Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
File: f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa (raw, json)
Hash identifier: G202L0plM6nNvV8NdJG//wa7i5EdkfmCebULq6hlFHY=
Subject key identifier: 03:68:87:74:06:45:EC:4A:9C:E2:48:DE:31:95:B2:25:F8:D4:5F:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5ECE5945231C98CBBCAC15FF9D496D5212158AFF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
Signing time: Mon 01 Sep 2025 21:20:09 +0000
ROA not before: Mon 01 Sep 2025 21:20:09 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:ce:59:45:23:1c:98:cb:bc:ac:15:ff:9d:49:6d:52:12:15:8a:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:20:09 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=5288ec9ce5857a486ecb57705f961c1dc7e178ecf1ed7cc43e3e0b06d030ad72, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:21:a1:e6:44:76:52:30:2f:7f:c6:d5:5e:2d:
cc:a5:8c:84:d9:4b:86:45:9d:40:6d:62:2f:eb:a2:
f0:c7:3a:a2:2a:b4:04:72:21:5b:da:b7:99:58:d8:
90:6f:71:43:0f:6b:75:60:cb:71:6d:07:1f:4d:b7:
26:fc:5e:a5:11:28:5e:40:2d:6b:88:77:3a:d0:c5:
89:96:18:e6:e0:a2:bf:d9:a6:23:44:59:99:6e:4e:
0d:a7:7a:b3:96:be:7b:e8:b0:3e:d1:00:1d:f6:07:
b2:2c:4c:ad:68:ba:18:cd:5c:5f:49:a9:63:ba:24:
8e:be:61:49:eb:03:07:6c:86:6b:dc:c2:41:d9:e0:
db:10:91:38:c9:4a:2e:f7:75:19:a4:ad:dc:9e:71:
1b:e7:cb:cc:83:7d:73:5f:20:31:cd:19:09:30:2e:
38:d0:22:2d:00:ae:1d:ff:3f:24:64:9c:d4:09:da:
bc:7a:7f:19:cc:bb:50:54:29:f5:7a:15:56:98:0b:
6c:35:a4:3e:1d:0f:0a:17:97:be:35:28:c5:db:da:
4d:23:66:77:53:e5:31:7d:58:8d:24:74:22:c9:f7:
4b:10:d2:4a:c2:f7:1f:a1:5e:4f:10:f9:14:47:21:
6c:61:8a:35:b7:43:79:52:0f:6a:71:bb:df:1c:d6:
52:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:68:87:74:06:45:EC:4A:9C:E2:48:DE:31:95:B2:25:F8:D4:5F:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5b25b08-ec24-4e18-84c9-05ac035b15a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8000::/38
Signature Algorithm: sha256WithRSAEncryption
59:ae:fa:ca:3f:52:2a:a1:63:50:cc:61:52:1e:bc:4c:de:13:
bb:40:7e:c8:d9:62:10:31:b1:ba:b7:bf:0d:39:a4:e2:4a:ab:
b3:a8:d5:c8:f3:cb:33:e1:39:5b:74:e9:b1:86:9d:39:62:1b:
48:75:35:e2:6f:d8:0a:99:d9:cc:26:b9:e1:65:0c:80:f6:94:
58:4c:45:a4:ac:dc:46:0c:f2:07:ca:ff:a2:c2:f8:a5:4c:b5:
81:3b:79:a5:25:53:60:2f:43:58:d5:88:ef:d7:db:2a:5d:59:
6f:9d:33:f1:10:34:11:9f:70:a8:58:cf:84:0f:e6:fe:ba:03:
4b:d7:fc:c3:5f:fa:44:50:8b:96:bc:37:e5:9b:2b:c8:af:d2:
cd:a2:42:85:84:bd:89:ad:1f:0a:64:84:d1:2a:98:27:10:56:
f3:35:cc:64:31:92:b7:c6:ea:f2:c1:52:3c:90:57:83:09:ca:
64:bc:f2:c2:8c:43:91:5c:a5:8b:58:9c:70:8b:bb:e9:27:e3:
21:6d:b4:0c:10:d1:4f:0b:29:51:bb:23:c8:60:85:68:4d:34:
5b:66:b1:9a:4b:19:a9:9e:00:b7:2a:d0:5f:bd:42:ea:7a:44:
25:f4:54:e4:32:68:2c:3a:9d:dc:97:80:9f:5b:2e:22:5a:72:
a3:72:87:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXs5ZRSMcmMu8rBX/nUltUhIViv8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIwMDlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyODhlYzljZTU4NTdhNDg2ZWNiNTc3MDVmOTYxYzFkYzdlMTc4ZWNmMWVk
N2NjNDNlM2UwYjA2ZDAzMGFkNzIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJohoeZEdlIwL3/G1V4tzKWMhNlLhkWdQG1iL+ui8Mc6oiq0BHIhW9q3mVjY
kG9xQw9rdWDLcW0HH023JvxepREoXkAta4h3OtDFiZYY5uCiv9mmI0RZmW5ODad6
s5a+e+iwPtEAHfYHsixMrWi6GM1cX0mpY7okjr5hSesDB2yGa9zCQdng2xCROMlK
Lvd1GaSt3J5xG+fLzIN9c18gMc0ZCTAuONAiLQCuHf8/JGSc1AnavHp/Gcy7UFQp
9XoVVpgLbDWkPh0PCheXvjUoxdvaTSNmd1PlMX1YjSR0Isn3SxDSSsL3H6FeTxD5
FEchbGGKNbdDeVIPanG73xzWUnUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQDaId0
BkXsSpziSN4xlbIl+NRfSDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjViMjViMDgtZWMyNC00ZTE4LTg0YzktMDVhYzAzNWIxNWE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCA
MA0GCSqGSIb3DQEBCwUAA4IBAQBZrvrKP1IqoWNQzGFSHrxM3hO7QH7I2WIQMbG6
t78NOaTiSquzqNXI88sz4TlbdOmxhp05YhtIdTXib9gKmdnMJrnhZQyA9pRYTEWk
rNxGDPIHyv+iwvilTLWBO3mlJVNgL0NY1Yjv19sqXVlvnTPxEDQRn3CoWM+ED+b+
ugNL1/zDX/pEUIuWvDflmyvIr9LNokKFhL2JrR8KZITRKpgnEFbzNcxkMZK3xury
wVI8kFeDCcpkvPLCjEORXKWLWJxwi7vpJ+MhbbQMENFPCylRuyPIYIVoTTRbZrGa
SxmpngC3KtBfvULqekQl9FTkMmgsOp3cl4CfWy4iWnKjcod0
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:05 2025 by rpki-client