Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
File: 5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa (raw, json)
Hash identifier: hwRqvD2rCACddYzZmSomw5yCHjs4NM4Ap1xxUdSEkpA=
Subject key identifier: 19:C6:94:5B:AB:6D:71:A2:3F:7A:1B:09:87:DC:9C:48:ED:6F:C8:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D2DB26CB62ED79A200BDB355D22A38D592D1D4F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
Signing time: Mon 01 Sep 2025 20:50:54 +0000
ROA not before: Mon 01 Sep 2025 20:50:54 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:2d:b2:6c:b6:2e:d7:9a:20:0b:db:35:5d:22:a3:8d:59:2d:1d:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:50:54 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=15e0340fe1832bda5f13224d61b9ea321ba5700a8b9847043c34e30be78e6889, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:11:e8:58:ef:57:8e:42:b8:9b:2b:39:f0:6f:
e4:75:c5:2d:b4:89:c3:41:1f:f9:8f:16:39:a5:c3:
7e:a3:7d:3f:7a:54:de:bd:c4:bc:11:fc:85:88:a3:
57:3c:1e:3b:35:41:25:89:dc:27:ea:b6:1e:59:2c:
53:84:63:57:66:c4:a1:5d:b6:5d:28:93:b7:8e:eb:
c5:b0:08:9a:b1:b8:3f:59:84:63:55:37:72:1e:ae:
ca:39:3f:0b:c7:84:0e:2b:07:a6:8e:bd:cb:94:e0:
4e:e9:3a:a0:9f:2a:a4:e8:38:08:18:9c:34:8d:c8:
72:43:ab:43:32:c6:ed:51:93:63:cf:a9:f1:aa:a8:
f2:7a:f5:51:68:95:5a:ba:6a:14:07:7d:2a:06:c4:
57:74:07:ba:48:bd:aa:78:b5:48:52:02:f2:a6:4d:
8e:79:6e:5e:9d:ad:bf:e6:5a:4f:85:38:ff:60:f2:
ea:6b:48:51:a5:f4:d3:2c:02:42:ce:37:97:8f:39:
95:f0:f8:15:c9:b4:1a:da:ff:59:c4:3a:db:ef:54:
a3:cb:20:a1:ca:92:83:b9:08:47:34:12:72:f5:91:
32:cd:96:01:30:ad:11:7f:1a:6d:31:8d:19:6c:29:
4d:79:df:9c:15:be:f6:8a:ac:53:aa:ea:7f:98:07:
2b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:C6:94:5B:AB:6D:71:A2:3F:7A:1B:09:87:DC:9C:48:ED:6F:C8:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d8e831e-4d61-449b-a532-a1dd9d743ac9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:2000::/40
Signature Algorithm: sha256WithRSAEncryption
99:fb:52:43:d7:c7:94:f0:bb:c5:94:4d:17:06:bd:02:78:11:
74:00:df:65:c9:28:c0:11:83:a1:86:25:06:ac:fe:6b:4f:56:
c9:c6:e8:53:dd:2e:05:c2:f8:b1:60:20:28:2c:9a:62:81:cc:
72:6a:38:58:5f:60:1a:06:ac:98:49:df:9f:88:1d:c2:0e:06:
07:e0:39:ef:a8:20:ab:1a:58:b8:a7:61:3e:fd:29:fa:7e:ba:
22:29:cb:b5:73:d0:f2:3b:a7:4b:56:6f:c8:19:08:ad:da:cb:
93:8b:23:a9:5e:cf:7e:c3:c0:bc:ec:1e:78:d6:34:e5:f2:4b:
b7:33:5a:cc:cf:73:81:83:44:7c:c5:51:66:2d:e0:8e:55:35:
cc:a7:a1:04:af:49:7f:24:04:c1:3b:b8:28:e8:68:47:19:78:
85:05:6b:ea:a5:09:3a:0d:34:87:09:f5:33:de:55:14:7d:d5:
1f:ec:04:97:f9:e9:a5:42:a0:2c:ee:2f:38:f8:2d:ad:08:5d:
6a:42:4d:f0:bb:0c:78:e9:18:5d:fb:67:8e:a1:ab:ff:85:a5:
fc:96:1b:bd:06:90:d4:3c:b4:31:2a:b9:47:89:11:08:91:37:
14:de:f1:b7:c9:37:53:24:8c:2d:75:c3:47:fb:0f:72:91:4e:
8c:3b:0e:c1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXS2ybLYu15ogC9s1XSKjjVktHU8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUwNTRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1ZTAzNDBmZTE4MzJiZGE1ZjEzMjI0ZDYxYjllYTMyMWJhNTcwMGE4Yjk4
NDcwNDNjMzRlMzBiZTc4ZTY4ODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMoR6FjvV45CuJsrOfBv5HXFLbSJw0Ef+Y8WOaXDfqN9P3pU3r3EvBH8hYij
VzweOzVBJYncJ+q2HlksU4RjV2bEoV22XSiTt47rxbAImrG4P1mEY1U3ch6uyjk/
C8eEDisHpo69y5TgTuk6oJ8qpOg4CBicNI3IckOrQzLG7VGTY8+p8aqo8nr1UWiV
WrpqFAd9KgbEV3QHuki9qni1SFIC8qZNjnluXp2tv+ZaT4U4/2Dy6mtIUaX00ywC
Qs43l485lfD4Fcm0Gtr/WcQ62+9Uo8sgocqSg7kIRzQScvWRMs2WATCtEX8abTGN
GWwpTXnfnBW+9oqsU6rqf5gHK/UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQZxpRb
q21xoj96GwmH3JxI7W/I4TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQ4ZTgzMWUtNGQ2MS00NDliLWE1MzItYTFkZDlkNzQzYWM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hog
MA0GCSqGSIb3DQEBCwUAA4IBAQCZ+1JD18eU8LvFlE0XBr0CeBF0AN9lySjAEYOh
hiUGrP5rT1bJxuhT3S4FwvixYCAoLJpigcxyajhYX2AaBqyYSd+fiB3CDgYH4Dnv
qCCrGli4p2E+/Sn6froiKcu1c9DyO6dLVm/IGQit2suTiyOpXs9+w8C87B541jTl
8ku3M1rMz3OBg0R8xVFmLeCOVTXMp6EEr0l/JATBO7go6GhHGXiFBWvqpQk6DTSH
CfUz3lUUfdUf7ASX+emlQqAs7i84+C2tCF1qQk3wuwx46Rhd+2eOoav/haX8lhu9
BpDUPLQxKrlHiREIkTcU3vG3yTdTJIwtdcNH+w9ykU6MOw7B
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:16 2025 by rpki-client