Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa
File: caeeaf61-b927-4d38-b398-1efb2c05d49e.roa (raw, json)
Hash identifier: nwOf6kc3YZ+OdvO3jWLU4JjG2+8M+1UhvjsAgTk6qzk=
Subject key identifier: 8A:13:6A:FE:D6:AF:B4:BC:2A:AE:CD:86:C0:D2:B8:F8:4D:59:4C:23
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6FD52E4AE8EA8B80F54EDD54F9C48B50B575AADC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa
Signing time: Tue 26 Aug 2025 17:20:04 +0000
ROA not before: Tue 26 Aug 2025 17:20:04 +0000
ROA not after: Tue 30 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:d5:2e:4a:e8:ea:8b:80:f5:4e:dd:54:f9:c4:8b:50:b5:75:aa:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 26 17:20:04 2025 GMT
Not After : Sep 30 23:59:59 2025 GMT
Subject: serialNumber=3d0349d928fd55267935dda6df8b3490f8997f76b6a949586f841552dfe53c3d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c8:8d:81:32:da:3a:df:1a:5f:81:a1:1f:13:
4f:7d:25:32:42:ef:59:32:bc:6e:5a:93:85:a8:2c:
df:ed:59:ab:52:ff:99:fb:e2:59:dd:cc:87:58:33:
3c:14:b9:a6:d4:77:0c:0b:fe:2f:f3:6d:b5:25:2c:
40:79:f9:0e:fa:c0:14:98:3a:16:69:fd:0a:67:d6:
10:d4:7e:59:60:55:ad:68:cb:61:44:05:47:15:3f:
45:fc:b3:e4:c9:64:f9:b4:ff:53:c3:1a:d0:42:a6:
bf:8c:4c:db:c7:8a:a7:e7:53:41:9a:5f:6e:2b:56:
3f:9e:0a:c9:d8:50:6a:a0:ac:b5:a5:82:72:9a:b9:
6e:a1:d0:45:80:51:fe:85:f5:82:24:a9:2e:06:00:
5a:c9:d3:87:68:c9:5c:5d:03:a2:72:da:0a:b6:ee:
6f:27:96:3b:d0:2c:b1:2a:f3:55:44:d9:01:39:b2:
f6:12:d0:8e:e6:94:dd:12:85:dc:db:bf:de:00:0f:
34:ea:8f:ab:bf:29:6a:0b:66:89:15:a3:53:b0:49:
51:6e:45:81:55:c4:c1:9e:5a:60:3b:36:89:1d:2b:
18:8d:ed:34:09:d0:67:c2:78:cd:7c:5f:b6:bd:25:
02:47:5b:75:42:56:f2:fb:4d:81:e6:5d:3b:c8:01:
ff:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:13:6A:FE:D6:AF:B4:BC:2A:AE:CD:86:C0:D2:B8:F8:4D:59:4C:23
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/caeeaf61-b927-4d38-b398-1efb2c05d49e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:800::/40
Signature Algorithm: sha256WithRSAEncryption
55:cd:f8:17:52:4b:7b:f7:74:34:30:06:31:9c:d6:44:f0:49:
cc:70:37:a6:4a:a0:2d:09:81:13:ff:6c:a7:f5:a9:07:77:e4:
c3:f3:bc:ae:9f:90:43:61:80:c0:f5:f3:30:b7:01:d8:f4:37:
8f:fd:b9:93:ff:e5:21:12:be:9f:94:94:e7:d2:70:6a:e2:aa:
b7:ad:7e:e3:99:82:7a:25:80:71:ea:67:42:5f:a9:40:23:21:
df:55:8f:77:4b:ed:c2:b4:0a:a0:90:ec:08:e7:66:df:d3:0d:
d1:8b:c4:18:14:ea:ee:9d:8e:5b:df:45:4c:95:4f:3f:11:11:
f6:5f:2d:c1:a8:55:b7:01:6c:5c:99:d9:d3:f6:3c:b1:78:40:
b5:ec:78:b3:e6:97:a0:0a:ce:83:0a:92:61:d1:eb:eb:ee:6f:
96:74:3e:6f:7e:71:cf:26:e8:61:98:61:7d:21:4c:75:69:7f:
30:f3:05:20:f3:77:bb:30:3e:c9:39:5c:a7:bb:66:ae:9c:ef:
29:2f:54:a3:80:13:d6:9c:39:be:38:b5:ff:31:59:3b:7a:8e:
a7:8e:17:da:70:30:d4:b2:63:ae:78:22:55:a0:4c:6b:21:26:
f6:04:75:c0:5f:3d:8b:ee:f2:3e:9b:7e:5c:41:da:9b:d3:a1:
aa:5d:48:d3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb9UuSujqi4D1Tt1U+cSLULV1qtwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjYxNzIwMDRaFw0yNTA5MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkMDM0OWQ5MjhmZDU1MjY3OTM1ZGRhNmRmOGIzNDkwZjg5OTdmNzZiNmE5
NDk1ODZmODQxNTUyZGZlNTNjM2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMfIjYEy2jrfGl+BoR8TT30lMkLvWTK8blqThags3+1Zq1L/mfviWd3Mh1gz
PBS5ptR3DAv+L/NttSUsQHn5DvrAFJg6Fmn9CmfWENR+WWBVrWjLYUQFRxU/Rfyz
5Mlk+bT/U8Ma0EKmv4xM28eKp+dTQZpfbitWP54KydhQaqCstaWCcpq5bqHQRYBR
/oX1giSpLgYAWsnTh2jJXF0DonLaCrbubyeWO9AssSrzVUTZATmy9hLQjuaU3RKF
3Nu/3gAPNOqPq78pagtmiRWjU7BJUW5FgVXEwZ5aYDs2iR0rGI3tNAnQZ8J4zXxf
tr0lAkdbdUJW8vtNgeZdO8gB/20CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSKE2r+
1q+0vCquzYbA0rj4TVlMIzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2FlZWFmNjEtYjkyNy00ZDM4LWIzOTgtMWVmYjJjMDVkNDllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FgI
MA0GCSqGSIb3DQEBCwUAA4IBAQBVzfgXUkt793Q0MAYxnNZE8EnMcDemSqAtCYET
/2yn9akHd+TD87yun5BDYYDA9fMwtwHY9DeP/bmT/+UhEr6flJTn0nBq4qq3rX7j
mYJ6JYBx6mdCX6lAIyHfVY93S+3CtAqgkOwI52bf0w3Ri8QYFOrunY5b30VMlU8/
ERH2Xy3BqFW3AWxcmdnT9jyxeEC17Hiz5pegCs6DCpJh0evr7m+WdD5vfnHPJuhh
mGF9IUx1aX8w8wUg83e7MD7JOVynu2aunO8pL1SjgBPWnDm+OLX/MVk7eo6njhfa
cDDUsmOueCJVoExrISb2BHXAXz2L7vI+m35cQdqb06GqXUjT
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:10 2025 by rpki-client