Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
File: ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa (raw, json)
Hash identifier: L3hNTs9ZBt+KA5f0V9B/aginYkBdhXD/Yo574RVOtyg=
Subject key identifier: A3:4D:B9:23:B2:A5:52:FB:AF:A9:35:70:9C:4A:49:68:0B:BC:E0:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5335A5020322F28CD3CD0C73A5F1D18E7CFC30B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
Signing time: Mon 01 Sep 2025 20:51:35 +0000
ROA not before: Mon 01 Sep 2025 20:51:35 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:35:a5:02:03:22:f2:8c:d3:cd:0c:73:a5:f1:d1:8e:7c:fc:30:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:51:35 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=23689d574c84c294d566ff1a3e3a092be6d11ad1cc83206526bd25db4ac805a9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9a:61:b9:ab:1d:77:41:61:29:95:a3:72:eb:
98:0d:32:03:41:20:ce:91:84:15:1e:60:6b:9c:cc:
3a:25:81:62:37:ec:7c:52:7e:34:75:9e:e2:6c:2b:
62:08:01:11:45:e3:6d:5e:df:ae:9c:48:9d:ce:2c:
d0:6a:ef:9e:fd:75:f0:3b:5a:a6:6a:1c:74:5e:eb:
76:72:29:73:1e:0d:98:95:c3:c4:3d:95:d1:70:a1:
06:ee:d5:15:43:cd:ed:6e:ec:b6:c7:c0:84:a8:a0:
53:3a:81:4e:38:d0:0c:92:01:eb:8c:f4:1b:98:90:
9f:83:8d:fc:58:72:f9:1f:e4:95:5d:53:87:6c:45:
62:df:2c:15:5b:dd:da:73:0c:9f:df:75:96:95:e0:
f5:a7:a9:10:ff:5f:d9:78:47:2b:93:35:ea:c5:d8:
6e:4e:82:7a:d0:ef:e2:6b:2c:56:1b:8a:85:86:dd:
19:0c:2d:5b:64:aa:a5:94:e2:d1:3a:16:73:3a:23:
77:be:98:d4:1f:ac:ce:35:f9:3c:e5:ff:d4:4c:66:
81:eb:c1:3c:42:db:02:7c:bf:48:fb:c0:54:13:b1:
91:9d:a1:78:f8:d5:e0:e3:9a:7c:f2:51:25:b2:cc:
90:67:79:ce:5b:51:0f:ea:36:5a:98:cc:02:e7:1a:
dd:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:4D:B9:23:B2:A5:52:FB:AF:A9:35:70:9C:4A:49:68:0B:BC:E0:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea10dac5-32ce-4aaf-8297-ffd1dbc8521a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:5000::/40
Signature Algorithm: sha256WithRSAEncryption
92:5d:57:e1:d1:96:53:1b:32:d5:82:3e:97:0a:19:ca:50:6c:
d7:a7:66:ac:09:9b:47:7f:3d:83:e3:ec:1a:80:ae:d3:22:8a:
1e:f4:d4:17:4e:a2:7d:2e:17:90:c3:95:7c:8e:4e:59:7b:52:
03:b3:b4:08:b4:fd:d7:89:9a:58:95:e8:56:e5:68:5d:0c:71:
24:16:1c:17:20:6b:ee:df:70:76:97:25:d5:b7:ea:ed:0b:d1:
ce:31:4b:b9:01:d1:0e:8f:25:27:d6:e8:c4:f3:1f:65:ae:64:
5b:b1:41:51:d7:72:bb:ec:69:78:55:2a:bd:9d:90:35:a8:81:
1e:81:f3:bc:b9:2d:f1:fb:21:8b:40:90:70:98:54:e5:8c:3d:
9b:14:97:8e:c0:30:e1:97:fb:86:89:7f:7b:44:44:2f:d0:4c:
ee:13:47:2c:6a:fa:01:93:7e:be:76:55:f1:40:0d:6d:5e:73:
ec:fe:56:f2:d9:fb:fb:57:39:7f:51:09:58:00:e8:ae:43:97:
13:6a:76:8d:e2:8c:91:2a:fc:47:9f:d2:d2:53:c1:a9:16:07:
b4:6a:b7:23:cc:42:3c:0f:53:be:ad:f8:51:5c:12:cd:de:0d:
b0:43:a3:09:ab:62:4e:9b:9d:79:c0:50:31:6a:4c:66:65:4c:
c3:34:79:8f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUzWlAgMi8ozTzQxzpfHRjnz8MLgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUxMzVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzNjg5ZDU3NGM4NGMyOTRkNTY2ZmYxYTNlM2EwOTJiZTZkMTFhZDFjYzgz
MjA2NTI2YmQyNWRiNGFjODA1YTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMiaYbmrHXdBYSmVo3LrmA0yA0EgzpGEFR5ga5zMOiWBYjfsfFJ+NHWe4mwr
YggBEUXjbV7frpxInc4s0Grvnv118DtapmocdF7rdnIpcx4NmJXDxD2V0XChBu7V
FUPN7W7stsfAhKigUzqBTjjQDJIB64z0G5iQn4ON/Fhy+R/klV1Th2xFYt8sFVvd
2nMMn991lpXg9aepEP9f2XhHK5M16sXYbk6CetDv4mssVhuKhYbdGQwtW2SqpZTi
0ToWczojd76Y1B+szjX5POX/1ExmgevBPELbAny/SPvAVBOxkZ2hePjV4OOafPJR
JbLMkGd5zltRD+o2WpjMAuca3d0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSjTbkj
sqVS+6+pNXCcSkloC7zgZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWExMGRhYzUtMzJjZS00YWFmLTgyOTctZmZkMWRiYzg1MjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DpQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCSXVfh0ZZTGzLVgj6XChnKUGzXp2asCZtHfz2D
4+wagK7TIooe9NQXTqJ9LheQw5V8jk5Ze1IDs7QItP3XiZpYlehW5WhdDHEkFhwX
IGvu33B2lyXVt+rtC9HOMUu5AdEOjyUn1ujE8x9lrmRbsUFR13K77Gl4VSq9nZA1
qIEegfO8uS3x+yGLQJBwmFTljD2bFJeOwDDhl/uGiX97REQv0EzuE0csavoBk36+
dlXxQA1tXnPs/lby2fv7Vzl/UQlYAOiuQ5cTanaN4oyRKvxHn9LSU8GpFge0arcj
zEI8D1O+rfhRXBLN3g2wQ6MJq2JOm515wFAxakxmZUzDNHmP
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:09:24 2025 by rpki-client