Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82d9b619-a6dc-44c4-9589-f89fef2e61f0.roa
File: 82d9b619-a6dc-44c4-9589-f89fef2e61f0.roa (raw, json)
Hash identifier: 7UiKoPIrpeBiY+8pBCQppj6/SUdWuBk9RlmvBn0TlWU=
Subject key identifier: 5F:5A:66:FF:6C:6E:BD:B6:EC:28:88:6D:63:B9:AF:D8:AF:16:B5:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 60D74091941BCA322007545BF5D7178B5F00E46F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82d9b619-a6dc-44c4-9589-f89fef2e61f0.roa
Signing time: Fri 15 Aug 2025 15:51:00 +0000
ROA not before: Fri 15 Aug 2025 15:51:00 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:d7:40:91:94:1b:ca:32:20:07:54:5b:f5:d7:17:8b:5f:00:e4:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:51:00 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=b4d3eef4944e4159186cb7d31429c5dca45f91ebedf4ff4aa937a91a7d4be203, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:54:b2:75:21:89:57:40:59:54:91:fb:e2:66:
20:3b:c6:82:6d:f3:a8:4b:f5:07:38:70:87:88:3a:
c9:3f:6b:5c:0a:e0:3c:c6:3c:17:ce:78:2b:05:2f:
41:62:a5:d1:7f:ec:37:88:e1:b0:d1:ab:50:53:05:
7e:12:6c:c3:65:e6:8b:aa:b8:cd:c3:33:0c:15:84:
e0:21:26:69:ae:2f:f1:b8:84:46:63:50:93:58:33:
42:ae:57:f6:77:f9:78:ee:4c:22:34:ce:bc:50:a3:
16:28:78:67:11:2e:2e:99:1c:fb:11:89:a7:4d:ca:
0b:40:f9:1f:c2:9c:82:51:16:86:a3:5b:4c:2d:f0:
33:c9:4b:89:30:ed:c4:6e:bf:fe:1d:75:9c:ef:f7:
fc:7b:a5:e9:fa:9e:42:bc:a7:f0:ef:da:27:c7:0e:
26:25:51:8a:1c:a7:29:24:f3:af:67:01:62:a1:85:
cd:16:cc:b2:b5:2f:0d:28:19:4c:cf:e8:a9:d4:aa:
74:7a:db:b8:aa:4f:f3:7a:ad:9e:c1:97:34:e1:56:
05:96:93:97:14:04:88:c7:89:e8:a8:5d:03:ba:a3:
d3:09:79:26:d6:31:b7:31:80:fe:e7:23:8e:7b:51:
2d:14:4a:c1:0e:7a:c9:f0:bd:ea:e3:1b:8d:97:4b:
0b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:5A:66:FF:6C:6E:BD:B6:EC:28:88:6D:63:B9:AF:D8:AF:16:B5:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82d9b619-a6dc-44c4-9589-f89fef2e61f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:c000::/40
Signature Algorithm: sha256WithRSAEncryption
1e:fb:c1:4b:8b:13:bc:17:f7:38:02:d4:e2:c5:8d:20:31:46:
4e:79:a7:73:4c:7d:30:f2:8f:73:37:2d:f5:8e:c3:50:f9:8d:
73:b7:a1:f2:36:6c:83:1f:fb:c0:e7:44:ef:f3:9d:57:17:f2:
01:29:b4:a5:aa:2e:01:af:f2:a2:aa:0b:42:e2:37:e9:ea:ed:
6d:f1:be:d7:3b:9b:3e:58:3d:29:5d:83:63:6f:0e:f7:66:a4:
ac:08:9e:01:db:e8:fd:03:b7:46:f4:0a:d5:39:3d:84:98:4d:
86:09:a0:81:d0:27:17:05:ac:ec:f1:62:02:74:c0:f1:f2:8d:
e0:17:67:1c:a7:75:8d:d2:30:5e:b2:35:3a:a9:80:44:44:24:
32:dc:87:ff:bf:44:31:a0:f7:18:f0:fd:55:a8:5a:e0:74:0b:
e6:9e:f1:2a:ab:5c:2d:4b:0e:64:22:e6:cc:7c:75:f4:f9:44:
e5:ca:27:11:a8:d3:84:ba:bd:7e:6b:54:85:dd:cc:7e:95:65:
a2:b4:ed:f8:04:9c:8c:3f:db:77:52:72:e7:09:6d:27:9c:b3:
62:16:06:37:30:72:a2:01:0a:22:bc:04:dc:f8:f3:3e:80:8f:
8d:c0:a5:e3:09:7f:5d:46:69:66:fd:ae:9f:60:98:5b:0d:de:
3f:fb:ac:7e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYNdAkZQbyjIgB1Rb9dcXi18A5G8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTUxMDBaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0ZDNlZWY0OTQ0ZTQxNTkxODZjYjdkMzE0MjljNWRjYTQ1ZjkxZWJlZGY0
ZmY0YWE5MzdhOTFhN2Q0YmUyMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtUsnUhiVdAWVSR++JmIDvGgm3zqEv1Bzhwh4g6yT9rXArgPMY8F854KwUv
QWKl0X/sN4jhsNGrUFMFfhJsw2Xmi6q4zcMzDBWE4CEmaa4v8biERmNQk1gzQq5X
9nf5eO5MIjTOvFCjFih4ZxEuLpkc+xGJp03KC0D5H8KcglEWhqNbTC3wM8lLiTDt
xG6//h11nO/3/Hul6fqeQryn8O/aJ8cOJiVRihynKSTzr2cBYqGFzRbMsrUvDSgZ
TM/oqdSqdHrbuKpP83qtnsGXNOFWBZaTlxQEiMeJ6KhdA7qj0wl5JtYxtzGA/ucj
jntRLRRKwQ56yfC96uMbjZdLC5kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRfWmb/
bG69tuwoiG1jua/Yrxa10jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODJkOWI2MTktYTZkYy00NGM0LTk1ODktZjg5ZmVmMmU2MWYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HPA
MA0GCSqGSIb3DQEBCwUAA4IBAQAe+8FLixO8F/c4AtTixY0gMUZOeadzTH0w8o9z
Ny31jsNQ+Y1zt6HyNmyDH/vA50Tv851XF/IBKbSlqi4Br/KiqgtC4jfp6u1t8b7X
O5s+WD0pXYNjbw73ZqSsCJ4B2+j9A7dG9ArVOT2EmE2GCaCB0CcXBazs8WICdMDx
8o3gF2ccp3WN0jBesjU6qYBERCQy3If/v0QxoPcY8P1VqFrgdAvmnvEqq1wtSw5k
IubMfHX0+UTlyicRqNOEur1+a1SF3cx+lWWitO34BJyMP9t3UnLnCW0nnLNiFgY3
MHKiAQoivATc+PM+gI+NwKXjCX9dRmlm/a6fYJhbDd4/+6x+
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:38 2025 by rpki-client