Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
File: 4408cd10-0fa6-407f-adbc-3a7a668523d6.roa (raw, json)
Hash identifier: xr2IkkGgSffHLO98Etm9Qndif+mxCiktQbIPMo8GsVo=
Subject key identifier: 50:EE:15:EC:8F:A1:2A:5C:08:A4:70:A1:65:E8:1E:B0:B2:23:28:D6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34485A72F22212672681254CE02B3DE246E570D6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
Signing time: Tue 05 Aug 2025 18:41:06 +0000
ROA not before: Tue 05 Aug 2025 18:41:06 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:48:5a:72:f2:22:12:67:26:81:25:4c:e0:2b:3d:e2:46:e5:70:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:41:06 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=0788304c567dda4166a51dcb7db7796b007775b11d63e969722b45eb215927cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:23:64:16:0b:ae:cd:ef:e8:c9:1c:41:71:92:
a7:46:96:24:9b:86:a9:17:87:1f:6a:4a:93:2e:33:
e6:ba:93:8b:bc:e7:7d:e0:36:d9:cb:96:32:bf:0a:
a4:fd:68:08:7b:74:0d:3a:c3:95:40:35:a5:e4:30:
b8:cd:5e:64:d0:91:d4:9b:81:14:cc:88:94:9a:8d:
1b:cd:9f:84:0f:f7:22:ba:c8:5a:34:64:4e:25:ba:
0f:f1:3f:83:b3:24:6a:9a:e6:df:fd:31:42:d5:f3:
6e:5f:c7:a2:3e:d3:4f:23:e4:e9:97:4f:13:14:bb:
1d:16:1e:30:5d:90:ff:f1:55:a8:41:bc:b9:3c:21:
5d:a3:74:38:f0:69:18:76:34:f2:2b:46:2f:85:ef:
88:f8:3d:0d:ba:b7:3c:d4:55:39:e5:e6:2c:24:bb:
e7:3d:95:74:97:05:ea:94:12:7e:f1:77:6f:fc:e0:
00:84:54:c9:66:58:ae:22:78:0e:ee:06:7d:7e:9f:
26:73:4d:8c:f7:e2:1a:da:c5:9b:5a:5d:2b:20:62:
5a:d3:03:cb:5c:ea:6c:54:57:f4:ca:d7:f5:31:0c:
6c:60:03:99:5e:b1:f9:4b:7c:bf:06:27:8a:f7:45:
8d:34:7d:5e:b8:63:2d:25:cf:3d:a6:96:31:86:0e:
c2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:EE:15:EC:8F:A1:2A:5C:08:A4:70:A1:65:E8:1E:B0:B2:23:28:D6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1040::/48
Signature Algorithm: sha256WithRSAEncryption
b3:6b:07:7a:4a:d5:ad:77:13:a5:ee:45:55:58:c9:5f:d2:05:
f4:7b:8b:c4:fc:a6:da:05:37:d5:fc:47:75:8d:bc:db:9b:05:
85:12:70:a1:9b:61:2e:25:b6:3b:3d:54:46:6f:99:25:3e:29:
f8:16:fb:2a:b1:d8:c9:ba:46:88:10:5d:40:54:9a:aa:23:27:
14:c3:6f:94:3f:68:ee:47:6f:e4:a6:0d:1f:fc:2b:b2:48:72:
68:b3:35:b8:9f:05:57:e9:1f:2e:e0:55:77:50:b5:cd:26:20:
f2:64:14:6a:e8:3f:cd:65:80:76:76:16:a2:9f:b1:37:ae:9b:
b2:2e:dd:eb:06:01:a3:da:5e:4a:81:4c:67:86:8c:5c:0d:99:
af:8e:d5:07:9d:a0:b5:35:95:30:fc:cf:4b:f0:4e:18:ef:75:
9e:8f:09:14:85:2c:33:5e:41:f4:9e:17:a4:eb:12:e9:7f:57:
5f:2a:55:03:6a:c0:17:bb:75:01:3b:9d:26:e7:5b:8b:80:4e:
03:bc:32:b3:cc:5a:27:c7:d0:01:b9:5a:d3:19:ad:a0:40:9e:
fc:cd:cb:ed:ca:b9:e5:be:cd:33:dd:98:c1:48:e2:ee:a3:1c:
fc:f4:17:74:25:fc:73:43:a5:e2:20:04:34:52:70:a9:f5:4e:
be:3d:3c:ed
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNEhacvIiEmcmgSVM4Cs94kblcNYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODQxMDZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3ODgzMDRjNTY3ZGRhNDE2NmE1MWRjYjdkYjc3OTZiMDA3Nzc1YjExZDYz
ZTk2OTcyMmI0NWViMjE1OTI3Y2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8jZBYLrs3v6MkcQXGSp0aWJJuGqReHH2pKky4z5rqTi7znfeA22cuWMr8K
pP1oCHt0DTrDlUA1peQwuM1eZNCR1JuBFMyIlJqNG82fhA/3IrrIWjRkTiW6D/E/
g7Mkaprm3/0xQtXzbl/Hoj7TTyPk6ZdPExS7HRYeMF2Q//FVqEG8uTwhXaN0OPBp
GHY08itGL4XviPg9Dbq3PNRVOeXmLCS75z2VdJcF6pQSfvF3b/zgAIRUyWZYriJ4
Du4GfX6fJnNNjPfiGtrFm1pdKyBiWtMDy1zqbFRX9MrX9TEMbGADmV6x+Ut8vwYn
ivdFjTR9XrhjLSXPPaaWMYYOwp0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRQ7hXs
j6EqXAikcKFl6B6wsiMo1jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQwOGNkMTAtMGZhNi00MDdmLWFkYmMtM2E3YTY2ODUyM2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAs2sHekrVrXcTpe5FVVjJX9IF9HuLxPym2gU3
1fxHdY2825sFhRJwoZthLiW2Oz1URm+ZJT4p+Bb7KrHYybpGiBBdQFSaqiMnFMNv
lD9o7kdv5KYNH/wrskhyaLM1uJ8FV+kfLuBVd1C1zSYg8mQUaug/zWWAdnYWop+x
N66bsi7d6wYBo9peSoFMZ4aMXA2Zr47VB52gtTWVMPzPS/BOGO91no8JFIUsM15B
9J4XpOsS6X9XXypVA2rAF7t1ATudJudbi4BOA7wys8xaJ8fQAbla0xmtoECe/M3L
7cq55b7NM92YwUji7qMc/PQXdCX8c0Ol4iAENFJwqfVOvj087Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:34 2025 by rpki-client