Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
File: 8553b3da-6a47-43ee-87d3-5259a23c371b.roa (raw, json)
Hash identifier: b1CHuXBfUcymLQU9lr4uJ18fzOtSHdthvEz2gMB9D/o=
Subject key identifier: 0F:CF:E1:D4:5E:FA:B6:02:14:7C:49:36:A0:B3:66:0B:27:54:BE:5B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E2462E9C313DEFBC27312EA20414BB2AB9E1E09
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
Signing time: Tue 05 Aug 2025 19:50:16 +0000
ROA not before: Tue 05 Aug 2025 19:50:16 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:24:62:e9:c3:13:de:fb:c2:73:12:ea:20:41:4b:b2:ab:9e:1e:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:50:16 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=ece6c489bddd06eed480996301d70f31720ce5dc35a9c4debfb5811cad51564c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:76:78:ba:61:8a:c2:ab:b4:bc:95:e2:ad:fd:
49:cc:4f:4a:96:f5:a2:5e:ec:cc:d2:32:b0:90:e0:
b5:72:e5:29:2e:1a:f8:f2:52:82:ba:cc:6f:b7:74:
a6:0a:a2:43:97:94:84:f2:71:0d:fd:0c:50:85:26:
71:0f:37:cb:4a:fe:37:38:9d:ad:ba:89:64:ea:c9:
ea:43:b1:b9:d0:a0:03:0a:36:87:e1:4c:09:17:01:
92:30:1e:a8:11:3b:08:61:83:e5:b3:05:f5:86:22:
a7:88:ac:67:9f:35:56:89:93:12:22:a9:fb:80:9e:
64:44:79:e0:65:8a:79:ef:96:96:f6:96:e9:27:6c:
41:2d:9d:6a:dc:3e:4a:63:12:8c:26:ee:45:3b:f4:
70:0e:b6:c4:0e:59:fc:5a:ad:47:78:c7:50:31:79:
23:91:50:8f:74:c6:c3:a5:39:2d:be:6e:f8:6a:47:
9a:dc:d6:45:ff:b4:6f:05:bd:17:92:bd:2c:3c:81:
4c:ef:03:e1:bf:9d:61:5d:4b:2f:60:bb:b6:e7:6d:
ca:0e:92:07:2d:77:e9:5b:42:a2:df:51:4e:38:5b:
ce:a5:0c:c4:74:3d:f1:35:c9:24:15:d6:43:a0:85:
d9:81:66:d7:cf:aa:cd:d5:56:f4:e9:db:9c:e2:ec:
0f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:CF:E1:D4:5E:FA:B6:02:14:7C:49:36:A0:B3:66:0B:27:54:BE:5B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8553b3da-6a47-43ee-87d3-5259a23c371b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:2000::/40
Signature Algorithm: sha256WithRSAEncryption
ac:f1:f9:52:97:fa:c4:95:da:82:2c:cd:c6:4a:ee:e3:93:85:
2b:72:17:68:2f:54:79:fd:6e:77:7c:db:89:cb:c8:e6:b7:d5:
b5:9e:0e:eb:59:a5:9e:a5:70:84:fc:5d:25:af:40:24:cd:7b:
f6:8a:52:5b:49:e2:4d:78:75:f2:55:d7:5e:5c:75:af:3f:3e:
9c:e0:79:e9:d5:31:b2:c5:6d:64:10:51:3e:f1:3c:5f:8a:e6:
fa:0d:9b:af:ce:6d:3b:c1:16:6a:70:ee:f8:85:bb:56:7a:39:
49:b7:b6:53:0e:00:a6:51:a9:4a:19:62:2d:35:3d:50:d6:d3:
36:00:1f:2a:b5:62:9c:e1:32:97:09:c1:79:45:42:4c:2c:8b:
48:dc:9f:28:c1:bf:35:cd:d3:19:fc:83:ae:d4:cc:6e:53:34:
75:44:da:2d:af:15:bf:88:9d:83:d7:71:d4:75:a5:bb:e8:ca:
2d:be:f9:3c:d3:07:ca:17:25:22:7f:8e:cf:e8:df:f2:26:1a:
dd:e2:e9:9f:46:d6:60:7a:6d:28:1e:b1:91:b9:8e:e4:47:ec:
8c:f0:97:d1:a0:a4:6a:c0:04:c5:2c:f2:b3:3a:a4:f8:f4:42:
98:ee:85:ab:12:26:2e:bd:03:94:a0:de:b5:16:4e:a9:90:dc:
13:e1:10:c7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHiRi6cMT3vvCcxLqIEFLsqueHgkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUwMTZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjZTZjNDg5YmRkZDA2ZWVkNDgwOTk2MzAxZDcwZjMxNzIwY2U1ZGMzNWE5
YzRkZWJmYjU4MTFjYWQ1MTU2NGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZ2eLphisKrtLyV4q39ScxPSpb1ol7szNIysJDgtXLlKS4a+PJSgrrMb7d0
pgqiQ5eUhPJxDf0MUIUmcQ83y0r+NzidrbqJZOrJ6kOxudCgAwo2h+FMCRcBkjAe
qBE7CGGD5bMF9YYip4isZ581VomTEiKp+4CeZER54GWKee+WlvaW6SdsQS2datw+
SmMSjCbuRTv0cA62xA5Z/FqtR3jHUDF5I5FQj3TGw6U5Lb5u+GpHmtzWRf+0bwW9
F5K9LDyBTO8D4b+dYV1LL2C7tudtyg6SBy136VtCot9RTjhbzqUMxHQ98TXJJBXW
Q6CF2YFm18+qzdVW9OnbnOLsD4cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQPz+HU
Xvq2AhR8STags2YLJ1S+WzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODU1M2IzZGEtNmE0Ny00M2VlLTg3ZDMtNTI1OWEyM2MzNzFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HEg
MA0GCSqGSIb3DQEBCwUAA4IBAQCs8flSl/rEldqCLM3GSu7jk4UrchdoL1R5/W53
fNuJy8jmt9W1ng7rWaWepXCE/F0lr0AkzXv2ilJbSeJNeHXyVddeXHWvPz6c4Hnp
1TGyxW1kEFE+8Txfiub6DZuvzm07wRZqcO74hbtWejlJt7ZTDgCmUalKGWItNT1Q
1tM2AB8qtWKc4TKXCcF5RUJMLItI3J8owb81zdMZ/IOu1MxuUzR1RNotrxW/iJ2D
13HUdaW76Motvvk80wfKFyUif47P6N/yJhrd4umfRtZgem0oHrGRuY7kR+yM8JfR
oKRqwATFLPKzOqT49EKY7oWrEiYuvQOUoN61Fk6pkNwT4RDH
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:34 2025 by rpki-client