Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
File: 4304a130-e9d1-47a4-8ecf-5d755740a478.roa (raw, json)
Hash identifier: q3Paxr6ZMrvK6zGBVo7X40CYEeM3WMb9IxwAZ6OWyv0=
Subject key identifier: CE:B1:DA:21:57:03:F7:F2:C4:3E:F8:E7:81:1D:FE:A6:16:67:94:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 48B6061FF6F1A8F7D8201084A90FBADD3363C4D4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
Signing time: Tue 05 Aug 2025 19:10:21 +0000
ROA not before: Tue 05 Aug 2025 19:10:21 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:b6:06:1f:f6:f1:a8:f7:d8:20:10:84:a9:0f:ba:dd:33:63:c4:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:10:21 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=509466cbc3c23c09c393c139ee464866c3e7dbdf0178a2e9745c9d8b80d97b23, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8e:58:32:88:a1:10:bf:0d:0e:b7:59:40:ac:
fa:e8:b1:45:2c:28:b9:81:72:5f:12:59:f6:d7:58:
3a:d1:c8:ea:e3:03:54:5b:83:fa:72:87:11:08:29:
61:d3:cb:bc:c0:be:7c:0c:5e:d8:c8:6d:4f:30:51:
f2:d3:7f:1e:d5:71:0c:d5:a0:35:19:78:17:25:2b:
7b:6d:f3:75:c1:c9:5e:2e:6d:df:c2:98:ee:d9:bf:
4b:f1:4d:92:76:22:26:a2:62:0f:85:65:4b:63:6c:
7f:a0:0e:12:c8:90:54:fa:ef:22:40:d9:be:f2:98:
dc:99:a4:c0:84:f8:25:f8:61:aa:33:ff:6f:bc:59:
55:c6:0c:93:07:2a:01:32:5e:f4:19:10:5e:3e:28:
a0:07:28:0f:d6:cc:90:08:83:fb:d5:11:3a:80:5c:
f6:79:d1:4d:24:b0:98:43:c1:1f:a1:b7:17:ce:9d:
1f:9d:a4:54:23:df:28:a6:df:d6:df:d8:81:16:01:
4e:87:46:7b:14:da:df:b4:0d:ca:34:5e:91:50:43:
60:01:b0:d2:81:c3:0c:39:26:d8:77:0d:38:9b:5b:
c2:a2:58:a8:b6:75:6d:24:a8:c0:c9:52:cb:89:79:
1b:8f:d8:c5:e1:8d:cc:2d:3e:d9:8e:14:17:dc:cc:
a5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B1:DA:21:57:03:F7:F2:C4:3E:F8:E7:81:1D:FE:A6:16:67:94:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80e0::/48
Signature Algorithm: sha256WithRSAEncryption
13:8d:fa:e9:14:a6:50:be:79:3a:f3:b0:cc:83:60:3a:d5:10:
c0:12:92:5e:f2:c4:65:ce:ca:54:67:bb:a0:4b:b7:81:af:55:
71:b9:91:66:a8:2f:a1:20:49:ac:a2:7b:cd:06:43:6c:38:f1:
54:f3:49:e0:6f:71:45:a2:bd:7e:60:35:54:2f:9a:d6:cc:db:
28:ba:d5:5d:8b:7a:bb:3c:f7:79:66:38:9f:35:71:23:a3:4c:
20:98:2b:f7:0c:5e:d7:1a:65:c0:43:58:de:f0:3f:b0:ad:75:
fa:26:c5:30:cc:62:72:b9:5f:c6:26:90:73:14:d2:66:f9:02:
8a:a6:5a:c0:ea:9e:70:28:82:ba:a4:ae:aa:f7:65:70:09:ed:
a7:d2:b3:dc:e7:e3:18:38:fa:cb:ed:3f:df:09:c0:3c:ae:b9:
d5:ff:c2:27:64:ca:11:f9:91:2c:50:db:4f:e9:5a:47:ac:c3:
51:bf:61:42:b6:d2:2f:e9:1c:da:83:87:2a:bd:c7:97:be:b9:
1c:4f:23:fa:03:6b:c0:d0:31:ee:e2:ff:66:83:0a:00:a1:92:
c3:c3:08:94:71:52:ad:3d:0f:86:2f:8c:53:a9:a5:2b:5f:d4:
71:9a:99:a2:79:c1:1c:6b:15:f1:4d:37:d2:9d:0c:1c:00:67:
70:b9:77:2c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSLYGH/bxqPfYIBCEqQ+63TNjxNQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTEwMjFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwOTQ2NmNiYzNjMjNjMDljMzkzYzEzOWVlNDY0ODY2YzNlN2RiZGYwMTc4
YTJlOTc0NWM5ZDhiODBkOTdiMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAISOWDKIoRC/DQ63WUCs+uixRSwouYFyXxJZ9tdYOtHI6uMDVFuD+nKHEQgp
YdPLvMC+fAxe2MhtTzBR8tN/HtVxDNWgNRl4FyUre23zdcHJXi5t38KY7tm/S/FN
knYiJqJiD4VlS2Nsf6AOEsiQVPrvIkDZvvKY3JmkwIT4JfhhqjP/b7xZVcYMkwcq
ATJe9BkQXj4ooAcoD9bMkAiD+9UROoBc9nnRTSSwmEPBH6G3F86dH52kVCPfKKbf
1t/YgRYBTodGexTa37QNyjRekVBDYAGw0oHDDDkm2HcNOJtbwqJYqLZ1bSSowMlS
y4l5G4/YxeGNzC0+2Y4UF9zMpdMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTOsdoh
VwP38sQ++OeBHf6mFmeUuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDMwNGExMzAtZTlkMS00N2E0LThlY2YtNWQ3NTU3NDBhNDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
4DANBgkqhkiG9w0BAQsFAAOCAQEAE4366RSmUL55OvOwzINgOtUQwBKSXvLEZc7K
VGe7oEu3ga9VcbmRZqgvoSBJrKJ7zQZDbDjxVPNJ4G9xRaK9fmA1VC+a1szbKLrV
XYt6uzz3eWY4nzVxI6NMIJgr9wxe1xplwENY3vA/sK11+ibFMMxicrlfxiaQcxTS
ZvkCiqZawOqecCiCuqSuqvdlcAntp9Kz3OfjGDj6y+0/3wnAPK651f/CJ2TKEfmR
LFDbT+laR6zDUb9hQrbSL+kc2oOHKr3Hl765HE8j+gNrwNAx7uL/ZoMKAKGSw8MI
lHFSrT0Phi+MU6mlK1/UcZqZonnBHGsV8U030p0MHABncLl3LA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:03 2025 by rpki-client