Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fae084a-25bc-483a-9a0a-2dc71c247184.roa
File: 5fae084a-25bc-483a-9a0a-2dc71c247184.roa (raw, json)
Hash identifier: 2h23hy2EcgwWnslUCGLa1CSMvUek8Vgc9ecCVcgugcE=
Subject key identifier: 53:0A:5A:6B:90:5F:53:56:D5:01:D0:DF:19:F5:32:13:1D:E8:9A:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2861B69440B4A2E270DCD1D0FBD2453D0354D302
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fae084a-25bc-483a-9a0a-2dc71c247184.roa
Signing time: Tue 26 Aug 2025 17:10:42 +0000
ROA not before: Tue 26 Aug 2025 17:10:42 +0000
ROA not after: Tue 30 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:61:b6:94:40:b4:a2:e2:70:dc:d1:d0:fb:d2:45:3d:03:54:d3:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 26 17:10:42 2025 GMT
Not After : Sep 30 23:59:59 2025 GMT
Subject: serialNumber=879ce44e48ca7a5805eb5bcae19cf42c9a3b9d0b5b2679aa90b3fdd66b934ce3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2a:ec:7b:42:cb:17:f9:45:03:0c:3a:72:8e:
20:3c:28:09:fb:05:f8:b3:ab:32:d8:61:b2:c1:b7:
40:9a:1c:3f:7e:da:d2:da:0c:6f:3f:48:e2:90:a8:
95:cb:93:ff:ac:61:06:9a:3b:d1:53:dc:fe:64:6f:
79:67:5e:3d:82:ac:15:4a:f6:50:db:fd:35:15:68:
70:f7:54:83:99:de:7f:04:61:5c:17:09:aa:2f:c5:
c0:2b:f3:65:4e:22:fb:d2:a8:13:02:7a:ed:c0:07:
78:50:37:7e:a7:8d:37:8c:10:a9:9a:b5:4f:f3:14:
c7:6b:d9:da:96:fc:f0:c4:36:af:c3:8f:a5:03:5f:
81:30:74:f0:92:c0:ca:7f:d0:13:b4:6e:d5:4b:10:
41:23:30:ad:69:3e:fc:43:75:0f:39:ca:48:c3:ca:
6a:c3:04:91:0c:4d:88:cc:8e:f7:23:88:c4:b6:9f:
ca:3d:5f:bc:f6:1f:27:08:ee:eb:6c:8f:10:c8:62:
93:fc:40:e6:cc:cc:73:0c:62:a6:9c:dc:52:84:37:
ef:50:ac:01:fc:34:48:40:3c:36:99:8d:24:10:a0:
36:39:7d:99:27:1c:77:67:0b:07:a2:03:f4:99:62:
d0:c5:e3:0a:18:d7:39:0b:05:f5:ee:59:11:48:c3:
99:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:0A:5A:6B:90:5F:53:56:D5:01:D0:DF:19:F5:32:13:1D:E8:9A:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fae084a-25bc-483a-9a0a-2dc71c247184.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:800::/40
Signature Algorithm: sha256WithRSAEncryption
0b:88:25:41:60:36:30:6b:33:a8:53:31:02:7c:b4:45:fb:54:
17:3b:63:85:9d:0c:1b:5a:5f:fe:e3:b8:6b:5e:4e:74:94:0d:
6a:cc:c1:61:f3:bb:ef:35:34:d6:46:5c:ca:70:86:03:90:39:
01:37:67:ef:35:50:79:86:60:3c:89:d0:8e:27:cf:7f:4a:05:
0d:3d:96:7b:27:1e:0f:3c:42:c9:37:ab:53:0b:d1:7f:6f:fa:
9e:b7:be:d0:09:54:17:4d:ac:d4:28:7b:aa:a2:8b:60:7a:e0:
68:90:5e:ff:21:23:38:ac:d8:c3:8c:f0:e3:7e:71:38:d7:b2:
3a:c0:51:61:8d:72:78:22:d5:d4:b9:c8:6c:5d:9d:ee:ef:7d:
52:9e:77:69:56:77:59:a5:38:37:ad:cd:bb:9c:3e:c2:be:a9:
2b:17:e0:fa:76:f9:8c:30:99:21:c9:5e:1f:f9:f9:93:6c:2b:
5c:d9:3e:c4:53:02:42:58:71:33:a2:a6:b9:77:d9:f6:2a:29:
3f:5b:35:ac:ae:fb:b3:05:86:35:6b:8a:de:dc:48:5e:f2:4e:
20:2c:a1:56:99:ff:ec:74:ad:4e:54:d2:62:19:ee:bc:62:39:
7d:1e:86:22:90:f9:c2:91:2c:7c:fd:f6:53:32:44:fc:b1:2b:
df:fe:02:ee
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKGG2lEC0ouJw3NHQ+9JFPQNU0wIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjYxNzEwNDJaFw0yNTA5MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3OWNlNDRlNDhjYTdhNTgwNWViNWJjYWUxOWNmNDJjOWEzYjlkMGI1YjI2
NzlhYTkwYjNmZGQ2NmI5MzRjZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkq7HtCyxf5RQMMOnKOIDwoCfsF+LOrMthhssG3QJocP37a0toMbz9I4pCo
lcuT/6xhBpo70VPc/mRveWdePYKsFUr2UNv9NRVocPdUg5nefwRhXBcJqi/FwCvz
ZU4i+9KoEwJ67cAHeFA3fqeNN4wQqZq1T/MUx2vZ2pb88MQ2r8OPpQNfgTB08JLA
yn/QE7Ru1UsQQSMwrWk+/EN1DznKSMPKasMEkQxNiMyO9yOIxLafyj1fvPYfJwju
62yPEMhik/xA5szMcwxippzcUoQ371CsAfw0SEA8NpmNJBCgNjl9mSccd2cLB6ID
9Jli0MXjChjXOQsF9e5ZEUjDmXsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRTClpr
kF9TVtUB0N8Z9TITHeiaqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWZhZTA4NGEtMjViYy00ODNhLTlhMGEtMmRjNzFjMjQ3MTg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8I
MA0GCSqGSIb3DQEBCwUAA4IBAQALiCVBYDYwazOoUzECfLRF+1QXO2OFnQwbWl/+
47hrXk50lA1qzMFh87vvNTTWRlzKcIYDkDkBN2fvNVB5hmA8idCOJ89/SgUNPZZ7
Jx4PPELJN6tTC9F/b/qet77QCVQXTazUKHuqootgeuBokF7/ISM4rNjDjPDjfnE4
17I6wFFhjXJ4ItXUuchsXZ3u731SnndpVndZpTg3rc27nD7CvqkrF+D6dvmMMJkh
yV4f+fmTbCtc2T7EUwJCWHEzoqa5d9n2Kik/WzWsrvuzBYY1a4re3Ehe8k4gLKFW
mf/sdK1OVNJiGe68Yjl9HoYikPnCkSx8/fZTMkT8sSvf/gLu
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:10:21 2025 by rpki-client