Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
File: 0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa (raw, json)
Hash identifier: 8p8J8pcW14fhMCD7ZP2qeGLI44ZuivHJY8dBbniYFvs=
Subject key identifier: D4:8E:D4:F8:AF:6D:5A:EC:84:1D:A6:3F:C6:31:C6:F4:4D:AD:9B:33
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4FD66A54871287469CD2DA18FE5ADC3D056A2468
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
Signing time: Fri 08 Aug 2025 00:31:04 +0000
ROA not before: Fri 08 Aug 2025 00:31:04 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:d6:6a:54:87:12:87:46:9c:d2:da:18:fe:5a:dc:3d:05:6a:24:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 8 00:31:04 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=56209195d92ce0e6f043afc7cb469c6aeaeb380d1ebe65ad94dd98cf264ec23c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:95:76:ee:e4:de:fc:1d:08:2b:4c:5b:bb:ad:
5c:1f:63:a0:25:2d:6b:08:66:36:20:ab:c6:99:3c:
6f:26:0a:7f:8d:df:6e:1f:82:7f:c3:ee:ca:47:c6:
a9:e3:99:cd:7a:4e:6d:9b:cb:2d:f2:c1:92:a8:5c:
2a:61:95:8f:90:78:52:87:55:00:b8:6c:01:9b:dc:
8a:72:da:3d:14:15:d0:88:74:5a:d2:3f:fa:95:bc:
b2:b1:c6:aa:d9:2c:2b:1d:3f:e6:e0:05:60:56:a2:
f5:44:a3:ab:cc:e0:ab:6b:1e:62:5d:39:a9:c3:23:
4f:9f:db:3b:3b:e1:33:09:39:ae:18:ca:35:e1:fe:
0f:32:80:fa:27:52:86:3a:d5:a2:e0:b5:f1:55:b2:
af:94:d0:48:f8:86:f3:86:9b:4e:bd:a6:b9:e7:3f:
7a:da:0f:e6:08:2f:15:a9:e3:95:c8:a9:50:93:59:
58:9e:7a:cd:1f:9a:8c:c5:39:f0:e9:68:3f:94:39:
95:0d:87:e1:96:a8:9a:ae:d2:89:75:41:71:3e:50:
47:de:90:b8:16:c6:1a:fd:44:cc:44:a7:79:5a:cb:
75:3c:49:08:f8:f2:6f:da:47:44:bb:05:eb:49:c6:
91:81:91:31:3b:a5:d9:2b:96:3d:96:9a:a7:56:66:
d1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:8E:D4:F8:AF:6D:5A:EC:84:1D:A6:3F:C6:31:C6:F4:4D:AD:9B:33
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1400::/38
Signature Algorithm: sha256WithRSAEncryption
0f:18:44:08:c0:0d:00:39:2e:2a:1c:b5:f9:2d:cc:77:b8:36:
fc:b6:db:7c:c0:9d:f2:e3:cf:be:b5:29:83:f6:13:08:31:16:
2a:41:3f:ab:7c:32:c0:b3:dd:71:13:b9:29:96:c2:48:af:6f:
07:9c:56:3b:dd:86:47:67:e1:2a:25:14:66:ec:a4:97:ba:3a:
92:02:f2:62:fc:68:77:cb:a0:2a:db:01:22:ac:6d:4e:f9:15:
d3:8e:d1:3b:fe:3d:12:49:a9:01:d3:6c:c5:da:d8:89:e5:73:
78:fa:65:2c:3f:c1:85:00:cf:0a:69:28:59:c3:84:a9:9c:2f:
59:2c:91:2b:e1:d3:9f:e6:79:29:c8:b8:16:82:53:1f:2a:1b:
78:39:53:61:4b:04:cf:7d:30:bc:34:63:3f:0c:8f:68:84:3c:
b6:83:a5:c3:9d:e0:56:51:46:e5:63:8f:9a:73:a7:1e:d9:23:
b3:d9:08:a6:51:06:d4:6f:99:1b:dc:6f:36:ac:95:f0:9f:34:
f5:84:eb:37:70:fb:d1:93:80:ca:96:b9:4d:99:d3:74:e4:13:
d6:f1:cd:2c:ec:7c:e5:e8:07:44:cf:bf:5b:7d:19:66:07:32:
a7:85:d4:8d:f6:9c:77:64:32:90:be:3b:aa:0c:7c:f2:1b:8d:
4a:39:05:1b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT9ZqVIcSh0ac0toY/lrcPQVqJGgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDgwMDMxMDRaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2MjA5MTk1ZDkyY2UwZTZmMDQzYWZjN2NiNDY5YzZhZWFlYjM4MGQxZWJl
NjVhZDk0ZGQ5OGNmMjY0ZWMyM2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+Vdu7k3vwdCCtMW7utXB9joCUtawhmNiCrxpk8byYKf43fbh+Cf8PuykfG
qeOZzXpObZvLLfLBkqhcKmGVj5B4UodVALhsAZvcinLaPRQV0Ih0WtI/+pW8srHG
qtksKx0/5uAFYFai9USjq8zgq2seYl05qcMjT5/bOzvhMwk5rhjKNeH+DzKA+idS
hjrVouC18VWyr5TQSPiG84abTr2muec/etoP5ggvFanjlcipUJNZWJ56zR+ajMU5
8OloP5Q5lQ2H4Zaomq7SiXVBcT5QR96QuBbGGv1EzESneVrLdTxJCPjyb9pHRLsF
60nGkYGRMTul2SuWPZaap1Zm0XECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTUjtT4
r21a7IQdpj/GMcb0Ta2bMzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGZlMjc5Y2YtYjU1Zi00ZDk2LTk5NTgtZWMzZWNkNjRiMGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQU
MA0GCSqGSIb3DQEBCwUAA4IBAQAPGEQIwA0AOS4qHLX5Lcx3uDb8ttt8wJ3y48++
tSmD9hMIMRYqQT+rfDLAs91xE7kplsJIr28HnFY73YZHZ+EqJRRm7KSXujqSAvJi
/Gh3y6Aq2wEirG1O+RXTjtE7/j0SSakB02zF2tiJ5XN4+mUsP8GFAM8KaShZw4Sp
nC9ZLJEr4dOf5nkpyLgWglMfKht4OVNhSwTPfTC8NGM/DI9ohDy2g6XDneBWUUbl
Y4+ac6ce2SOz2QimUQbUb5kb3G82rJXwnzT1hOs3cPvRk4DKlrlNmdN05BPW8c0s
7Hzl6AdEz79bfRlmBzKnhdSN9px3ZDKQvjuqDHzyG41KOQUb
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:35:17 2025 by rpki-client