Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
File: be1170a3-5a68-4c9c-8b51-b7efde64b945.roa (raw, json)
Hash identifier: mVyLNFSY1X+ejztmwaMIR65iaKHlt3WtD95ckP+t5Xg=
Subject key identifier: D5:29:11:65:4E:A0:73:31:85:18:4B:60:29:0B:E8:B0:52:8C:CB:51
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 66D8536C98B957DC137F46F306B6D0A107032128
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
Signing time: Tue 05 Aug 2025 19:31:47 +0000
ROA not before: Tue 05 Aug 2025 19:31:47 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:d8:53:6c:98:b9:57:dc:13:7f:46:f3:06:b6:d0:a1:07:03:21:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:31:47 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=f7c4094cbc25592cf37332827e25d7674f60fd7b31942882632809fce4e93720, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a0:74:e2:45:67:03:e1:8b:0f:0f:87:f5:91:
de:65:db:d8:b1:7f:e2:2c:b4:52:8c:c6:1c:d5:33:
25:ca:94:fc:7e:f6:86:79:db:31:45:54:32:d7:17:
fa:94:56:cd:73:ee:a9:21:28:2f:20:a5:9e:75:49:
cc:db:85:dd:4a:b6:62:c6:f1:27:35:d1:c9:b4:6d:
6d:1b:cc:57:6e:3e:5d:1c:f5:72:52:be:ed:19:51:
73:59:3b:bd:45:f1:82:66:a5:c1:3f:d4:5d:db:6b:
25:85:dc:f2:a8:ea:4c:d4:50:2e:70:2b:4b:0d:d9:
04:98:08:59:c3:59:1e:70:c5:77:be:1e:f4:a3:5e:
bf:5b:d2:e8:f8:6f:0b:e2:95:d4:24:71:9a:6a:ae:
86:4d:05:4b:10:42:a9:39:d6:04:e6:59:d9:aa:34:
0e:41:f4:9d:df:07:77:54:c1:73:ad:af:2c:1e:94:
65:e0:d8:12:85:30:b0:06:5f:11:d2:ff:b0:41:08:
17:94:30:ea:fa:9d:24:6b:e2:c0:60:c3:b9:e7:af:
fe:94:72:4f:27:1e:c1:01:04:90:dd:58:91:31:77:
7a:20:99:c3:3d:f2:9e:cf:99:88:b2:36:26:7a:66:
39:f0:3a:f8:0f:02:3a:6d:cc:08:8a:84:30:bd:45:
52:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:29:11:65:4E:A0:73:31:85:18:4B:60:29:0B:E8:B0:52:8C:CB:51
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:6000::/40
Signature Algorithm: sha256WithRSAEncryption
48:b2:ad:1d:3a:2c:96:7d:5f:71:ff:8b:75:22:5c:3b:a0:21:
68:93:de:ee:b8:da:7b:49:eb:57:fe:ea:85:6a:99:c8:47:2f:
6e:a0:11:49:af:2f:1c:b9:92:a0:c4:87:ec:6a:e3:06:de:2e:
cb:99:44:94:c0:5c:f3:11:75:bd:84:ea:77:de:5f:07:16:c1:
d5:ba:fb:0a:fe:a3:5c:b0:88:76:c7:7e:59:08:1e:47:c2:bb:
a5:b9:74:aa:f1:84:f6:fb:ab:23:49:96:79:9e:ce:56:61:f8:
c0:cb:07:9a:b4:59:0b:7c:bd:85:4c:f1:15:e7:aa:19:ca:70:
51:ea:a3:de:33:c8:07:c9:9b:89:7e:67:b4:20:a0:df:49:6e:
81:b9:96:a1:93:ca:48:30:cf:63:00:bd:29:bb:e9:26:e3:8f:
c9:0f:56:a5:f0:a5:aa:e0:2f:1c:5b:ed:66:36:46:61:10:13:
c7:00:1e:04:7a:91:57:76:0e:ef:ac:af:96:ff:c9:2e:a8:9a:
f0:8a:bf:ac:f3:59:94:d2:a3:7d:5d:5c:3b:54:01:b2:38:22:
40:3c:89:bb:83:ca:3e:5e:49:72:4e:27:5e:c3:b4:55:25:7a:
d8:dd:bc:35:a3:7a:f4:fe:a0:85:45:8c:fb:e2:73:40:e9:7d:
56:f7:d8:3e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZthTbJi5V9wTf0bzBrbQoQcDISgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMxNDdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3YzQwOTRjYmMyNTU5MmNmMzczMzI4MjdlMjVkNzY3NGY2MGZkN2IzMTk0
Mjg4MjYzMjgwOWZjZTRlOTM3MjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOgdOJFZwPhiw8Ph/WR3mXb2LF/4iy0UozGHNUzJcqU/H72hnnbMUVUMtcX
+pRWzXPuqSEoLyClnnVJzNuF3Uq2YsbxJzXRybRtbRvMV24+XRz1clK+7RlRc1k7
vUXxgmalwT/UXdtrJYXc8qjqTNRQLnArSw3ZBJgIWcNZHnDFd74e9KNev1vS6Phv
C+KV1CRxmmquhk0FSxBCqTnWBOZZ2ao0DkH0nd8Hd1TBc62vLB6UZeDYEoUwsAZf
EdL/sEEIF5Qw6vqdJGviwGDDueev/pRyTycewQEEkN1YkTF3eiCZwz3yns+ZiLI2
JnpmOfA6+A8COm3MCIqEML1FUn8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVKRFl
TqBzMYUYS2ApC+iwUozLUTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmUxMTcwYTMtNWE2OC00YzljLThiNTEtYjdlZmRlNjRiOTQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFg
MA0GCSqGSIb3DQEBCwUAA4IBAQBIsq0dOiyWfV9x/4t1Ilw7oCFok97uuNp7SetX
/uqFapnIRy9uoBFJry8cuZKgxIfsauMG3i7LmUSUwFzzEXW9hOp33l8HFsHVuvsK
/qNcsIh2x35ZCB5HwruluXSq8YT2+6sjSZZ5ns5WYfjAyweatFkLfL2FTPEV56oZ
ynBR6qPeM8gHyZuJfme0IKDfSW6BuZahk8pIMM9jAL0pu+km44/JD1al8KWq4C8c
W+1mNkZhEBPHAB4EepFXdg7vrK+W/8kuqJrwir+s81mU0qN9XVw7VAGyOCJAPIm7
g8o+XklyTidew7RVJXrY3bw1o3r0/qCFRYz74nNA6X1W99g+
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:43 2025 by rpki-client