Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
File: e69b1519-f345-43aa-8c6b-cd786ee13404.roa (raw, json)
Hash identifier: AODXbtoDceG05HOmGC+PZBmAPzMWnUn94aP7qdTd6jI=
Subject key identifier: 83:F1:F0:D7:BB:DC:17:8C:6F:B8:FE:42:A8:FD:65:69:CD:5B:16:27
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53505A14A9B10489434952C6FBA72D2F494B82CA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
Signing time: Tue 05 Aug 2025 19:50:59 +0000
ROA not before: Tue 05 Aug 2025 19:50:59 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:50:5a:14:a9:b1:04:89:43:49:52:c6:fb:a7:2d:2f:49:4b:82:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:50:59 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=444c39e830eaaa973c85ad3def6c6586cd857f6e88790f135459019bede72afe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d7:7a:bb:76:09:b2:94:32:be:8a:24:bb:e4:
8e:6b:4f:5a:9a:57:da:f3:9e:d5:4d:29:70:bd:b0:
fc:be:b3:10:ff:8b:10:23:88:e1:35:43:ef:c5:77:
04:b1:89:d7:aa:48:76:d1:fd:3d:9d:a2:2a:c6:77:
3b:b2:6b:df:c0:ac:61:e0:fe:63:da:4e:b7:6b:15:
d9:48:8e:5e:b2:0d:b7:6d:c4:42:79:c6:86:c0:dd:
24:c6:e8:df:64:be:89:66:cf:87:b9:04:3a:fb:52:
e7:78:8d:d4:77:33:78:ad:c2:f0:ad:75:67:8b:51:
03:f1:b4:b2:ef:c3:84:97:b4:31:8a:67:8e:fb:b9:
6e:f1:ce:80:4c:92:76:68:66:7f:11:41:ef:cb:48:
b8:8e:b8:7a:59:94:49:9c:c7:49:49:8e:ea:0f:93:
5e:c4:3a:11:b4:ba:a2:fc:75:18:40:b2:b6:d1:75:
90:5c:30:df:83:6a:0f:94:18:27:2b:4e:17:85:50:
88:6c:04:c6:ab:9d:33:5e:6d:b4:2e:9c:34:66:94:
3d:6a:1a:cc:2e:77:37:78:7b:82:72:c5:0a:b3:ff:
17:df:10:fd:d8:07:45:dd:da:35:82:41:9a:cd:6d:
da:cc:fb:9b:58:2c:7b:9d:63:3f:a4:19:cb:d8:04:
8c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:F1:F0:D7:BB:DC:17:8C:6F:B8:FE:42:A8:FD:65:69:CD:5B:16:27
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:5000::/40
Signature Algorithm: sha256WithRSAEncryption
34:63:d8:63:99:20:30:fb:b3:6d:38:81:b7:6a:51:63:5a:62:
14:14:69:18:f6:13:d1:cc:80:3b:f5:40:98:0f:75:99:0e:48:
56:8e:46:d8:b2:7e:4d:3b:6c:98:37:d5:cd:91:c0:8c:06:78:
46:67:88:f2:34:65:72:23:d5:de:f9:0f:4a:0d:da:ef:14:95:
2a:2d:82:d8:da:3d:99:26:2f:5c:b4:94:44:8e:06:24:82:44:
e0:ef:49:9f:24:f7:a9:6a:0e:ee:d1:e4:ad:5d:fb:2c:a9:7d:
b2:5f:84:0b:5b:16:a2:74:82:60:39:de:2e:ae:78:d7:a3:c9:
1c:41:86:56:5e:1e:05:a0:19:94:55:19:7d:4b:83:c2:af:6a:
1d:f7:18:4f:87:b5:a7:8e:d7:cf:8a:e8:0f:4b:7c:e3:22:60:
20:a3:cc:aa:dd:6d:fc:cd:5c:27:fb:95:8f:ef:bc:45:f8:3b:
c2:38:67:72:03:4f:6a:cb:24:7b:c5:da:48:e8:68:4d:a7:67:
25:8a:53:2d:59:80:f3:cc:9a:9f:38:0e:a5:e7:85:5e:62:b7:
4a:c5:dc:0c:04:b6:ed:66:16:85:9c:22:27:cc:9b:0b:df:85:
5c:8f:da:e7:89:a7:d2:9f:ed:a1:08:cc:10:c1:0c:ab:41:73:
89:a0:d6:c4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUU1BaFKmxBIlDSVLG+6ctL0lLgsowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUwNTlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0NGMzOWU4MzBlYWFhOTczYzg1YWQzZGVmNmM2NTg2Y2Q4NTdmNmU4ODc5
MGYxMzU0NTkwMTliZWRlNzJhZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJrXert2CbKUMr6KJLvkjmtPWppX2vOe1U0pcL2w/L6zEP+LECOI4TVD78V3
BLGJ16pIdtH9PZ2iKsZ3O7Jr38CsYeD+Y9pOt2sV2UiOXrINt23EQnnGhsDdJMbo
32S+iWbPh7kEOvtS53iN1HczeK3C8K11Z4tRA/G0su/DhJe0MYpnjvu5bvHOgEyS
dmhmfxFB78tIuI64elmUSZzHSUmO6g+TXsQ6EbS6ovx1GECyttF1kFww34NqD5QY
JytOF4VQiGwExqudM15ttC6cNGaUPWoazC53N3h7gnLFCrP/F98Q/dgHRd3aNYJB
ms1t2sz7m1gse51jP6QZy9gEjDcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSD8fDX
u9wXjG+4/kKo/WVpzVsWJzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTY5YjE1MTktZjM0NS00M2FhLThjNmItY2Q3ODZlZTEzNDA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5Q
MA0GCSqGSIb3DQEBCwUAA4IBAQA0Y9hjmSAw+7NtOIG3alFjWmIUFGkY9hPRzIA7
9UCYD3WZDkhWjkbYsn5NO2yYN9XNkcCMBnhGZ4jyNGVyI9Xe+Q9KDdrvFJUqLYLY
2j2ZJi9ctJREjgYkgkTg70mfJPepag7u0eStXfssqX2yX4QLWxaidIJgOd4urnjX
o8kcQYZWXh4FoBmUVRl9S4PCr2od9xhPh7WnjtfPiugPS3zjImAgo8yq3W38zVwn
+5WP77xF+DvCOGdyA09qyyR7xdpI6GhNp2clilMtWYDzzJqfOA6l54VeYrdKxdwM
BLbtZhaFnCInzJsL34Vcj9rniafSn+2hCMwQwQyrQXOJoNbE
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:38 2025 by rpki-client