Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
File: 4967c03f-f17b-42f4-bfca-8694bb963ab0.roa (raw, json)
Hash identifier: RxoBHyrN4OSeBq5ChjzHY2Iz+eWN+zBLFG/sccd6dGI=
Subject key identifier: D2:30:89:3C:67:BB:54:48:D3:88:87:C7:BB:6F:13:03:61:37:E8:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DD8479880098DFF097CEE91A3C9F010DBE3A10A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
Signing time: Tue 05 Aug 2025 18:51:15 +0000
ROA not before: Tue 05 Aug 2025 18:51:15 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:d8:47:98:80:09:8d:ff:09:7c:ee:91:a3:c9:f0:10:db:e3:a1:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:51:15 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=28447ce153e93e389c5ebc859fdecfebefb03f798948127e7d4a78fa309aa341, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1b:10:2b:19:a4:b6:cc:39:38:07:89:2a:9c:
48:99:6f:2a:b8:dd:b2:aa:a9:98:14:b9:d8:d3:6b:
72:ed:a8:e1:c2:a8:c8:e6:47:88:29:d7:d8:9a:38:
2b:32:7f:f9:13:c4:19:83:38:26:43:e1:df:7e:81:
0a:43:ed:b0:df:d0:6c:75:d9:99:2c:ba:27:81:70:
3e:a7:79:e2:d4:cd:93:04:b7:6e:35:d6:4c:6a:c9:
ad:e6:34:70:20:53:c1:9d:89:b2:1c:ad:05:22:75:
9f:49:ce:8f:41:db:25:ca:83:27:43:ca:33:1d:2f:
00:cb:8b:15:18:9c:99:8f:19:d0:ed:dd:74:09:16:
c9:fd:b8:82:e9:c5:70:6a:7a:4f:58:83:47:b7:e6:
26:28:9d:cc:e4:3a:e0:80:2c:48:f1:21:6f:a4:24:
04:54:56:09:a4:73:d3:ab:77:71:5a:bd:85:4d:2f:
da:4d:cc:2e:aa:eb:f0:b3:e5:ad:bc:e3:a1:8b:94:
29:c6:e5:ea:ed:2c:cd:41:cb:f5:f2:37:00:4d:76:
b5:b5:1f:9a:7c:53:25:87:af:a3:40:5a:4a:09:8d:
97:75:e2:33:39:e0:38:4f:93:c1:32:11:a0:34:1b:
62:ea:81:c3:81:c6:fe:82:d9:2d:86:d2:92:52:9b:
a9:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:30:89:3C:67:BB:54:48:D3:88:87:C7:BB:6F:13:03:61:37:E8:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9040::/48
Signature Algorithm: sha256WithRSAEncryption
87:5c:b8:3d:e2:2f:58:4d:c0:c8:2f:e0:11:8b:05:91:bf:50:
15:56:d6:f3:86:fc:35:84:5e:eb:ea:37:4d:dd:1f:f3:84:3d:
5d:eb:a0:5a:61:0d:46:35:92:9b:92:e4:e6:00:6d:9d:2e:1f:
1f:ad:9a:d9:25:94:c6:32:59:dc:a5:fd:de:dc:d2:c7:87:e2:
80:e5:df:74:50:40:2a:11:69:97:8d:cc:f3:88:10:9d:41:a2:
30:b3:6d:96:20:ef:9d:7a:b9:93:b0:79:4d:79:d9:5a:bf:31:
93:ef:36:ac:bb:3a:c1:93:06:7a:2b:ce:b0:f2:02:f4:64:84:
5a:70:4a:c9:d7:48:33:5e:b1:e6:36:51:ac:28:36:61:ee:54:
e0:85:11:48:2f:3d:93:99:9f:23:4d:d7:e8:a7:31:41:bb:da:
09:d7:38:84:3e:dd:ec:8b:25:c0:95:a5:87:ca:fd:7b:76:0a:
03:e9:09:f7:1d:2b:52:fc:b5:19:f3:67:cf:b8:b5:aa:28:db:
4b:a5:29:f7:a9:80:8b:d1:75:18:e3:2e:32:1c:d1:42:33:f9:
82:35:d4:15:7f:b0:21:ba:9f:c1:99:13:33:0d:7d:e4:42:78:
5d:f8:c3:8b:ba:11:d1:8a:b3:3d:d8:fd:00:e6:c4:d5:d4:8b:
10:85:2e:ec
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULdhHmIAJjf8JfO6Ro8nwENvjoQowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODUxMTVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4NDQ3Y2UxNTNlOTNlMzg5YzVlYmM4NTlmZGVjZmViZWZiMDNmNzk4OTQ4
MTI3ZTdkNGE3OGZhMzA5YWEzNDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYbECsZpLbMOTgHiSqcSJlvKrjdsqqpmBS52NNrcu2o4cKoyOZHiCnX2Jo4
KzJ/+RPEGYM4JkPh336BCkPtsN/QbHXZmSy6J4FwPqd54tTNkwS3bjXWTGrJreY0
cCBTwZ2JshytBSJ1n0nOj0HbJcqDJ0PKMx0vAMuLFRicmY8Z0O3ddAkWyf24gunF
cGp6T1iDR7fmJiidzOQ64IAsSPEhb6QkBFRWCaRz06t3cVq9hU0v2k3MLqrr8LPl
rbzjoYuUKcbl6u0szUHL9fI3AE12tbUfmnxTJYevo0BaSgmNl3XiMzngOE+TwTIR
oDQbYuqBw4HG/oLZLYbSklKbqakCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTSMIk8
Z7tUSNOIh8e7bxMDYTfoyDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDk2N2MwM2YtZjE3Yi00MmY0LWJmY2EtODY5NGJiOTYzYWIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAh1y4PeIvWE3AyC/gEYsFkb9QFVbW84b8NYRe
6+o3Td0f84Q9XeugWmENRjWSm5Lk5gBtnS4fH62a2SWUxjJZ3KX93tzSx4figOXf
dFBAKhFpl43M84gQnUGiMLNtliDvnXq5k7B5TXnZWr8xk+82rLs6wZMGeivOsPIC
9GSEWnBKyddIM16x5jZRrCg2Ye5U4IURSC89k5mfI03X6KcxQbvaCdc4hD7d7Isl
wJWlh8r9e3YKA+kJ9x0rUvy1GfNnz7i1qijbS6Up96mAi9F1GOMuMhzRQjP5gjXU
FX+wIbqfwZkTMw195EJ4XfjDi7oR0YqzPdj9AObE1dSLEIUu7A==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:48:19 2025 by rpki-client