Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
File: 492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa (raw, json)
Hash identifier: PbnKYW8Q7nJfnRlyHU6Z/3LWsReouAXxZLiL3ui/PRM=
Subject key identifier: 02:16:96:40:9E:BD:30:40:FF:7E:8C:EB:E3:3D:B8:75:92:2B:65:B1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5350B85A7A10B8CC91EB381F746EE5FE634A4DBC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
Signing time: Tue 05 Aug 2025 19:51:09 +0000
ROA not before: Tue 05 Aug 2025 19:51:09 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:50:b8:5a:7a:10:b8:cc:91:eb:38:1f:74:6e:e5:fe:63:4a:4d:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:51:09 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=4d47367af6780cd1cb8cd7325c156d647e545ccee23dfc96f3e748876171f471, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c2:f4:81:7d:59:67:37:b1:cc:cd:7a:62:27:
79:f7:24:71:b5:5e:b0:fd:c8:ba:11:19:3e:e6:99:
34:76:89:e6:d0:30:90:cf:45:21:f0:c8:a0:18:cc:
38:05:78:7b:c5:a9:95:98:d7:2f:80:de:91:c8:96:
db:e3:82:1b:c0:bf:a4:ca:57:77:18:a7:a9:51:2c:
10:c4:39:fe:5a:24:99:98:3b:4f:05:c1:c5:e4:ab:
77:de:a2:de:81:40:77:28:0d:c5:f5:96:e0:82:e9:
83:c4:34:32:d3:68:8a:2f:2a:63:af:58:58:f2:a9:
e5:74:53:97:b5:6d:d3:87:88:e3:40:7b:05:1c:4a:
b3:0f:7c:c3:2d:50:ac:98:92:a3:80:94:c5:1f:70:
ed:e0:89:53:3c:e8:ec:cc:73:55:38:38:35:f0:71:
ab:35:78:5d:cb:16:5b:60:3b:8f:90:36:e6:24:ec:
a4:a9:41:35:25:7d:0e:9b:c6:4e:cf:65:f6:8f:f5:
03:ce:a6:e1:fa:6a:4e:51:b6:fc:81:19:de:e7:7b:
5d:06:36:20:a5:48:ca:e5:d1:1d:72:3d:71:b5:61:
6f:7d:83:b6:ba:26:a8:43:82:32:06:23:de:93:82:
61:e8:0a:9c:6b:0e:a1:47:9a:84:f4:4c:5d:16:a5:
7b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:16:96:40:9E:BD:30:40:FF:7E:8C:EB:E3:3D:B8:75:92:2B:65:B1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:4000::/40
Signature Algorithm: sha256WithRSAEncryption
b8:0f:e2:8e:c6:7f:cc:3d:16:ab:52:16:93:e2:d1:60:d0:ed:
71:53:b1:8f:9d:fe:ed:f4:52:5e:2c:01:7f:b6:70:11:38:87:
b2:4e:d0:47:62:b0:42:bf:43:41:8e:6e:e3:35:2c:f1:22:48:
96:b1:3e:b2:a0:50:9d:8b:33:87:04:97:c2:b0:8b:a2:58:dc:
2a:fe:3e:a7:88:17:3d:9b:82:e4:5b:21:43:a1:b0:53:af:f3:
5d:7c:4a:9a:c2:89:c6:19:97:ec:cc:4b:a2:21:21:d7:3d:6c:
fb:1c:64:2d:a3:44:84:6e:df:84:1d:f5:30:45:f7:92:3a:b4:
0f:b4:f7:11:c7:ea:97:d0:3f:ff:9f:dd:ab:74:9a:3a:e2:7f:
be:77:31:52:1a:1c:a7:f9:a4:ab:f6:c6:e6:fb:cd:54:4c:5d:
ab:6d:45:92:ec:4f:ae:fd:e9:0b:0c:f4:91:06:da:be:5b:53:
b4:c8:35:21:06:c3:52:a1:25:99:96:8f:c7:c0:5b:8a:bd:f5:
65:31:44:c9:a1:98:ab:9a:17:bf:89:5f:aa:14:2d:93:4d:54:
d6:ee:e2:96:3a:36:87:16:b8:89:16:3b:77:f1:0b:e5:42:e7:
b5:d7:6c:d5:2d:9c:ad:0a:ba:57:6f:f2:bf:3b:47:93:62:36:
34:1e:27:ae
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUU1C4WnoQuMyR6zgfdG7l/mNKTbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUxMDlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkNDczNjdhZjY3ODBjZDFjYjhjZDczMjVjMTU2ZDY0N2U1NDVjY2VlMjNk
ZmM5NmYzZTc0ODg3NjE3MWY0NzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTC9IF9WWc3sczNemInefckcbVesP3IuhEZPuaZNHaJ5tAwkM9FIfDIoBjM
OAV4e8WplZjXL4DekciW2+OCG8C/pMpXdxinqVEsEMQ5/lokmZg7TwXBxeSrd96i
3oFAdygNxfWW4ILpg8Q0MtNoii8qY69YWPKp5XRTl7Vt04eI40B7BRxKsw98wy1Q
rJiSo4CUxR9w7eCJUzzo7MxzVTg4NfBxqzV4XcsWW2A7j5A25iTspKlBNSV9DpvG
Ts9l9o/1A86m4fpqTlG2/IEZ3ud7XQY2IKVIyuXRHXI9cbVhb32DtromqEOCMgYj
3pOCYegKnGsOoUeahPRMXRaley0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQCFpZA
nr0wQP9+jOvjPbh1kitlsTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkyZWQ4Y2EtZWZhNC00MDQxLWFjOGQtYjBhNzhlZjA1MzA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1A
MA0GCSqGSIb3DQEBCwUAA4IBAQC4D+KOxn/MPRarUhaT4tFg0O1xU7GPnf7t9FJe
LAF/tnAROIeyTtBHYrBCv0NBjm7jNSzxIkiWsT6yoFCdizOHBJfCsIuiWNwq/j6n
iBc9m4LkWyFDobBTr/NdfEqawonGGZfszEuiISHXPWz7HGQto0SEbt+EHfUwRfeS
OrQPtPcRx+qX0D//n92rdJo64n++dzFSGhyn+aSr9sbm+81UTF2rbUWS7E+u/ekL
DPSRBtq+W1O0yDUhBsNSoSWZlo/HwFuKvfVlMUTJoZirmhe/iV+qFC2TTVTW7uKW
OjaHFriJFjt38QvlQue112zVLZytCrpXb/K/O0eTYjY0Hieu
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:45:05 2025 by rpki-client