Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
File: 04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa (raw, json)
Hash identifier: r24apQsgOe+u5LDakZXYnfSkUuhJUbwML2h+xLeKfhs=
Subject key identifier: 70:05:9F:1D:8B:26:C5:79:B5:05:3B:D4:37:22:75:5B:19:C9:19:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D83B170DF5914519DDA8312E5498ED94D1C3527
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
Signing time: Wed 06 Aug 2025 00:50:12 +0000
ROA not before: Wed 06 Aug 2025 00:50:12 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:83:b1:70:df:59:14:51:9d:da:83:12:e5:49:8e:d9:4d:1c:35:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:12 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=69950f85a23ba53babd6f9d1e84ce5c52c1be844a1e7c2fccc04fc02bcd7ca44, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:96:6c:1b:94:fc:52:e7:c9:16:59:23:82:4e:
da:72:25:c0:2f:0a:46:e3:0c:0e:e0:ee:aa:45:d7:
26:2b:21:d8:5e:70:45:94:6a:50:1f:5d:b7:c9:44:
e0:d4:44:68:72:e0:29:37:86:e3:a3:7d:dd:8b:8c:
6f:18:1e:9f:99:94:a4:6f:6d:db:80:8d:c0:ec:f1:
11:ae:67:78:1f:04:ad:a8:7a:89:8c:f7:be:4d:5b:
f9:ea:dd:d5:a9:69:58:c3:6b:f8:d7:35:f4:34:12:
78:31:d9:48:2f:f3:37:bd:0b:f4:eb:99:68:cf:a6:
26:1f:d0:cc:69:08:c9:16:65:65:b5:b7:f8:c8:be:
e9:84:3f:e0:02:48:15:4b:86:23:db:99:fd:2a:13:
5d:b8:d5:1f:57:61:9e:22:87:f0:32:3d:01:5b:50:
a9:5d:63:ac:fe:40:d8:6c:63:3d:3e:56:c6:31:4e:
72:44:cd:db:f1:43:6d:d6:ae:a2:5e:26:79:a9:f6:
e6:fe:c2:88:1d:8e:35:74:b5:51:a7:02:ac:df:e4:
15:f5:47:98:15:84:a3:79:c5:e1:07:c1:65:3e:35:
18:93:d6:ae:38:a2:76:67:6d:57:e0:cf:f6:f6:fc:
4c:04:ef:2b:43:cc:12:6a:e6:2b:4b:d6:b3:25:74:
2a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:05:9F:1D:8B:26:C5:79:B5:05:3B:D4:37:22:75:5B:19:C9:19:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8800::/38
Signature Algorithm: sha256WithRSAEncryption
88:29:fc:10:04:bd:15:3a:21:4b:65:64:77:cd:25:5b:7a:a8:
46:98:38:64:c5:0c:2d:c1:41:f2:5e:f1:0d:a8:9d:84:af:71:
5b:4d:ca:33:f1:9f:fb:25:dd:b8:4c:a8:8d:6e:73:91:a5:33:
c8:0b:d3:d8:15:f1:bd:e3:78:20:fb:90:ed:f1:d4:e9:5e:d7:
1e:ce:d8:df:16:50:08:e1:65:9c:58:b9:08:48:52:c9:7f:00:
91:13:71:31:99:4a:ab:a1:d4:49:03:15:d7:93:31:de:93:f6:
e4:0a:49:2f:83:43:8c:4b:78:b2:f9:5e:6b:04:51:1f:f4:3a:
6e:06:d8:71:51:56:c3:55:61:7e:b6:93:03:c1:e6:54:9c:2f:
12:4f:bb:65:12:bf:85:90:02:15:f3:01:83:09:7b:30:1f:00:
ec:23:d2:35:4e:3b:04:32:7c:80:4e:80:7f:0f:c5:5e:cf:dc:
71:1d:67:53:5a:88:7e:46:7b:50:56:3b:77:7c:f6:5a:c4:ee:
a6:5b:99:4a:b1:52:ec:b4:12:21:6a:1c:95:c4:fa:d6:56:ec:
6c:33:48:c6:e8:00:3b:ab:e3:b2:41:38:fc:6f:0d:4e:58:3b:
84:62:85:58:91:10:37:44:41:40:c2:f2:9b:66:0e:6c:8e:22:
33:62:97:af
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfYOxcN9ZFFGd2oMS5UmO2U0cNScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwMTJaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5OTUwZjg1YTIzYmE1M2JhYmQ2ZjlkMWU4NGNlNWM1MmMxYmU4NDRhMWU3
YzJmY2NjMDRmYzAyYmNkN2NhNDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANeWbBuU/FLnyRZZI4JO2nIlwC8KRuMMDuDuqkXXJish2F5wRZRqUB9dt8lE
4NREaHLgKTeG46N93YuMbxgen5mUpG9t24CNwOzxEa5neB8Erah6iYz3vk1b+erd
1alpWMNr+Nc19DQSeDHZSC/zN70L9OuZaM+mJh/QzGkIyRZlZbW3+Mi+6YQ/4AJI
FUuGI9uZ/SoTXbjVH1dhniKH8DI9AVtQqV1jrP5A2GxjPT5WxjFOckTN2/FDbdau
ol4mean25v7CiB2ONXS1UacCrN/kFfVHmBWEo3nF4QfBZT41GJPWrjiidmdtV+DP
9vb8TATvK0PMEmrmK0vWsyV0KikCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRwBZ8d
iybFebUFO9Q3InVbGckZoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRhNDY0ZmYtN2I5ZC00M2YwLTg2OWQtN2U3YzY2YTdhNWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCI
MA0GCSqGSIb3DQEBCwUAA4IBAQCIKfwQBL0VOiFLZWR3zSVbeqhGmDhkxQwtwUHy
XvENqJ2Er3FbTcoz8Z/7Jd24TKiNbnORpTPIC9PYFfG943gg+5Dt8dTpXtceztjf
FlAI4WWcWLkISFLJfwCRE3ExmUqrodRJAxXXkzHek/bkCkkvg0OMS3iy+V5rBFEf
9DpuBthxUVbDVWF+tpMDweZUnC8ST7tlEr+FkAIV8wGDCXswHwDsI9I1TjsEMnyA
ToB/D8Vez9xxHWdTWoh+RntQVjt3fPZaxO6mW5lKsVLstBIhahyVxPrWVuxsM0jG
6AA7q+OyQTj8bw1OWDuEYoVYkRA3REFAwvKbZg5sjiIzYpev
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:41 2025 by rpki-client