Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa
File: 4a7b2b27-8130-47da-97da-78c91087b05e.roa (raw, json)
Hash identifier: bjuIqesytvhosg7zRTeIGqo/Nu5182+9fK5OFOZOhDw=
Subject key identifier: FD:BD:4F:52:13:2B:B9:78:53:52:B6:C6:6D:D8:62:B7:56:08:75:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A82E1091DEB6929AF87D58463B56FC65222307B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa
Signing time: Tue 05 Aug 2025 18:51:22 +0000
ROA not before: Tue 05 Aug 2025 18:51:22 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:82:e1:09:1d:eb:69:29:af:87:d5:84:63:b5:6f:c6:52:22:30:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:51:22 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=5c8006e0733e4c9090f210e686a3e0cad78fa1cdd89ab238b1e69e0faf77c9aa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:87:c4:0e:32:34:99:a7:af:9e:0a:f7:98:df:
db:7b:b8:64:c7:56:b9:38:27:af:47:02:31:86:e9:
3f:52:ee:a8:c6:0a:7f:a6:44:98:1f:f3:85:58:6b:
9d:6c:05:92:ee:45:c8:33:36:4f:74:33:b8:90:89:
a5:a0:af:67:5a:95:92:6d:4b:58:c2:a4:f5:b5:aa:
35:6c:a1:78:b9:6d:12:e4:18:de:8b:80:6a:13:20:
a4:25:d6:a4:5e:b1:53:f8:72:f8:aa:e0:77:98:c7:
bc:04:bc:68:e9:f6:9f:45:02:9c:6f:96:67:a9:4f:
b7:75:17:2b:8a:24:e9:01:ab:70:75:4e:8a:42:69:
4a:47:49:b4:c3:86:d8:79:83:20:1e:05:e0:2e:7a:
03:e2:32:e9:98:50:be:45:c5:49:8d:09:9a:d8:dd:
07:bb:f5:0b:0d:b5:f8:d0:06:01:24:ed:f3:4c:91:
a5:e8:91:33:b9:35:a2:64:cd:8f:0e:38:80:b2:2c:
1b:6b:84:66:38:95:71:48:d9:d4:ef:c4:57:6e:e9:
6e:e4:05:6b:d0:73:75:78:8e:43:f0:73:11:c0:b4:
9d:9c:0c:1e:06:11:67:d8:cf:c5:d2:55:7b:bf:a5:
0f:7c:29:87:2e:6a:52:fd:30:ea:30:d3:2f:af:86:
ad:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:BD:4F:52:13:2B:B9:78:53:52:B6:C6:6D:D8:62:B7:56:08:75:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c040::/48
Signature Algorithm: sha256WithRSAEncryption
06:9b:c6:4c:d0:10:e6:c9:f0:0e:5c:32:b5:bf:67:9b:25:6c:
17:6f:1b:b2:f1:1b:44:35:ab:14:56:62:65:c0:0a:88:b4:2a:
1b:00:04:0d:fb:75:a9:46:a8:63:5a:5b:9d:cb:a6:9e:76:86:
0d:a0:d5:4a:78:98:6b:75:87:7e:94:6d:42:a6:0f:ff:dc:6c:
0c:81:18:d5:0a:47:9c:d9:f1:6b:24:3e:85:b8:15:74:ed:e2:
dd:38:af:4b:88:18:1f:79:84:b7:28:a8:e6:6a:39:dc:ce:63:
17:d2:66:c1:84:00:4a:8b:f4:69:31:be:bf:72:17:6d:b2:18:
37:8f:87:8f:b2:6b:05:54:32:14:de:e8:26:a4:0e:ef:e6:a0:
5f:3a:0f:a9:20:4a:e0:18:7b:bf:c9:59:93:13:38:4a:13:9d:
d9:04:36:2b:7f:df:26:da:71:7a:90:ae:fa:ca:43:f3:6e:1e:
d7:41:34:9d:db:c0:f2:64:64:5b:18:4b:56:1a:73:ef:2b:9d:
20:f5:f9:33:39:4e:87:5c:79:78:61:6c:78:18:b4:29:08:0a:
e6:a1:21:4d:3d:78:4d:01:53:cc:65:0b:86:d5:e3:ce:a5:bb:
d0:07:ed:3f:6b:22:ab:29:96:fd:aa:d0:e2:6a:09:ab:f6:be:
64:76:91:46
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeoLhCR3raSmvh9WEY7VvxlIiMHswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODUxMjJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjODAwNmUwNzMzZTRjOTA5MGYyMTBlNjg2YTNlMGNhZDc4ZmExY2RkODlh
YjIzOGIxZTY5ZTBmYWY3N2M5YWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ2HxA4yNJmnr54K95jf23u4ZMdWuTgnr0cCMYbpP1LuqMYKf6ZEmB/zhVhr
nWwFku5FyDM2T3QzuJCJpaCvZ1qVkm1LWMKk9bWqNWyheLltEuQY3ouAahMgpCXW
pF6xU/hy+Krgd5jHvAS8aOn2n0UCnG+WZ6lPt3UXK4ok6QGrcHVOikJpSkdJtMOG
2HmDIB4F4C56A+Iy6ZhQvkXFSY0JmtjdB7v1Cw21+NAGASTt80yRpeiRM7k1omTN
jw44gLIsG2uEZjiVcUjZ1O/EV27pbuQFa9BzdXiOQ/BzEcC0nZwMHgYRZ9jPxdJV
e7+lD3wphy5qUv0w6jDTL6+GrfcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT9vU9S
Eyu5eFNStsZt2GK3Vgh1GDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGE3YjJiMjctODEzMC00N2RhLTk3ZGEtNzhjOTEwODdiMDVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
QDANBgkqhkiG9w0BAQsFAAOCAQEABpvGTNAQ5snwDlwytb9nmyVsF28bsvEbRDWr
FFZiZcAKiLQqGwAEDft1qUaoY1pbncumnnaGDaDVSniYa3WHfpRtQqYP/9xsDIEY
1QpHnNnxayQ+hbgVdO3i3TivS4gYH3mEtyio5mo53M5jF9JmwYQASov0aTG+v3IX
bbIYN4+Hj7JrBVQyFN7oJqQO7+agXzoPqSBK4Bh7v8lZkxM4ShOd2QQ2K3/fJtpx
epCu+spD824e10E0ndvA8mRkWxhLVhpz7yudIPX5MzlOh1x5eGFseBi0KQgK5qEh
TT14TQFTzGULhtXjzqW70AftP2siqymW/arQ4moJq/a+ZHaRRg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:35:17 2025 by rpki-client