Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa
File: 5fe931ae-e353-437d-9738-79004c5e9188.roa (raw, json)
Hash identifier: KndYiq1vLFYUlSkDkU2x+pZUVJ54nnIH7IfwbOm0T+c=
Subject key identifier: 95:28:B8:B4:9E:4D:0F:C1:B7:06:A2:63:DC:5B:02:33:07:A7:02:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0508BE8152962C6C211C5F74153B8BF8EEF7C231
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa
Signing time: Tue 05 Aug 2025 20:01:27 +0000
ROA not before: Tue 05 Aug 2025 20:01:27 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:08:be:81:52:96:2c:6c:21:1c:5f:74:15:3b:8b:f8:ee:f7:c2:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:01:27 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=77d319941a75873c5d68e45518b510445418b3dd99182a85d81a92e2a3ccbaac, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:95:e3:6d:ea:90:a8:e8:f1:42:41:75:8a:5e:
2e:b9:f9:cd:6b:51:a8:e8:f6:df:fb:3f:60:4f:bb:
97:aa:e8:46:60:fc:01:cb:8b:d5:7c:4b:c8:a1:64:
47:31:c8:60:3c:b7:5a:0d:27:1d:f8:4a:a2:26:05:
d5:de:3c:cb:8d:69:3a:c7:64:b9:dc:0e:44:69:33:
ee:70:99:44:30:01:f9:b0:92:d4:e8:45:13:78:62:
43:56:b3:b8:f4:73:0d:e3:25:60:6c:4f:36:ac:86:
c1:be:61:09:68:52:59:b7:c4:b4:97:21:c5:61:e5:
82:41:b9:b1:90:ee:d0:66:34:37:85:90:83:10:ed:
ac:a0:48:e2:ca:de:92:c9:d6:fc:60:88:81:0d:e7:
23:08:6c:8c:6d:45:13:b1:9e:e8:64:61:28:19:10:
f9:f9:f8:91:14:4e:3d:92:d3:90:47:e3:53:3c:93:
eb:ad:31:b9:7b:70:02:58:27:cd:bd:9c:21:3c:85:
f4:42:fb:71:7e:04:02:74:e1:5f:49:55:80:73:89:
fb:9e:c9:c6:b8:f1:cd:de:44:ad:20:38:79:36:b3:
8d:09:55:5a:22:05:77:fc:db:e2:86:f6:ee:84:98:
ab:c8:e4:3e:a0:ed:f3:3c:3a:d0:01:d9:56:a2:e1:
13:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:28:B8:B4:9E:4D:0F:C1:B7:06:A2:63:DC:5B:02:33:07:A7:02:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:c000::/40
Signature Algorithm: sha256WithRSAEncryption
a1:59:a6:b9:aa:95:4b:7c:06:7f:20:32:9b:da:e1:31:3b:b3:
ca:3b:93:ec:a3:c1:47:62:e0:72:ef:b1:47:c2:f6:73:96:d0:
87:71:b2:29:d7:8a:aa:11:9c:29:9c:a6:99:4b:19:12:73:b4:
bb:39:4c:6e:13:64:d5:8b:e6:f7:03:c6:25:00:94:36:98:ac:
53:85:4c:c0:81:06:17:7d:c0:e6:72:25:03:eb:d8:8b:95:7a:
29:b5:b0:12:bc:01:a7:a4:16:d3:03:af:7a:c4:22:71:99:70:
8d:89:51:95:26:83:b5:9a:20:5c:a8:1d:cf:f1:98:7b:68:ff:
87:4e:19:57:ec:09:75:9c:12:36:76:96:b3:cb:f1:c8:74:83:
55:7a:a2:7a:93:de:d9:c6:39:f3:31:f8:7b:c0:69:da:0a:7c:
d3:b1:78:f8:bc:ab:ee:b6:df:fe:2f:d8:79:d5:dc:bf:b2:8d:
03:68:25:a1:4e:41:2d:ec:c2:db:28:46:ec:d8:53:33:62:e2:
a5:a1:74:8d:6c:70:29:2c:7d:25:0c:8b:ca:14:1f:d9:9c:ef:
37:e2:7b:84:1a:af:89:18:d2:fa:1e:ed:55:fa:97:68:80:ad:
31:78:96:9f:67:d3:30:55:c2:3c:66:20:da:7c:98:0a:ad:8f:
05:94:30:1a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBQi+gVKWLGwhHF90FTuL+O73wjEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAxMjdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3ZDMxOTk0MWE3NTg3M2M1ZDY4ZTQ1NTE4YjUxMDQ0NTQxOGIzZGQ5OTE4
MmE4NWQ4MWE5MmUyYTNjY2JhYWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANeV423qkKjo8UJBdYpeLrn5zWtRqOj23/s/YE+7l6roRmD8AcuL1XxLyKFk
RzHIYDy3Wg0nHfhKoiYF1d48y41pOsdkudwORGkz7nCZRDAB+bCS1OhFE3hiQ1az
uPRzDeMlYGxPNqyGwb5hCWhSWbfEtJchxWHlgkG5sZDu0GY0N4WQgxDtrKBI4sre
ksnW/GCIgQ3nIwhsjG1FE7Ge6GRhKBkQ+fn4kRROPZLTkEfjUzyT660xuXtwAlgn
zb2cITyF9EL7cX4EAnThX0lVgHOJ+57Jxrjxzd5ErSA4eTazjQlVWiIFd/zb4ob2
7oSYq8jkPqDt8zw60AHZVqLhEz8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSVKLi0
nk0PwbcGomPcWwIzB6cCyDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWZlOTMxYWUtZTM1My00MzdkLTk3MzgtNzkwMDRjNWU5MTg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DTA
MA0GCSqGSIb3DQEBCwUAA4IBAQChWaa5qpVLfAZ/IDKb2uExO7PKO5Pso8FHYuBy
77FHwvZzltCHcbIp14qqEZwpnKaZSxkSc7S7OUxuE2TVi+b3A8YlAJQ2mKxThUzA
gQYXfcDmciUD69iLlXoptbASvAGnpBbTA696xCJxmXCNiVGVJoO1miBcqB3P8Zh7
aP+HThlX7Al1nBI2dpazy/HIdINVeqJ6k97ZxjnzMfh7wGnaCnzTsXj4vKvutt/+
L9h51dy/so0DaCWhTkEt7MLbKEbs2FMzYuKloXSNbHApLH0lDIvKFB/ZnO834nuE
Gq+JGNL6Hu1V+pdogK0xeJafZ9MwVcI8ZiDafJgKrY8FlDAa
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:09 2025 by rpki-client