Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
File: 1aa38486-cd53-4f48-891d-a0191edf04a1.roa (raw, json)
Hash identifier: AlqHEPkgJLtXl51JMwwstOoCDI3m5Lsf7ERgqtXmUf8=
Subject key identifier: 4F:FA:D7:D3:CA:18:7F:85:8F:E4:13:C5:86:FE:4E:F2:1E:D6:5D:BC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 41CCDD061880FC67DBA0579465F24B83C5AFFC55
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
Signing time: Tue 05 Aug 2025 19:00:47 +0000
ROA not before: Tue 05 Aug 2025 19:00:47 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:cc:dd:06:18:80:fc:67:db:a0:57:94:65:f2:4b:83:c5:af:fc:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:00:47 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=7c0c671b7fc9f3f64ec6fecada8fd4125a3033369c93e4d6f994a8e722657283, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:62:59:10:b5:3e:3b:f7:69:b8:04:9f:81:c4:
aa:38:96:43:5f:ca:7b:14:f4:fb:2a:1d:ed:df:e2:
bd:6b:03:94:8f:c8:2d:8d:3d:a1:6a:7f:13:a8:2e:
1f:98:8c:7e:c7:36:80:54:28:ca:71:29:5a:13:df:
01:c3:ff:9f:f8:f0:21:48:f5:a1:61:44:6c:38:92:
fe:4b:f0:eb:f9:c5:a5:8c:69:05:1c:4e:1c:c5:46:
9b:45:9f:1d:29:89:44:ef:b0:0c:42:67:f9:bd:23:
15:15:15:4e:23:ad:d5:9b:06:b2:39:f1:46:73:d2:
03:65:9d:4c:10:ea:63:74:12:b6:60:b4:21:29:45:
e2:4f:fd:80:02:8c:39:07:bc:2a:dc:6d:5f:94:06:
17:01:34:53:e2:65:8b:b9:5e:93:9e:9c:f7:4b:2b:
41:d4:50:7c:7b:41:bf:ad:ac:08:a7:6e:2c:a6:85:
be:ea:d9:d7:e4:46:b3:1b:b7:a1:b4:10:f4:d5:99:
a6:e7:15:23:f2:df:19:5e:13:7d:bb:d1:33:81:c5:
6c:e1:0d:91:6b:c3:81:17:c5:69:26:4a:11:f4:a9:
42:0a:93:6f:41:fd:f3:b3:be:a6:2b:64:87:da:df:
55:6a:4b:49:46:af:55:09:aa:12:37:18:cd:d3:3e:
04:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:FA:D7:D3:CA:18:7F:85:8F:E4:13:C5:86:FE:4E:F2:1E:D6:5D:BC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
af:d3:af:1a:f4:63:dd:a2:b7:c7:c9:51:f8:a1:b2:a9:fe:4a:
e6:e2:4a:ee:c6:ca:16:04:b8:20:03:15:c8:cc:29:d8:56:d4:
47:f2:29:71:4a:f3:d7:6c:39:16:6d:59:c6:a2:b7:8b:c1:d8:
45:9f:9b:56:c1:0a:53:63:05:c0:a2:e9:a9:8f:53:a5:14:84:
41:cc:bc:d6:62:19:b9:79:af:93:9a:0c:40:c1:25:0a:df:26:
2c:e4:55:e1:7a:ff:97:a4:5c:2e:a7:5e:0e:54:f5:14:a1:ee:
b3:e1:97:26:03:a8:df:3a:7b:a0:ae:a2:51:07:f6:35:1f:49:
b3:1f:e3:cd:ce:79:af:03:1c:3f:18:0c:51:96:0b:08:4a:ac:
cf:81:b7:bb:31:53:38:57:07:e3:68:d8:4e:f9:c7:6f:2e:02:
7c:2f:e8:7e:80:e8:68:fa:ee:96:67:42:6b:18:5d:dc:5b:64:
5d:04:1f:de:d2:35:8e:8e:96:85:e5:34:e0:34:7a:b5:37:40:
5b:f3:0b:e1:eb:31:62:30:3d:f1:8c:ad:f3:62:44:67:ae:cb:
c2:48:3b:f8:9c:76:54:ee:54:c6:63:e4:73:3b:d0:ec:8d:a9:
3f:55:4b:79:85:47:18:45:52:d6:86:36:38:d5:76:79:33:3d:
64:28:6d:a5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQczdBhiA/GfboFeUZfJLg8Wv/FUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAwNDdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjMGM2NzFiN2ZjOWYzZjY0ZWM2ZmVjYWRhOGZkNDEyNWEzMDMzMzY5Yzkz
ZTRkNmY5OTRhOGU3MjI2NTcyODMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMtiWRC1Pjv3abgEn4HEqjiWQ1/KexT0+yod7d/ivWsDlI/ILY09oWp/E6gu
H5iMfsc2gFQoynEpWhPfAcP/n/jwIUj1oWFEbDiS/kvw6/nFpYxpBRxOHMVGm0Wf
HSmJRO+wDEJn+b0jFRUVTiOt1ZsGsjnxRnPSA2WdTBDqY3QStmC0ISlF4k/9gAKM
OQe8KtxtX5QGFwE0U+Jli7lek56c90srQdRQfHtBv62sCKduLKaFvurZ1+RGsxu3
obQQ9NWZpucVI/LfGV4TfbvRM4HFbOENkWvDgRfFaSZKEfSpQgqTb0H987O+pitk
h9rfVWpLSUavVQmqEjcYzdM+BHUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRP+tfT
yhh/hY/kE8WG/k7yHtZdvDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWFhMzg0ODYtY2Q1My00ZjQ4LTg5MWQtYTAxOTFlZGYwNGExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAr9OvGvRj3aK3x8lR+KGyqf5K5uJK7sbKFgS4
IAMVyMwp2FbUR/IpcUrz12w5Fm1ZxqK3i8HYRZ+bVsEKU2MFwKLpqY9TpRSEQcy8
1mIZuXmvk5oMQMElCt8mLORV4Xr/l6RcLqdeDlT1FKHus+GXJgOo3zp7oK6iUQf2
NR9Jsx/jzc55rwMcPxgMUZYLCEqsz4G3uzFTOFcH42jYTvnHby4CfC/ofoDoaPru
lmdCaxhd3FtkXQQf3tI1jo6WheU04DR6tTdAW/ML4esxYjA98Yyt82JEZ67Lwkg7
+Jx2VO5UxmPkczvQ7I2pP1VLeYVHGEVS1oY2ONV2eTM9ZChtpQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:20 2025 by rpki-client