
e4:f1:40:0b:76:7e:a5:3e:86:41:5a:66:35:de:48:
91:1b:6e:60:f7:d6:30:1e:e1:d8:93:86:ff:78:31:
3c:62:1c:4b:81:61:91:34:b2:6b:2f:9a:dc:b6:25:
85:43:52:87:f0:96:ac:b7:07:f4:91:94:07:b7:f5:
b0:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:4E:0C:DC:CF:90:C2:DB:9B:4B:E8:B6:68:AA:CF:2E:24:40:BF:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8000::/38
Signature Algorithm: sha256WithRSAEncryption
3f:fc:41:a6:e2:5a:bc:cc:fe:91:a9:05:31:54:f8:63:e8:a0:
77:ef:66:c3:65:56:c9:85:d5:16:ab:5a:57:ee:a4:77:55:40:
f8:2c:86:18:3b:51:3d:b6:ef:05:29:21:21:12:a5:2e:b8:bf:
88:f0:22:43:1a:4f:c0:60:a5:3a:cc:aa:64:91:bb:f5:a4:cc:
ee:08:8b:5d:0e:cf:21:6b:be:a5:a3:ee:cd:a4:4c:c9:94:dc:
c8:24:b6:60:04:43:01:7b:89:78:7d:43:61:48:db:ae:a0:35:
60:fd:1a:65:03:a4:b5:10:f6:8a:3f:58:6c:7e:86:63:7e:f4:
02:61:16:52:ea:30:7a:fb:e4:d1:6b:17:59:74:64:fc:fa:04:
41:c6:97:06:51:d6:9d:e0:32:c3:db:5f:aa:f0:3f:c5:b6:70:
c7:0f:51:82:34:98:9a:38:4e:be:7e:a2:cb:80:09:12:7c:3c:
b7:76:61:75:b3:40:b6:19:82:38:7c:d5:77:bd:9d:b4:ca:6d:
67:9f:73:d0:89:e7:3a:7c:f8:58:24:c3:4e:e3:fb:c7:6c:5f:
3e:2e:8f:34:0e:5e:e9:32:80:91:cb:03:6d:e3:5a:ce:e4:22:
39:48:12:d2:6c:45:64:fb:c8:a9:15:d9:42:9d:8e:e1:77:6e:
c8:71:c1:76
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGGeN1yQTAp6EyP828bCsCVCaGW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUwNDdaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzZmUxMWU2OTUxYjg1M2M4OGI5ODU2ZDViY2Y2OGNjZDY5ZGJhOWFkMjdk
MmI5NDIwZWJlMzJjZTc5ZTNmNjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKrWNLy2nN+RfsZc75tB8Jg8QjuFRt7V95TwQX3D923ae2cY0+t0TRgu3r2n
wSStqw85bqy+GPM38iSzTnnRInoOljpJYrPqYpgIu6EVy++f1EtH7xVnk7wW1N0F
mWryfk2NEp5uZZueaJOQux0LYCZ9gNdVa0rOfZyufQuxAmxvjj77hQmBcM+CidaP
zZ87wmK5SO4cDSp7Y3vDJtyZVTcdSJVF35dcfu3Gm8NW5aZy5DVgeYyVBGbDdB06
cylq/oKu5PFAC3Z+pT6GQVpmNd5IkRtuYPfWMB7h2JOG/3gxPGIcS4FhkTSyay+a
3LYlhUNSh/CWrLcH9JGUB7f1sLUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTaTgzc
z5DC25tL6LZoqs8uJEC/jzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjViMjViMDgtZWMyNC00ZTE4LTg0YzktMDVhYzAzNWIxNWE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCA
MA0GCSqGSIb3DQEBCwUAA4IBAQA//EGm4lq8zP6RqQUxVPhj6KB372bDZVbJhdUW
q1pX7qR3VUD4LIYYO1E9tu8FKSEhEqUuuL+I8CJDGk/AYKU6zKpkkbv1pMzuCItd
Ds8ha76lo+7NpEzJlNzIJLZgBEMBe4l4fUNhSNuuoDVg/RplA6S1EPaKP1hsfoZj
fvQCYRZS6jB6++TRaxdZdGT8+gRBxpcGUdad4DLD21+q8D/FtnDHD1GCNJiaOE6+
fqLLgAkSfDy3dmF1s0C2GYI4fNV3vZ20ym1nn3PQiec6fPhYJMNO4/vHbF8+Lo80
Dl7pMoCRywNt41rO5CI5SBLSbEVk+8ipFdlCnY7hd27IccF2
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:59:13 2025 by rpki-client