Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/950e9d37-a9b5-4c78-b65e-c7b45ca851c6.roa
File: 950e9d37-a9b5-4c78-b65e-c7b45ca851c6.roa (raw, json)
Hash identifier: YtF8SobeD/VAhLZb3KESXcaIFprYtHIX22aCBIn0mg4=
Subject key identifier: 5A:5E:17:38:46:DE:1F:8C:73:3F:FD:32:2F:69:69:D7:B0:55:EE:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78F9502A7D719D3B667BF7FFF17A4A07DF99B6B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/950e9d37-a9b5-4c78-b65e-c7b45ca851c6.roa
Signing time: Fri 15 Aug 2025 15:50:47 +0000
ROA not before: Fri 15 Aug 2025 15:50:47 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:a0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:f9:50:2a:7d:71:9d:3b:66:7b:f7:ff:f1:7a:4a:07:df:99:b6:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:50:47 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=3497d5fd47e30557498211bb6a1a4e4ac54f4a3179314d204c34174a99a65a36, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:a2:f3:ca:68:a3:56:d1:25:60:92:16:a0:b5:
5f:ef:3b:b1:4f:f7:70:46:10:6d:58:be:88:ef:46:
d7:e1:5d:c9:c8:c7:e5:f9:2f:43:82:2d:ec:21:13:
0e:da:8f:69:5d:ee:c3:8c:51:bf:e1:a6:c4:98:3c:
05:a3:c0:34:2f:c0:a4:b4:03:b6:ff:fe:61:7e:56:
72:d7:df:69:4f:4d:5b:10:9d:60:5a:c5:80:c7:e0:
25:56:ff:ee:c7:20:b5:f6:82:60:e3:ef:8d:e4:43:
29:76:f4:c6:c5:de:b6:b2:40:28:24:bf:68:d5:4a:
75:c6:c2:92:0b:47:c5:e9:df:6c:15:42:fd:14:61:
79:83:82:f3:bf:2d:3d:ca:ff:6f:fe:ed:6f:7b:22:
b6:a0:75:ba:b9:d0:c3:f7:24:2c:14:d0:7d:15:e9:
81:9e:6d:d7:ee:33:ce:f0:cd:6f:57:f7:f7:27:a5:
ec:4d:60:da:05:96:54:31:74:be:63:70:5a:cb:52:
55:2a:ae:de:d0:af:50:b3:2d:7d:14:46:f8:26:37:
df:9e:28:10:e7:28:df:85:87:1e:e9:3a:f8:70:33:
a9:a2:76:47:3a:60:a2:a9:7a:a3:4e:cb:2d:db:d3:
99:79:66:df:1a:0a:8c:26:29:4c:43:a0:90:17:07:
51:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:5E:17:38:46:DE:1F:8C:73:3F:FD:32:2F:69:69:D7:B0:55:EE:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/950e9d37-a9b5-4c78-b65e-c7b45ca851c6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:a0c0::/46
Signature Algorithm: sha256WithRSAEncryption
62:3a:cd:68:ec:72:bc:4a:3a:c6:3f:a1:e6:39:b0:ce:c1:e3:
19:27:55:2a:4a:6f:01:e6:23:6c:9f:82:ae:38:4a:67:bf:ae:
58:2f:51:ac:72:ec:9c:d6:1e:98:c5:1d:ef:09:67:3b:6d:92:
28:03:b2:72:83:84:ed:6e:48:8f:e1:c3:c0:4f:8e:aa:95:43:
e9:89:4a:b8:08:21:8b:10:a5:a7:17:af:75:7b:43:4d:97:87:
15:e0:b0:60:31:de:6d:40:a0:d6:aa:ff:32:9c:e2:e7:f2:d0:
37:6a:d5:e9:89:14:e5:3b:25:3f:45:92:f4:07:1c:ef:48:eb:
d6:a2:47:d0:f4:5a:04:76:61:94:cf:48:31:1a:21:f6:bd:5b:
24:17:dd:42:0b:3a:88:d3:96:8d:92:f9:b2:0f:8c:56:b6:0a:
de:e9:c8:2c:50:cd:66:28:ad:4a:90:45:b0:0c:61:63:6c:f2:
0e:90:98:e7:a7:e5:76:ab:22:7e:9c:9f:0e:b3:ce:f9:31:b5:
ea:40:90:1b:d3:38:18:16:86:99:e1:70:5c:da:64:98:60:75:
91:49:c1:11:ce:99:45:ed:f9:7e:d3:c6:b4:8c:5b:64:59:81:
20:48:c5:1f:91:0b:b3:07:0b:33:9a:12:13:97:0f:7a:74:5e:
c8:e1:90:9c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUePlQKn1xnTtme/f/8XpKB9+ZtrgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTUwNDdaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0OTdkNWZkNDdlMzA1NTc0OTgyMTFiYjZhMWE0ZTRhYzU0ZjRhMzE3OTMx
NGQyMDRjMzQxNzRhOTlhNjVhMzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPOi88poo1bRJWCSFqC1X+87sU/3cEYQbVi+iO9G1+FdycjH5fkvQ4It7CET
DtqPaV3uw4xRv+GmxJg8BaPANC/ApLQDtv/+YX5WctffaU9NWxCdYFrFgMfgJVb/
7scgtfaCYOPvjeRDKXb0xsXetrJAKCS/aNVKdcbCkgtHxenfbBVC/RRheYOC878t
Pcr/b/7tb3sitqB1urnQw/ckLBTQfRXpgZ5t1+4zzvDNb1f39yel7E1g2gWWVDF0
vmNwWstSVSqu3tCvULMtfRRG+CY3354oEOco34WHHuk6+HAzqaJ2Rzpgoql6o07L
LdvTmXlm3xoKjCYpTEOgkBcHUS0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRaXhc4
Rt4fjHM//TIvaWnXsFXuHzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTUwZTlkMzctYTliNS00Yzc4LWI2NWUtYzdiNDVjYTg1MWM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOg
wDANBgkqhkiG9w0BAQsFAAOCAQEAYjrNaOxyvEo6xj+h5jmwzsHjGSdVKkpvAeYj
bJ+CrjhKZ7+uWC9RrHLsnNYemMUd7wlnO22SKAOycoOE7W5Ij+HDwE+OqpVD6YlK
uAghixClpxevdXtDTZeHFeCwYDHebUCg1qr/Mpzi5/LQN2rV6YkU5TslP0WS9Acc
70jr1qJH0PRaBHZhlM9IMRoh9r1bJBfdQgs6iNOWjZL5sg+MVrYK3unILFDNZiit
SpBFsAxhY2zyDpCY56fldqsifpyfDrPO+TG16kCQG9M4GBaGmeFwXNpkmGB1kUnB
Ec6ZRe35ftPGtIxbZFmBIEjFH5ELswcLM5oSE5cPenReyOGQnA==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:43 2025 by rpki-client