Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/356f05f3-9814-4715-9f58-bf044bf5d10f.roa
File: 356f05f3-9814-4715-9f58-bf044bf5d10f.roa (raw, json)
Hash identifier: 00/rMuYdqObXoTk+qFyYnwGkR9sYug486bnE23VzGl8=
Subject key identifier: 79:15:6C:40:DA:C5:60:9F:C7:C9:30:3A:7E:8C:68:13:98:86:8D:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C025767478A00FC6B4D8D0949D2CEDBB2045EC3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/356f05f3-9814-4715-9f58-bf044bf5d10f.roa
Signing time: Fri 15 Aug 2025 15:40:16 +0000
ROA not before: Fri 15 Aug 2025 15:40:16 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:880::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:02:57:67:47:8a:00:fc:6b:4d:8d:09:49:d2:ce:db:b2:04:5e:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:40:16 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=7f1203258c9a89aaebda309303e0ce39f112e49dc581b563421a0fda5810d107, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9c:6f:8f:e1:a3:47:37:67:71:ee:ef:5a:b8:
78:eb:ad:bb:7a:50:1e:a3:3a:2e:38:b6:fe:78:f0:
3d:7f:50:d7:79:94:28:c8:a7:12:f2:2f:3e:37:b1:
eb:1d:a0:f3:b2:d8:cc:b2:fc:b9:0e:d1:8e:9b:5b:
a2:77:ad:d5:fb:98:c1:01:8e:7e:16:89:da:f7:78:
54:fd:e7:30:fa:d1:cf:92:33:d8:e2:fd:e4:1c:9f:
b1:6f:fa:f0:a3:f8:48:a4:c3:cd:4f:5e:dc:76:0d:
6f:21:3a:a5:5e:97:f3:1e:58:ea:2d:28:75:e1:13:
6d:9a:e0:af:7d:96:50:b7:79:32:96:9c:cc:c8:ec:
7f:35:29:93:db:93:8c:eb:24:6a:c0:68:a6:5f:c9:
9d:37:79:26:b1:bc:8f:84:20:98:e3:e3:25:71:54:
b1:b3:d9:42:ad:ab:5a:77:1d:7c:9d:12:df:c0:ee:
ba:78:5d:87:9a:41:08:02:49:5f:87:f3:d4:69:67:
95:a6:52:93:1a:26:60:5b:bb:28:c2:e7:e0:46:9e:
d4:6b:25:88:ce:90:05:49:95:79:05:f0:d1:cb:3b:
99:dd:fb:f5:29:c4:8e:e5:33:54:61:32:70:a2:99:
96:8d:54:41:7e:42:48:43:94:6a:57:bd:91:0c:cf:
9d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:15:6C:40:DA:C5:60:9F:C7:C9:30:3A:7E:8C:68:13:98:86:8D:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/356f05f3-9814-4715-9f58-bf044bf5d10f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:880::/46
Signature Algorithm: sha256WithRSAEncryption
8f:47:98:60:0f:e2:8c:66:e0:c7:fd:40:6d:bd:2c:41:03:6f:
b5:5d:51:48:0f:de:bf:a0:45:07:ea:d4:83:53:06:c0:9f:6d:
f1:c3:b3:ef:94:96:f0:d4:20:39:02:38:a3:f4:77:81:fa:c9:
77:3b:5b:59:d4:89:a3:c1:87:ee:08:1b:32:8f:f9:48:e2:f5:
e1:89:b6:47:8a:a4:69:25:1d:aa:b8:48:15:21:69:38:fd:d7:
d3:b1:39:73:4c:84:37:40:0f:c5:c3:29:29:df:6b:fe:fd:4a:
eb:a6:01:de:7d:27:1e:43:f4:f7:dc:11:9e:13:bb:a0:95:17:
14:a8:c0:da:36:38:ed:75:eb:0c:d5:3b:0f:0d:c1:da:ba:eb:
78:0f:32:9d:2f:eb:3b:73:59:93:f7:ea:eb:77:4c:fd:a2:b1:
b1:41:75:11:3e:e0:91:32:76:ff:0d:62:6b:2b:7d:dd:0a:53:
59:aa:d9:31:c6:f4:a1:45:b2:83:1d:e3:f1:f9:02:30:b5:92:
87:4a:40:80:27:43:6b:f9:cf:7c:19:11:6d:28:a3:9c:7e:40:
bb:31:ac:3e:35:88:f0:57:3e:3e:aa:08:cc:b6:51:ce:df:72:
45:0f:79:bf:0f:59:c8:05:b3:43:92:c6:00:ee:c9:10:a4:82:
95:63:e8:c5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTAJXZ0eKAPxrTY0JSdLO27IEXsMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTQwMTZaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmMTIwMzI1OGM5YTg5YWFlYmRhMzA5MzAzZTBjZTM5ZjExMmU0OWRjNTgx
YjU2MzQyMWEwZmRhNTgxMGQxMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOcb4/ho0c3Z3Hu71q4eOutu3pQHqM6Lji2/njwPX9Q13mUKMinEvIvPjex
6x2g87LYzLL8uQ7Rjptbonet1fuYwQGOfhaJ2vd4VP3nMPrRz5Iz2OL95ByfsW/6
8KP4SKTDzU9e3HYNbyE6pV6X8x5Y6i0odeETbZrgr32WULd5MpaczMjsfzUpk9uT
jOskasBopl/JnTd5JrG8j4QgmOPjJXFUsbPZQq2rWncdfJ0S38Duunhdh5pBCAJJ
X4fz1GlnlaZSkxomYFu7KMLn4Eae1GsliM6QBUmVeQXw0cs7md379SnEjuUzVGEy
cKKZlo1UQX5CSEOUale9kQzPncUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR5FWxA
2sVgn8fJMDp+jGgTmIaN5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzU2ZjA1ZjMtOTgxNC00NzE1LTlmNTgtYmYwNDRiZjVkMTBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMI
gDANBgkqhkiG9w0BAQsFAAOCAQEAj0eYYA/ijGbgx/1Abb0sQQNvtV1RSA/ev6BF
B+rUg1MGwJ9t8cOz75SW8NQgOQI4o/R3gfrJdztbWdSJo8GH7ggbMo/5SOL14Ym2
R4qkaSUdqrhIFSFpOP3X07E5c0yEN0APxcMpKd9r/v1K66YB3n0nHkP099wRnhO7
oJUXFKjA2jY47XXrDNU7Dw3B2rrreA8ynS/rO3NZk/fq63dM/aKxsUF1ET7gkTJ2
/w1iayt93QpTWarZMcb0oUWygx3j8fkCMLWSh0pAgCdDa/nPfBkRbSijnH5AuzGs
PjWI8Fc+PqoIzLZRzt9yRQ95vw9ZyAWzQ5LGAO7JEKSClWPoxQ==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:36 2025 by rpki-client