Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07c3de07-a359-4dee-93cb-30a6dab1215d.roa
File: 07c3de07-a359-4dee-93cb-30a6dab1215d.roa (raw, json)
Hash identifier: JDsqEBoejYnj1rM5emqDFdfWOkPPHPRM6lTMrp/45Yk=
Subject key identifier: 0D:B3:B1:ED:65:8E:D6:A2:26:44:8D:83:EF:B9:53:A9:EA:A7:F2:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C43560A45BACCC6FB6204E3D653FFDD73303DE6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07c3de07-a359-4dee-93cb-30a6dab1215d.roa
Signing time: Fri 15 Aug 2025 15:40:14 +0000
ROA not before: Fri 15 Aug 2025 15:40:14 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:8c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:43:56:0a:45:ba:cc:c6:fb:62:04:e3:d6:53:ff:dd:73:30:3d:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:40:14 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=a7c69f04713ec0de94460cf513361e7dc3571a68c3236c094f20f71bb1d711f9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2d:ee:1f:75:95:d7:db:a2:99:59:a3:6f:f6:
8a:cc:44:78:1a:5a:c2:fb:56:33:c8:79:14:df:12:
41:c8:e2:a8:89:37:28:87:67:57:44:ce:1e:3c:40:
fb:b2:bf:05:ea:59:7e:24:04:e4:73:21:18:37:fc:
26:38:97:ca:b1:00:fa:1e:38:92:88:fa:dd:8f:e2:
fe:a5:56:af:4e:cd:84:68:84:06:09:7b:cf:4c:b5:
eb:dc:df:56:45:5c:45:4e:cc:cb:4c:cb:49:44:92:
e6:12:a9:f9:4c:06:4b:a5:ea:58:2e:a8:af:91:7d:
61:b5:36:5a:78:a3:e8:86:64:f9:06:57:2c:1a:ac:
e2:c0:c0:f4:4f:d2:a9:7c:b8:ad:2c:69:9b:00:3f:
59:1b:9c:51:b2:7c:a1:e2:10:f8:87:0b:51:97:4e:
1c:75:6b:25:a7:63:3b:9f:41:83:09:6e:33:08:f0:
d4:9b:06:4c:70:35:e7:a9:08:34:20:9c:2d:30:d5:
69:74:c2:fa:b0:f9:f8:04:e4:0f:82:8c:57:bc:02:
e3:51:a7:7e:30:cb:f2:bd:b3:71:7e:09:ab:aa:f3:
47:cf:ba:49:9d:b0:17:0b:c4:34:6a:9f:47:cf:9b:
5d:12:af:48:c6:46:18:8d:ff:c2:d0:0b:b1:47:bf:
d2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:B3:B1:ED:65:8E:D6:A2:26:44:8D:83:EF:B9:53:A9:EA:A7:F2:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/07c3de07-a359-4dee-93cb-30a6dab1215d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:8c0::/46
Signature Algorithm: sha256WithRSAEncryption
4b:5d:5c:b7:5c:85:93:58:35:73:77:94:f9:54:bf:71:4c:a2:
9d:3f:2f:7c:46:7e:24:e6:32:6f:66:f9:3d:97:25:0e:b5:ff:
da:5d:4f:c7:a8:3b:04:93:d6:e3:ba:a3:ec:9f:5c:bd:d1:7a:
4f:c9:af:2c:01:0f:6c:16:9d:72:30:10:5a:ab:da:4a:3a:72:
dd:94:96:67:f3:e1:bc:55:37:d9:e5:dd:08:fb:47:0a:1b:d8:
f7:2c:31:22:3a:5a:11:7c:20:09:37:75:51:e6:56:02:e6:06:
27:4b:22:d3:b7:e4:b6:aa:ea:0f:d1:0f:66:b0:90:6a:ad:b1:
02:fe:0d:ef:23:14:ab:25:6b:3a:d6:67:5d:74:d6:20:1e:3a:
71:a0:0e:eb:36:4c:6d:25:3f:f0:63:6e:35:5d:b7:65:81:a6:
d3:17:ac:71:9a:9f:3e:e0:1f:84:28:36:36:e6:3b:df:86:34:
13:06:c0:ad:9a:91:af:b0:8a:de:52:1b:7d:d6:24:22:67:b5:
0c:8f:26:86:c0:ea:d7:37:76:6e:cd:82:16:1f:b3:74:a0:69:
39:0e:1e:a5:9c:bb:17:6a:eb:b2:48:66:ef:f6:e1:e7:d3:e8:
1e:ad:75:87:f8:90:0c:95:f3:b1:36:4d:93:be:4f:6a:7f:92:
b1:5f:49:4e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXENWCkW6zMb7YgTj1lP/3XMwPeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTQwMTRaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3YzY5ZjA0NzEzZWMwZGU5NDQ2MGNmNTEzMzYxZTdkYzM1NzFhNjhjMzIz
NmMwOTRmMjBmNzFiYjFkNzExZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0t7h91ldfboplZo2/2isxEeBpawvtWM8h5FN8SQcjiqIk3KIdnV0TOHjxA
+7K/BepZfiQE5HMhGDf8JjiXyrEA+h44koj63Y/i/qVWr07NhGiEBgl7z0y169zf
VkVcRU7My0zLSUSS5hKp+UwGS6XqWC6or5F9YbU2Wnij6IZk+QZXLBqs4sDA9E/S
qXy4rSxpmwA/WRucUbJ8oeIQ+IcLUZdOHHVrJadjO59BgwluMwjw1JsGTHA156kI
NCCcLTDVaXTC+rD5+ATkD4KMV7wC41GnfjDL8r2zcX4Jq6rzR8+6SZ2wFwvENGqf
R8+bXRKvSMZGGI3/wtALsUe/0t8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQNs7Ht
ZY7WoiZEjYPvuVOp6qfyVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDdjM2RlMDctYTM1OS00ZGVlLTkzY2ItMzBhNmRhYjEyMTVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMI
wDANBgkqhkiG9w0BAQsFAAOCAQEAS11ct1yFk1g1c3eU+VS/cUyinT8vfEZ+JOYy
b2b5PZclDrX/2l1Px6g7BJPW47qj7J9cvdF6T8mvLAEPbBadcjAQWqvaSjpy3ZSW
Z/PhvFU32eXdCPtHChvY9ywxIjpaEXwgCTd1UeZWAuYGJ0si07fktqrqD9EPZrCQ
aq2xAv4N7yMUqyVrOtZnXXTWIB46caAO6zZMbSU/8GNuNV23ZYGm0xescZqfPuAf
hCg2NuY734Y0EwbArZqRr7CK3lIbfdYkIme1DI8mhsDq1zd2bs2CFh+zdKBpOQ4e
pZy7F2rrskhm7/bh59PoHq11h/iQDJXzsTZNk75Pan+SsV9JTg==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:38 2025 by rpki-client