Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48ce7dfe-434d-4b57-b520-9001ae26be85.roa
File: 48ce7dfe-434d-4b57-b520-9001ae26be85.roa (raw, json)
Hash identifier: 2bDiCn+iPMO+9SQMwYH1RHg2HbVICGy47p2+/5dqFfg=
Subject key identifier: 7F:7B:14:42:77:41:83:53:24:A9:40:4D:DB:3C:31:05:C8:87:F2:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B51FC8058AEF0A11F21A408E7DE7754A246675B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48ce7dfe-434d-4b57-b520-9001ae26be85.roa
Signing time: Tue 05 Aug 2025 18:50:48 +0000
ROA not before: Tue 05 Aug 2025 18:50:48 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:51:fc:80:58:ae:f0:a1:1f:21:a4:08:e7:de:77:54:a2:46:67:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:50:48 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=5ed8db7e150b5829648f18b1738a74eb254485a4f73adc473ccd687aa858965c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:39:44:59:6b:a1:bf:ba:6d:e8:50:5c:5a:73:
77:96:ee:05:8f:e2:76:50:60:2e:aa:83:ae:4b:1d:
90:7b:59:f1:46:3a:e1:cc:3f:5b:c8:03:77:2f:6a:
17:ae:2f:11:4e:38:c9:2d:f2:ea:3b:4d:6a:22:9a:
e1:7e:3c:d6:d5:35:78:7f:d0:b9:80:02:b3:09:d8:
c0:83:4a:cc:c3:2c:5f:c6:ab:19:8f:2a:e5:c2:4d:
88:37:e8:fd:2a:74:ae:4d:03:07:74:e2:5e:83:f2:
bf:f9:85:b2:d4:52:89:0a:66:12:a1:02:8c:62:7a:
34:6b:b8:4b:ac:4f:09:38:b1:12:b5:1e:43:e1:40:
ef:c7:1d:30:f1:9f:82:9a:19:99:ee:f0:e7:c2:58:
94:6b:06:cf:46:13:93:7c:3e:d0:c6:e9:0a:47:bd:
3c:0d:64:a1:ed:58:56:86:c1:ac:10:9a:fc:29:f2:
77:1a:49:f9:c3:8c:ea:60:80:c6:0c:63:7a:bd:5f:
6b:24:b3:17:4b:de:37:30:f4:17:64:ee:6e:20:e3:
e7:d7:02:c5:e0:da:0a:1d:3e:86:c6:af:26:7e:a0:
2e:5c:05:ea:ce:c9:34:bc:2c:72:80:d1:15:d1:b0:
45:81:26:65:29:7d:b7:a1:4b:3c:3e:72:8d:34:a3:
d8:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:7B:14:42:77:41:83:53:24:A9:40:4D:DB:3C:31:05:C8:87:F2:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48ce7dfe-434d-4b57-b520-9001ae26be85.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8010::/48
Signature Algorithm: sha256WithRSAEncryption
98:66:45:d9:95:e7:67:6b:b4:ae:a4:6c:6d:94:22:6f:ca:1b:
a2:25:c6:32:e9:08:77:16:fb:14:2f:74:de:70:77:fa:d3:c7:
ce:cd:24:d5:da:d2:0f:3c:33:85:47:2f:15:ec:84:53:3e:1e:
93:51:cc:f7:51:af:f8:ee:60:d2:34:41:f9:70:7e:6f:8b:ba:
cf:9d:5a:f7:df:fa:60:13:b6:8d:98:90:9d:db:81:d2:98:79:
2d:49:6a:57:d1:c1:22:36:27:e0:5f:fe:73:8f:12:77:cd:31:
80:9e:0f:bd:cb:eb:54:da:a9:9f:7a:ea:d2:93:3f:f3:c6:03:
24:ca:13:06:d0:4b:19:cb:45:15:3f:40:2c:90:7b:b4:0c:9c:
61:eb:c1:e2:3f:7f:a7:90:ce:fd:1d:56:19:9d:35:72:d0:91:
64:e7:a4:5a:16:88:29:e7:db:8d:85:03:02:fd:ba:84:52:2b:
c2:41:50:19:00:29:9d:00:94:c3:ac:37:ab:60:bd:2d:8d:c6:
1e:9f:03:c3:ea:70:73:f3:40:5b:a0:73:d8:f7:4e:fb:d0:33:
df:6e:05:de:78:a5:37:57:c8:d8:28:19:81:03:1a:68:45:49:
27:12:54:96:c2:38:72:95:fa:bd:e9:70:b8:5a:36:3c:62:ad:
c6:97:25:98
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUa1H8gFiu8KEfIaQI5953VKJGZ1swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODUwNDhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlZDhkYjdlMTUwYjU4Mjk2NDhmMThiMTczOGE3NGViMjU0NDg1YTRmNzNh
ZGM0NzNjY2Q2ODdhYTg1ODk2NWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM45RFlrob+6behQXFpzd5buBY/idlBgLqqDrksdkHtZ8UY64cw/W8gDdy9q
F64vEU44yS3y6jtNaiKa4X481tU1eH/QuYACswnYwINKzMMsX8arGY8q5cJNiDfo
/Sp0rk0DB3TiXoPyv/mFstRSiQpmEqECjGJ6NGu4S6xPCTixErUeQ+FA78cdMPGf
gpoZme7w58JYlGsGz0YTk3w+0MbpCke9PA1koe1YVobBrBCa/CnydxpJ+cOM6mCA
xgxjer1faySzF0veNzD0F2TubiDj59cCxeDaCh0+hsavJn6gLlwF6s7JNLwscoDR
FdGwRYEmZSl9t6FLPD5yjTSj2MMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR/exRC
d0GDUySpQE3bPDEFyIfyjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDhjZTdkZmUtNDM0ZC00YjU3LWI1MjAtOTAwMWFlMjZiZTg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
EDANBgkqhkiG9w0BAQsFAAOCAQEAmGZF2ZXnZ2u0rqRsbZQib8oboiXGMukIdxb7
FC903nB3+tPHzs0k1drSDzwzhUcvFeyEUz4ek1HM91Gv+O5g0jRB+XB+b4u6z51a
99/6YBO2jZiQnduB0ph5LUlqV9HBIjYn4F/+c48Sd80xgJ4PvcvrVNqpn3rq0pM/
88YDJMoTBtBLGctFFT9ALJB7tAycYevB4j9/p5DO/R1WGZ01ctCRZOekWhaIKefb
jYUDAv26hFIrwkFQGQApnQCUw6w3q2C9LY3GHp8Dw+pwc/NAW6Bz2PdO+9Az324F
3nilN1fI2CgZgQMaaEVJJxJUlsI4cpX6velwuFo2PGKtxpclmA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:06:59 2025 by rpki-client