Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12fa0094-3721-4a61-a72f-8cdeff5e5f37.roa
File: 12fa0094-3721-4a61-a72f-8cdeff5e5f37.roa (raw, json)
Hash identifier: NIvEa7LZfGfdGGcD8wxQGrgcq52tCpSxVcwhoawr+Gc=
Subject key identifier: D6:3E:37:B7:D4:AA:82:1C:A2:7A:4F:CF:67:C5:CD:0B:13:46:BE:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0B5CBBB664AA0BDBB8178052A59687442F851E49
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12fa0094-3721-4a61-a72f-8cdeff5e5f37.roa
Signing time: Tue 05 Aug 2025 18:40:43 +0000
ROA not before: Tue 05 Aug 2025 18:40:43 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:5c:bb:b6:64:aa:0b:db:b8:17:80:52:a5:96:87:44:2f:85:1e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:40:43 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=fdcac63017e2d72ac6dd031b0b27873e7419fcaa54832c2b571502381a763112, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:67:06:15:39:99:f5:52:16:3a:6b:51:37:a6:
4d:04:ff:e5:b6:53:34:46:3e:d7:aa:5f:6c:54:af:
c5:85:4a:16:83:68:c3:a4:ab:28:77:e5:94:65:9a:
8a:32:07:cb:84:9d:fc:b1:89:49:19:93:be:7c:34:
c5:c4:e4:d1:20:d0:66:78:f1:8a:a8:d6:bd:76:27:
55:5c:79:c0:9a:0d:1b:70:26:1c:7f:29:22:3a:0b:
0b:29:38:d0:9e:bb:f9:09:91:a1:ed:18:f7:e4:79:
a3:7b:a2:cb:29:63:47:9e:c3:be:cd:89:c4:10:b0:
eb:ed:0a:3b:9c:ab:3f:67:42:ca:1a:0d:be:98:9f:
7f:78:20:0e:1d:03:12:02:b9:cc:ec:a6:d0:77:fd:
14:35:c0:fd:43:0e:51:ab:25:86:e2:c1:b3:ba:3c:
22:fd:6d:d8:86:a0:55:cf:6d:f2:37:50:a4:ff:d6:
3e:9e:40:9f:31:7a:71:32:60:34:3a:4c:8f:14:c8:
12:11:71:91:9f:a7:5f:28:04:18:c9:d2:57:ab:c1:
c4:a6:c6:d2:cb:be:cf:dd:37:2f:07:1c:3c:4a:67:
e5:7e:a6:67:0f:04:44:6e:8b:ea:91:a8:30:9a:04:
83:a9:de:b3:38:13:44:05:ca:a2:9e:6f:21:19:95:
62:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:3E:37:B7:D4:AA:82:1C:A2:7A:4F:CF:67:C5:CD:0B:13:46:BE:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12fa0094-3721-4a61-a72f-8cdeff5e5f37.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80b0::/48
Signature Algorithm: sha256WithRSAEncryption
4f:ba:bb:54:06:c2:0a:09:c8:03:9b:62:f3:8a:ab:4b:33:66:
16:3f:e0:76:2a:01:ba:8f:74:00:2c:1f:94:5f:be:c2:ef:bb:
c7:93:7d:7c:ba:04:5f:28:20:e6:b1:8f:f5:0a:00:8d:26:26:
f4:ee:1a:74:26:41:f3:85:f9:43:dd:b7:b2:f6:09:f1:0a:4f:
78:cd:8b:87:18:97:a3:db:1b:cf:18:74:7e:85:55:ac:c1:33:
c2:7f:7e:4d:9c:00:eb:86:80:03:34:98:04:ab:3a:cf:6b:26:
42:cb:00:ed:09:06:cd:1d:49:a9:10:89:7a:33:2e:6c:70:72:
a8:f4:13:b9:05:d2:27:36:8e:36:8d:5b:b0:07:c2:6e:97:04:
ff:94:68:ac:76:8c:22:50:f8:97:9f:6c:33:ed:33:52:27:23:
fa:f1:b0:a4:98:a3:8c:25:8d:7b:95:85:f7:46:70:6a:4d:83:
03:b5:dd:a1:64:56:81:cb:d0:85:d4:3e:91:e3:6b:45:20:c2:
a2:80:50:e1:bb:50:23:5e:85:3d:2c:9d:78:5d:42:b7:08:0c:
55:57:32:96:7c:b0:83:a6:e2:7d:0e:c9:63:82:d1:43:e3:41:
df:2d:e2:af:16:74:1e:38:ee:2a:42:67:91:c5:a8:25:03:8e:
04:2a:54:ae
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUC1y7tmSqC9u4F4BSpZaHRC+FHkkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQwNDNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkY2FjNjMwMTdlMmQ3MmFjNmRkMDMxYjBiMjc4NzNlNzQxOWZjYWE1NDgz
MmMyYjU3MTUwMjM4MWE3NjMxMTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJtnBhU5mfVSFjprUTemTQT/5bZTNEY+16pfbFSvxYVKFoNow6SrKHfllGWa
ijIHy4Sd/LGJSRmTvnw0xcTk0SDQZnjxiqjWvXYnVVx5wJoNG3AmHH8pIjoLCyk4
0J67+QmRoe0Y9+R5o3uiyyljR57Dvs2JxBCw6+0KO5yrP2dCyhoNvpiff3ggDh0D
EgK5zOym0Hf9FDXA/UMOUaslhuLBs7o8Iv1t2IagVc9t8jdQpP/WPp5AnzF6cTJg
NDpMjxTIEhFxkZ+nXygEGMnSV6vBxKbG0su+z903LwccPEpn5X6mZw8ERG6L6pGo
MJoEg6neszgTRAXKop5vIRmVYsECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTWPje3
1KqCHKJ6T89nxc0LE0a+czAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTJmYTAwOTQtMzcyMS00YTYxLWE3MmYtOGNkZWZmNWU1ZjM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
sDANBgkqhkiG9w0BAQsFAAOCAQEAT7q7VAbCCgnIA5ti84qrSzNmFj/gdioBuo90
ACwflF++wu+7x5N9fLoEXygg5rGP9QoAjSYm9O4adCZB84X5Q923svYJ8QpPeM2L
hxiXo9sbzxh0foVVrMEzwn9+TZwA64aAAzSYBKs6z2smQssA7QkGzR1JqRCJejMu
bHByqPQTuQXSJzaONo1bsAfCbpcE/5RorHaMIlD4l59sM+0zUicj+vGwpJijjCWN
e5WF90Zwak2DA7XdoWRWgcvQhdQ+keNrRSDCooBQ4btQI16FPSydeF1CtwgMVVcy
lnywg6bifQ7JY4LRQ+NB3y3irxZ0HjjuKkJnkcWoJQOOBCpUrg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:55 2025 by rpki-client