Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
File: 4498c2d2-5806-4a94-bd91-8de10249561d.roa (raw, json)
Hash identifier: 6m9++wJ45h/gHyVbWIBUdeUPmkFVG4qM9WPOOCq5xvc=
Subject key identifier: CC:6C:3F:37:5C:95:38:75:C7:72:FA:2D:C1:1E:EB:2F:AF:DE:95:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F69AF7B41932CB56982C6D096D37A4704FD9D1F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
Signing time: Tue 05 Aug 2025 19:31:43 +0000
ROA not before: Tue 05 Aug 2025 19:31:43 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:69:af:7b:41:93:2c:b5:69:82:c6:d0:96:d3:7a:47:04:fd:9d:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:31:43 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=2dc30d2caa63ec2c35058d54b0beb7576f6e1f6a24a44516c60eb5d5ae5b9a4d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:53:5a:47:c3:e7:ce:52:82:2a:bf:32:20:f7:
5a:a5:ce:e2:13:69:e0:a3:fc:fa:41:04:e7:c9:89:
16:7a:1d:53:b7:8f:26:14:4b:de:12:32:b8:2e:2b:
21:fc:fa:a0:1c:3f:27:c3:38:27:e6:00:75:85:87:
da:0e:e7:c9:68:9f:92:01:c0:aa:e1:0d:ab:c5:98:
98:58:e1:22:a9:5b:c6:bb:ab:cc:cb:2d:ef:23:1f:
a2:7d:2e:45:b5:75:35:2f:08:5e:3e:69:31:a9:1e:
29:3e:b2:46:99:86:a2:95:b2:20:12:ec:aa:86:0a:
0d:3a:c4:91:1c:a1:67:64:b7:5f:78:43:ea:76:e1:
60:33:19:20:62:06:00:81:2c:b2:2d:6d:ed:5f:c1:
7b:46:5d:94:e0:74:44:83:b3:85:b8:b7:1c:4f:43:
b5:63:07:85:48:f4:e2:f6:da:91:97:b9:2b:83:38:
8c:47:28:8a:6c:2c:5d:e6:7a:2f:34:9c:35:61:4b:
ce:e6:08:f1:8e:c6:ed:13:32:28:ad:81:72:b0:d3:
4f:ce:e0:29:00:e2:57:09:38:16:c0:25:29:56:eb:
f7:79:3c:7a:be:10:cf:08:6e:44:90:6e:a2:f6:2b:
d4:a7:3c:55:6d:3a:0d:d9:6e:79:63:0a:9c:78:00:
de:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:6C:3F:37:5C:95:38:75:C7:72:FA:2D:C1:1E:EB:2F:AF:DE:95:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:e000::/40
Signature Algorithm: sha256WithRSAEncryption
4a:9f:97:5f:1d:be:85:56:09:11:7b:d8:23:54:e2:3d:3d:55:
06:89:bf:85:34:e3:5c:f8:24:cf:89:a4:a9:4c:08:51:0e:e3:
ff:80:f3:60:27:09:90:e8:a5:9f:ae:5b:a5:4a:9d:95:0c:0a:
0f:c4:ea:f0:5c:43:52:65:c6:f0:84:79:56:71:69:ee:60:52:
e7:7a:41:4f:e8:4b:1e:ff:23:73:de:48:c5:c6:4e:f4:12:e9:
43:7d:d1:35:ac:cc:c5:11:7d:96:35:54:bd:c4:67:e2:be:d3:
db:e2:54:14:da:e7:c8:76:26:3a:fa:e2:e2:d7:d5:af:dd:dd:
a6:04:89:50:ad:34:2a:e9:28:61:bd:8e:18:bf:71:54:56:b1:
d4:1e:1b:f2:9b:8d:94:c7:84:41:e5:23:d2:5f:af:fd:c9:b5:
7c:f8:08:a8:ec:95:e2:9f:70:71:62:c5:4f:77:77:1e:8a:2e:
64:05:c0:14:b9:b3:b3:15:91:c3:94:4f:14:33:94:fe:47:36:
49:cc:8c:d8:af:da:3c:c1:7a:80:57:fc:b6:15:6c:b4:90:a3:
25:b0:c9:7d:6e:5e:79:14:b6:37:dd:58:82:99:da:e5:4b:fd:
3f:81:6f:6b:10:f9:a8:0a:38:65:41:7d:91:a1:d9:93:db:1c:
43:fa:dd:1b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH2mve0GTLLVpgsbQltN6RwT9nR8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMxNDNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkYzMwZDJjYWE2M2VjMmMzNTA1OGQ1NGIwYmViNzU3NmY2ZTFmNmEyNGE0
NDUxNmM2MGViNWQ1YWU1YjlhNGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpTWkfD585Sgiq/MiD3WqXO4hNp4KP8+kEE58mJFnodU7ePJhRL3hIyuC4r
Ifz6oBw/J8M4J+YAdYWH2g7nyWifkgHAquENq8WYmFjhIqlbxrurzMst7yMfon0u
RbV1NS8IXj5pMakeKT6yRpmGopWyIBLsqoYKDTrEkRyhZ2S3X3hD6nbhYDMZIGIG
AIEssi1t7V/Be0ZdlOB0RIOzhbi3HE9DtWMHhUj04vbakZe5K4M4jEcoimwsXeZ6
LzScNWFLzuYI8Y7G7RMyKK2BcrDTT87gKQDiVwk4FsAlKVbr93k8er4QzwhuRJBu
ovYr1Kc8VW06DdlueWMKnHgA3v8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTMbD83
XJU4dcdy+i3BHusvr96V/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQ5OGMyZDItNTgwNi00YTk0LWJkOTEtOGRlMTAyNDk1NjFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hjg
MA0GCSqGSIb3DQEBCwUAA4IBAQBKn5dfHb6FVgkRe9gjVOI9PVUGib+FNONc+CTP
iaSpTAhRDuP/gPNgJwmQ6KWfrlulSp2VDAoPxOrwXENSZcbwhHlWcWnuYFLnekFP
6Ese/yNz3kjFxk70EulDfdE1rMzFEX2WNVS9xGfivtPb4lQU2ufIdiY6+uLi19Wv
3d2mBIlQrTQq6ShhvY4Yv3FUVrHUHhvym42Ux4RB5SPSX6/9ybV8+Aio7JXin3Bx
YsVPd3ceii5kBcAUubOzFZHDlE8UM5T+RzZJzIzYr9o8wXqAV/y2FWy0kKMlsMl9
bl55FLY33ViCmdrlS/0/gW9rEPmoCjhlQX2RodmT2xxD+t0b
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:05:01 2025 by rpki-client