Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
File: 03f51c56-79aa-48ca-895c-790a431bbd73.roa (raw, json)
Hash identifier: feInTeI7tGhe2SaMTtm1LqRMwClHsq42+R2YJKQz9DA=
Subject key identifier: 61:E0:D6:33:EF:ED:DD:85:E9:C0:17:ED:3F:39:B5:0F:AC:F2:0F:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A48535C1ECA7A5E417AF144DAC7BFF7E2EB96CC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
Signing time: Tue 26 Aug 2025 17:11:25 +0000
ROA not before: Tue 26 Aug 2025 17:11:25 +0000
ROA not after: Tue 30 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:48:53:5c:1e:ca:7a:5e:41:7a:f1:44:da:c7:bf:f7:e2:eb:96:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 26 17:11:25 2025 GMT
Not After : Sep 30 23:59:59 2025 GMT
Subject: serialNumber=2639273f8fe41f96025d93527fb66437c1cae2e2a9180e669800735345f600fc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:dd:4f:f8:7e:c8:0f:7b:ec:8d:8f:94:4f:f1:
d1:f7:6b:c1:94:ad:a3:43:41:21:04:a9:a7:51:fc:
ff:f4:76:13:54:67:8a:e6:c9:a5:84:71:e3:6e:ef:
57:94:40:ce:93:82:4f:8f:d9:ea:76:1f:44:7f:fa:
34:47:14:6b:4c:89:89:bf:e0:50:80:f7:8e:6e:57:
6f:05:24:64:48:c6:fc:3c:36:50:38:19:58:c9:12:
92:6c:d3:aa:a4:57:54:33:0a:c7:fb:2d:72:b2:d9:
f7:1c:53:3d:26:09:17:f9:62:c7:b2:91:77:cf:b0:
8a:3a:54:bf:bb:79:96:cd:cb:87:4e:0e:87:dd:a7:
d5:b6:78:52:71:bb:43:82:65:a3:0f:8f:3c:67:8f:
f0:75:ca:68:8e:f5:bb:d3:d4:f1:32:0a:d9:8e:3c:
8a:16:9f:5c:aa:ab:7e:1e:a2:ef:2f:9d:0d:1a:3c:
03:85:08:89:dd:88:44:6c:76:99:4c:1e:21:2e:01:
68:d7:d4:92:19:d5:e6:2c:da:f5:76:7e:15:10:2f:
c4:06:f1:a7:8a:a1:fc:6a:33:d4:e9:16:5b:c1:72:
1c:9a:37:a3:af:01:51:08:fc:dd:7c:d8:bb:d0:78:
9c:9d:bc:cd:2d:bf:28:9c:f5:88:90:fe:85:91:63:
10:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:E0:D6:33:EF:ED:DD:85:E9:C0:17:ED:3F:39:B5:0F:AC:F2:0F:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/03f51c56-79aa-48ca-895c-790a431bbd73.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:800::/40
Signature Algorithm: sha256WithRSAEncryption
10:a8:29:03:c9:52:f1:fa:82:07:84:18:06:3a:6b:45:12:05:
52:90:75:c3:a5:13:46:56:4e:74:ed:0d:b8:7d:9d:94:d1:70:
d3:5f:0a:2c:e3:f9:fb:a3:87:2b:48:c2:1a:49:c7:fd:4b:c2:
f4:66:ed:7d:93:a0:ee:82:9f:21:37:ca:02:49:4b:e1:a9:d1:
a2:63:ab:e8:01:f4:57:18:c6:a5:fb:d3:2f:c1:c1:15:cc:67:
fb:48:64:ed:e2:17:ee:f2:0a:f4:b3:68:94:2c:d8:a2:36:2b:
c7:e3:7b:46:1e:76:f3:53:0a:c9:54:d7:9f:b2:51:d4:84:76:
47:50:f1:30:55:8a:56:02:9b:04:8b:8c:74:d6:13:6d:45:43:
66:ce:6e:a1:e3:c0:09:c9:f5:f8:92:e3:9a:44:1b:93:09:e3:
c5:ff:be:3f:34:ff:46:b3:00:ca:1b:92:b8:70:28:d2:5f:a2:
de:7a:2e:9f:7c:8a:01:e0:57:5b:5d:6a:af:05:d1:85:18:40:
bc:79:cb:2e:d8:75:6a:0b:31:20:61:39:33:2d:46:6b:06:16:
0d:cc:8b:af:30:c2:67:5b:95:15:2e:e7:0a:79:dc:78:7b:92:
c7:91:c6:1e:c6:be:ee:af:d5:56:48:f9:36:f2:59:fd:25:14:
35:4e:3d:c5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCkhTXB7Kel5BevFE2se/9+LrlswwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjYxNzExMjVaFw0yNTA5MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2MzkyNzNmOGZlNDFmOTYwMjVkOTM1MjdmYjY2NDM3YzFjYWUyZTJhOTE4
MGU2Njk4MDA3MzUzNDVmNjAwZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7dT/h+yA977I2PlE/x0fdrwZSto0NBIQSpp1H8//R2E1RniubJpYRx427v
V5RAzpOCT4/Z6nYfRH/6NEcUa0yJib/gUID3jm5XbwUkZEjG/Dw2UDgZWMkSkmzT
qqRXVDMKx/stcrLZ9xxTPSYJF/lix7KRd8+wijpUv7t5ls3Lh04Oh92n1bZ4UnG7
Q4Jlow+PPGeP8HXKaI71u9PU8TIK2Y48ihafXKqrfh6i7y+dDRo8A4UIid2IRGx2
mUweIS4BaNfUkhnV5iza9XZ+FRAvxAbxp4qh/Goz1OkWW8FyHJo3o68BUQj83XzY
u9B4nJ28zS2/KJz1iJD+hZFjEEsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRh4NYz
7+3dhenAF+0/ObUPrPIPfDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDNmNTFjNTYtNzlhYS00OGNhLTg5NWMtNzkwYTQzMWJiZDczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUI
MA0GCSqGSIb3DQEBCwUAA4IBAQAQqCkDyVLx+oIHhBgGOmtFEgVSkHXDpRNGVk50
7Q24fZ2U0XDTXwos4/n7o4crSMIaScf9S8L0Zu19k6Dugp8hN8oCSUvhqdGiY6vo
AfRXGMal+9MvwcEVzGf7SGTt4hfu8gr0s2iULNiiNivH43tGHnbzUwrJVNefslHU
hHZHUPEwVYpWApsEi4x01hNtRUNmzm6h48AJyfX4kuOaRBuTCePF/74/NP9GswDK
G5K4cCjSX6Leei6ffIoB4FdbXWqvBdGFGEC8ecsu2HVqCzEgYTkzLUZrBhYNzIuv
MMJnW5UVLucKedx4e5LHkcYexr7ur9VWSPk28ln9JRQ1Tj3F
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:10:22 2025 by rpki-client