Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa
File: 5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa (raw, json)
Hash identifier: 4yds6O2CfxQ5gGnrcBusxtF2VDewRgZhXJi1UVlHif4=
Subject key identifier: 6B:38:0F:26:3A:B9:D8:00:03:7F:3D:3C:3A:47:33:D1:F3:C6:70:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E16271245BDC9CD2D6D6797C305888C6EB57F0D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa
Signing time: Tue 19 Aug 2025 16:50:23 +0000
ROA not before: Tue 19 Aug 2025 16:50:23 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:16:27:12:45:bd:c9:cd:2d:6d:67:97:c3:05:88:8c:6e:b5:7f:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:23 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=5f744346f33a440a4ce3db740852df444520f61770e106a246c3b3554e35a1df, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:98:15:fa:76:9b:84:c1:00:5e:6f:82:b3:47:
41:49:1b:77:89:a9:d0:dd:d3:86:64:ae:d0:92:56:
4f:fb:d7:06:34:11:22:61:71:18:13:98:08:a7:2b:
8e:87:9b:73:ae:be:92:8a:02:9e:3d:96:5f:42:75:
f1:5d:ee:18:cb:7f:73:12:d5:29:e9:cd:93:d8:99:
32:fb:76:ae:63:01:d6:98:78:cd:a2:a2:46:13:45:
aa:03:16:89:e6:91:ae:9d:12:d4:69:a1:b2:8f:d2:
b7:fa:1d:a9:2a:99:dc:4a:f4:2e:e7:b2:8f:bf:d6:
3b:ba:0c:52:6c:d0:5d:58:9c:cb:6e:d1:eb:7f:a5:
90:cd:30:09:1f:0b:ab:f4:b3:60:4f:89:08:f8:70:
4e:06:e0:0c:b9:5d:3e:8e:90:83:ae:0c:f7:b9:9c:
63:60:4c:50:44:d8:c7:53:be:54:cc:49:af:46:2d:
34:fd:fa:d6:5f:e2:ca:8c:8d:a8:ec:5b:ae:55:89:
40:e8:35:76:7f:65:58:97:e3:a8:6c:c3:37:c9:c6:
3b:c4:2c:a7:00:80:49:5d:f0:94:14:42:6e:52:65:
e3:a6:fd:db:e1:3c:e8:9e:68:63:c8:3f:dc:71:31:
ea:ae:20:ff:84:6e:49:d3:f8:40:39:18:03:77:14:
bc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:38:0F:26:3A:B9:D8:00:03:7F:3D:3C:3A:47:33:D1:F3:C6:70:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d37dc15-1224-4901-aab1-7f7f30fe61c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:9000::/40
Signature Algorithm: sha256WithRSAEncryption
62:26:04:db:34:d8:38:26:72:2a:62:d0:34:7d:f2:e8:65:6f:
12:bc:14:6f:29:76:d5:fd:23:9c:81:a6:77:2f:8c:88:47:84:
f7:13:1d:7a:f8:dd:7e:82:7e:ac:00:a0:13:c6:80:ad:c1:a1:
93:b2:db:80:98:4a:59:34:6e:6d:c3:fd:2c:83:e1:a9:ee:a5:
7a:af:bc:a0:6b:66:f2:a0:38:bd:1c:d1:8a:5c:9a:d1:04:b5:
f0:39:bc:40:5a:7c:9f:12:ca:e8:d9:86:ff:bc:69:22:4c:bf:
6d:19:a8:eb:76:af:96:24:a7:9a:74:47:fe:1d:f9:6c:35:c5:
70:72:25:82:e9:7e:92:5e:01:f3:c7:09:e9:44:46:fa:59:78:
56:44:0f:46:8e:f9:f8:02:51:d9:6f:f8:30:77:7d:32:32:ca:
e7:e2:b3:26:ea:a4:bc:5c:ea:1e:8e:24:52:26:07:95:a6:e0:
7d:cf:7b:e0:2e:ef:56:b6:8f:d8:d8:8d:7f:c3:01:54:a4:5c:
97:2a:a5:b8:76:68:66:c5:63:05:e3:79:7a:8b:8b:7e:bf:64:
1d:d5:39:a5:5b:2b:7e:87:3a:7c:a5:02:95:b5:82:d3:13:05:
59:dc:a6:0d:9f:db:49:2c:f1:e7:1e:9a:0a:d5:0d:e1:85:d2:
45:2d:50:f2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbhYnEkW9yc0tbWeXwwWIjG61fw0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwMjNaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmNzQ0MzQ2ZjMzYTQ0MGE0Y2UzZGI3NDA4NTJkZjQ0NDUyMGY2MTc3MGUx
MDZhMjQ2YzNiMzU1NGUzNWExZGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWYFfp2m4TBAF5vgrNHQUkbd4mp0N3ThmSu0JJWT/vXBjQRImFxGBOYCKcr
joebc66+kooCnj2WX0J18V3uGMt/cxLVKenNk9iZMvt2rmMB1ph4zaKiRhNFqgMW
ieaRrp0S1Gmhso/St/odqSqZ3Er0Lueyj7/WO7oMUmzQXVicy27R63+lkM0wCR8L
q/SzYE+JCPhwTgbgDLldPo6Qg64M97mcY2BMUETYx1O+VMxJr0YtNP361l/iyoyN
qOxbrlWJQOg1dn9lWJfjqGzDN8nGO8QspwCASV3wlBRCblJl46b92+E86J5oY8g/
3HEx6q4g/4RuSdP4QDkYA3cUvFcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRrOA8m
OrnYAAN/PTw6RzPR88ZwezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQzN2RjMTUtMTIyNC00OTAxLWFhYjEtN2Y3ZjMwZmU2MWM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBiJgTbNNg4JnIqYtA0ffLoZW8SvBRvKXbV/SOc
gaZ3L4yIR4T3Ex16+N1+gn6sAKATxoCtwaGTstuAmEpZNG5tw/0sg+Gp7qV6r7yg
a2byoDi9HNGKXJrRBLXwObxAWnyfEsro2Yb/vGkiTL9tGajrdq+WJKeadEf+Hfls
NcVwciWC6X6SXgHzxwnpREb6WXhWRA9Gjvn4AlHZb/gwd30yMsrn4rMm6qS8XOoe
jiRSJgeVpuB9z3vgLu9Wto/Y2I1/wwFUpFyXKqW4dmhmxWMF43l6i4t+v2Qd1Tml
Wyt+hzp8pQKVtYLTEwVZ3KYNn9tJLPHnHpoK1Q3hhdJFLVDy
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:33 2025 by rpki-client