Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa
File: 5b65b415-a397-41d3-99dc-207c8689d0ee.roa (raw, json)
Hash identifier: Plm0NFUoTU9vxPTLKroSE/RmLKyxEh7RJX1RtdQnyTk=
Subject key identifier: 75:95:0D:A9:67:36:79:DD:CE:C2:82:D1:62:76:9F:B5:4C:13:93:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D87B0EF8F553AA03652433053EB92DD5BD04EA6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa
Signing time: Fri 22 Aug 2025 15:11:02 +0000
ROA not before: Fri 22 Aug 2025 15:11:02 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:87:b0:ef:8f:55:3a:a0:36:52:43:30:53:eb:92:dd:5b:d0:4e:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:11:02 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=f3c023d5c11a3c5fce723448f4a7ff361ae728464da2dd2545b8d3cbd7235ad7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4a:43:e5:a5:55:5d:ab:a5:d4:65:1b:e3:28:
51:dc:3a:81:95:37:89:5a:a8:b3:32:b3:aa:d0:15:
68:e0:da:b5:87:97:86:32:59:bd:ac:21:ff:4f:26:
cd:e0:65:7c:96:4a:aa:94:bd:99:6f:15:67:97:2d:
a5:b6:5f:c9:ac:38:16:19:3d:78:36:ef:5c:40:b0:
61:3c:66:17:e3:98:bb:48:f0:b0:da:c9:11:3e:99:
cc:02:0e:c4:31:83:24:09:e0:e8:b3:83:64:94:c2:
7f:62:47:fb:e2:b1:c2:c6:cc:b9:73:85:3b:ee:cb:
04:3d:34:60:3f:f2:c3:4d:af:d9:d7:8e:95:9c:da:
69:7b:6b:ec:92:54:77:00:db:df:83:5f:19:4a:be:
58:60:63:de:65:3c:98:23:7a:50:f9:3b:c3:22:67:
a5:40:71:79:3b:03:0f:d7:53:01:44:c6:c8:33:63:
9d:2f:e8:99:7d:56:fc:e3:1f:f2:28:f7:37:7e:1f:
9a:1f:9d:6c:06:c5:f3:73:96:2d:70:91:e4:57:4d:
c1:a7:51:cf:0b:af:d9:40:01:f2:21:d7:c3:a6:98:
21:4c:db:33:e8:42:24:c2:fc:3c:0b:17:01:c1:67:
31:68:91:c0:69:0e:a6:72:b2:a0:cc:67:d4:5a:a7:
37:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:95:0D:A9:67:36:79:DD:CE:C2:82:D1:62:76:9F:B5:4C:13:93:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:6000::/40
Signature Algorithm: sha256WithRSAEncryption
51:e0:96:eb:29:53:76:48:76:e5:3f:6c:95:a1:ba:c8:70:be:
b4:c2:cd:4a:b4:34:1b:0a:36:80:c1:1d:b5:43:52:66:03:7d:
d5:ed:13:1e:eb:e3:60:e1:b1:4a:7f:5a:94:39:18:12:79:81:
16:96:e8:90:59:55:61:31:c9:37:55:bc:80:fd:6d:90:db:62:
6a:2c:1b:de:f4:f4:ad:be:5a:c5:5e:d6:1b:8c:ad:3e:bb:bb:
21:43:d9:7d:8a:00:a9:42:62:cc:4b:67:f9:68:c1:e7:27:0a:
32:c6:d5:44:83:04:86:e2:66:5e:ad:79:47:ff:c5:f3:6e:19:
29:c0:8f:05:28:60:cf:8f:2c:c5:70:0c:2b:da:2c:8c:e8:07:
a4:a1:9c:c1:01:82:ae:30:c6:8b:c2:ca:76:f8:a5:a2:01:98:
db:f2:da:c6:cf:2f:c5:3f:60:39:12:b2:b6:2c:cd:2f:00:bb:
d6:f3:02:a3:f6:a2:54:c8:50:b5:2e:8b:e4:1b:bd:64:dc:98:
2f:e2:aa:47:65:23:b0:6f:a8:51:6b:34:72:87:1d:3f:14:80:
34:79:77:17:0b:87:54:60:fb:b9:df:1a:03:cf:cc:bd:53:c4:
6f:03:9e:e9:c6:b1:3d:8f:22:5a:cf:1d:50:a3:27:70:82:57:
54:d6:35:c0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfYew749VOqA2UkMwU+uS3VvQTqYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTExMDJaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzYzAyM2Q1YzExYTNjNWZjZTcyMzQ0OGY0YTdmZjM2MWFlNzI4NDY0ZGEy
ZGQyNTQ1YjhkM2NiZDcyMzVhZDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKdKQ+WlVV2rpdRlG+MoUdw6gZU3iVqoszKzqtAVaODatYeXhjJZvawh/08m
zeBlfJZKqpS9mW8VZ5ctpbZfyaw4Fhk9eDbvXECwYTxmF+OYu0jwsNrJET6ZzAIO
xDGDJAng6LODZJTCf2JH++KxwsbMuXOFO+7LBD00YD/yw02v2deOlZzaaXtr7JJU
dwDb34NfGUq+WGBj3mU8mCN6UPk7wyJnpUBxeTsDD9dTAUTGyDNjnS/omX1W/OMf
8ij3N34fmh+dbAbF83OWLXCR5FdNwadRzwuv2UAB8iHXw6aYIUzbM+hCJML8PAsX
AcFnMWiRwGkOpnKyoMxn1FqnN48CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR1lQ2p
ZzZ53c7CgtFidp+1TBOTxDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWI2NWI0MTUtYTM5Ny00MWQzLTk5ZGMtMjA3Yzg2ODlkMGVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZg
MA0GCSqGSIb3DQEBCwUAA4IBAQBR4JbrKVN2SHblP2yVobrIcL60ws1KtDQbCjaA
wR21Q1JmA33V7RMe6+Ng4bFKf1qUORgSeYEWluiQWVVhMck3VbyA/W2Q22JqLBve
9PStvlrFXtYbjK0+u7shQ9l9igCpQmLMS2f5aMHnJwoyxtVEgwSG4mZerXlH/8Xz
bhkpwI8FKGDPjyzFcAwr2iyM6AekoZzBAYKuMMaLwsp2+KWiAZjb8trGzy/FP2A5
ErK2LM0vALvW8wKj9qJUyFC1LovkG71k3Jgv4qpHZSOwb6hRazRyhx0/FIA0eXcX
C4dUYPu53xoDz8y9U8RvA57pxrE9jyJazx1QoydwgldU1jXA
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:42 2025 by rpki-client