Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45d0d709-7b92-4c46-9d95-6605e2a3d35e.roa
File: 45d0d709-7b92-4c46-9d95-6605e2a3d35e.roa (raw, json)
Hash identifier: t/bsV4xwdGg+x+ovb7wHO6mOVZL2zoEKEEyQIbocUS0=
Subject key identifier: 06:39:33:C8:EF:CB:04:53:1D:A6:F8:04:55:BA:4A:E4:44:65:B0:35
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 600D544A2D10249DC401D1AF094C09A204A601C1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45d0d709-7b92-4c46-9d95-6605e2a3d35e.roa
Signing time: Tue 05 Aug 2025 19:40:12 +0000
ROA not before: Tue 05 Aug 2025 19:40:12 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:0d:54:4a:2d:10:24:9d:c4:01:d1:af:09:4c:09:a2:04:a6:01:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:40:12 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=fafbe46cb66009123a4bce5f4b675df185360097a96a82024143ecc90cd8aceb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ec:ad:d1:34:be:5a:93:f4:a8:0b:50:f9:38:
ab:00:f6:c3:71:44:be:9e:70:ae:5f:c5:dd:01:35:
5e:e5:c3:a1:5f:56:cd:56:d2:77:be:76:45:5a:8d:
b0:48:1e:17:28:eb:40:d5:ad:ea:61:40:77:99:1b:
6d:fa:41:bf:84:39:4b:cf:dc:8c:f0:31:13:61:87:
af:19:58:ae:7b:e3:ba:5c:6e:d6:1b:60:81:ca:76:
51:79:01:a8:69:2f:91:10:22:f9:c9:32:06:3f:d9:
93:c4:a5:85:da:43:7b:84:c8:8f:1a:bf:42:52:05:
70:8a:f1:77:f7:8b:a8:51:f5:9a:db:2c:6f:fb:82:
fd:b4:fa:98:7e:8b:89:bd:c5:c0:fd:a5:e1:b3:c7:
b6:38:ba:48:20:fd:4d:09:5e:91:c6:80:7f:84:e1:
93:ad:dc:e4:87:fe:07:3f:c5:b6:a4:fb:3b:70:13:
86:fd:a6:32:2b:89:5b:19:51:71:04:61:f2:16:38:
2b:90:75:9b:f9:0e:0e:9c:6a:4f:fa:86:45:36:b9:
7f:6d:d4:c2:49:7a:ed:e5:ba:d9:18:3c:a8:32:8b:
66:2f:46:4c:b9:6b:b3:51:4a:d6:e4:0e:3e:c3:7a:
91:fa:62:a9:0a:ac:04:a6:fc:fb:1a:3b:5f:27:2a:
5c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:39:33:C8:EF:CB:04:53:1D:A6:F8:04:55:BA:4A:E4:44:65:B0:35
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45d0d709-7b92-4c46-9d95-6605e2a3d35e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:e000::/40
Signature Algorithm: sha256WithRSAEncryption
61:31:3f:18:68:b9:80:6a:ba:70:a5:a8:11:7d:17:75:b4:a8:
61:72:11:e7:08:e1:c1:87:09:13:e0:55:89:8d:93:95:d1:25:
9f:17:a3:42:b8:7c:3e:b1:77:f3:f2:ff:fd:87:a2:6a:d5:68:
0c:dc:f2:8d:32:ec:5a:36:99:52:63:c7:90:9f:b8:c4:10:86:
f6:86:33:b9:22:db:b5:db:b0:ed:89:4b:79:2e:9a:7e:96:d0:
74:df:d5:61:8d:4b:68:2f:fa:2a:3e:68:40:27:98:e7:df:ef:
57:0f:ca:ff:ee:76:91:bd:00:7a:27:1e:44:3d:2e:de:8e:77:
a9:67:00:93:dd:b1:33:b6:7d:78:30:3e:ba:d4:94:11:3d:6a:
95:d3:55:a1:c7:4f:b1:d5:85:33:17:7a:d3:4c:cc:89:c4:00:
43:6b:45:f0:5b:8f:93:ae:b7:a7:1d:ba:ed:a7:a9:fc:6a:09:
1c:5a:c3:c2:03:86:92:08:82:8e:07:d6:e5:a6:04:28:78:f7:
d6:4e:b9:ca:06:b1:2d:3c:ec:89:9f:14:54:16:50:95:8f:1a:
72:23:8b:04:e2:96:88:9b:ca:6c:f8:ca:e0:44:e0:a3:80:33:
99:d3:d1:68:35:a9:de:a5:30:f1:14:5d:20:3a:da:0d:9f:a7:
20:dd:e7:f7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYA1USi0QJJ3EAdGvCUwJogSmAcEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQwMTJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhZmJlNDZjYjY2MDA5MTIzYTRiY2U1ZjRiNjc1ZGYxODUzNjAwOTdhOTZh
ODIwMjQxNDNlY2M5MGNkOGFjZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHsrdE0vlqT9KgLUPk4qwD2w3FEvp5wrl/F3QE1XuXDoV9WzVbSd752RVqN
sEgeFyjrQNWt6mFAd5kbbfpBv4Q5S8/cjPAxE2GHrxlYrnvjulxu1htggcp2UXkB
qGkvkRAi+ckyBj/Zk8SlhdpDe4TIjxq/QlIFcIrxd/eLqFH1mtssb/uC/bT6mH6L
ib3FwP2l4bPHtji6SCD9TQlekcaAf4Thk63c5If+Bz/FtqT7O3AThv2mMiuJWxlR
cQRh8hY4K5B1m/kODpxqT/qGRTa5f23Uwkl67eW62Rg8qDKLZi9GTLlrs1FK1uQO
PsN6kfpiqQqsBKb8+xo7XycqXNMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQGOTPI
78sEUx2m+ARVukrkRGWwNTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDVkMGQ3MDktN2I5Mi00YzQ2LTlkOTUtNjYwNWUyYTNkMzVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HXg
MA0GCSqGSIb3DQEBCwUAA4IBAQBhMT8YaLmAarpwpagRfRd1tKhhchHnCOHBhwkT
4FWJjZOV0SWfF6NCuHw+sXfz8v/9h6Jq1WgM3PKNMuxaNplSY8eQn7jEEIb2hjO5
Itu127DtiUt5Lpp+ltB039VhjUtoL/oqPmhAJ5jn3+9XD8r/7naRvQB6Jx5EPS7e
jnepZwCT3bEztn14MD661JQRPWqV01Whx0+x1YUzF3rTTMyJxABDa0XwW4+Trren
Hbrtp6n8agkcWsPCA4aSCIKOB9blpgQoePfWTrnKBrEtPOyJnxRUFlCVjxpyI4sE
4paIm8ps+MrgROCjgDOZ09FoNanepTDxFF0gOtoNn6cg3ef3
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:54:09 2025 by rpki-client