Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
File: 4aa6172c-f263-4645-8d7a-40a15aee233f.roa (raw, json)
Hash identifier: vrUzTbA2sw1ffPv6XTiWpDyVaw1FBmJHdFk4tHtZhj4=
Subject key identifier: 9F:32:1D:03:E3:0C:DE:1B:F4:22:32:DE:97:68:0F:50:5C:D6:48:3B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1A403E30D623C0DA2FE665540200032088C539DD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
Signing time: Tue 05 Aug 2025 19:40:36 +0000
ROA not before: Tue 05 Aug 2025 19:40:36 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:40:3e:30:d6:23:c0:da:2f:e6:65:54:02:00:03:20:88:c5:39:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:40:36 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=f2a37a2e9e57925630e72d2bcd74153f84c7eb649e448b6dfb7c2584adac9f93, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:62:78:9e:7d:2b:1b:bb:a9:72:fb:b9:26:0c:
1f:9c:61:2f:a2:7c:9f:d1:9b:ef:f5:94:af:a8:24:
ca:99:33:89:39:d5:9a:e6:79:7c:e1:97:45:4d:39:
09:35:fd:74:5a:c0:7e:4a:9f:d8:84:51:56:51:42:
d0:f8:49:18:4a:44:c6:b6:d9:42:6f:e0:9c:fd:c2:
cb:c5:d8:cb:1f:ea:f1:aa:65:74:86:5e:80:42:17:
56:21:cf:0f:ba:32:8c:a8:5c:f3:a6:4e:12:62:51:
35:4d:bb:87:d6:ef:bc:39:2b:55:fe:e1:3f:b7:ab:
ae:1a:b1:2a:44:8a:81:f2:ac:b5:68:14:e1:4b:4d:
0b:ec:57:82:1d:df:bb:78:a7:37:a7:11:37:3e:17:
bf:ac:83:c0:f7:73:92:a0:e8:bd:f9:c0:f5:f3:28:
e7:17:3e:5d:9e:f4:9e:fa:5f:7d:23:fe:21:d6:a1:
b7:d5:38:d7:62:a3:94:f6:0e:75:85:47:62:1a:5d:
41:bb:ec:a4:73:06:34:78:5b:85:71:1c:81:ea:7a:
36:26:75:71:67:70:12:cc:1c:0c:7f:e8:0d:6f:50:
4d:cd:e8:1b:9a:15:4f:31:60:65:9d:f3:1a:b6:ce:
31:18:c2:d9:cc:e9:22:d9:b6:f8:93:9f:41:05:22:
e1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:32:1D:03:E3:0C:DE:1B:F4:22:32:DE:97:68:0F:50:5C:D6:48:3B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:8000::/40
Signature Algorithm: sha256WithRSAEncryption
95:51:2f:80:5e:1f:43:6f:80:54:5d:dd:ff:78:78:2f:72:55:
68:6e:56:3e:b6:89:fb:55:29:21:69:b9:5f:1d:97:4c:08:81:
62:cf:51:51:5b:6a:de:f9:aa:74:ba:9c:d3:70:ab:70:d1:1c:
3e:88:d3:7b:28:4b:3d:67:65:a3:c6:34:a8:d9:6a:6f:f3:90:
4d:88:da:4e:0e:d3:c9:e9:50:a2:d5:4c:04:1f:58:d5:04:9b:
e6:4f:47:54:47:46:57:62:04:9f:b8:30:b5:c7:b5:c9:0d:7d:
ff:45:2c:66:06:50:6f:ce:38:13:42:ee:50:10:9d:c1:5f:c1:
e4:16:5a:e2:1d:dc:65:e1:b3:30:44:03:79:ad:98:dc:5b:c6:
53:90:eb:83:fa:4d:5c:53:fe:83:21:36:02:f4:f6:37:40:6e:
01:3f:0e:95:b7:b9:16:25:e5:5b:87:a2:b6:a7:fd:7e:3a:05:
09:0a:76:31:3c:fa:63:ec:cf:28:7e:a0:d0:d2:e3:90:71:b7:
ac:2b:9d:af:0f:51:b8:bb:62:2b:d9:4e:94:66:08:4b:92:88:
38:89:92:58:79:c0:f6:23:3b:a1:0a:ba:8c:7f:bd:0f:24:e5:
c2:b8:50:5f:32:96:a5:0a:cf:26:ba:b5:82:ae:28:17:ad:6e:
c3:c2:e4:09
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGkA+MNYjwNov5mVUAgADIIjFOd0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQwMzZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyYTM3YTJlOWU1NzkyNTYzMGU3MmQyYmNkNzQxNTNmODRjN2ViNjQ5ZTQ0
OGI2ZGZiN2MyNTg0YWRhYzlmOTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZieJ59Kxu7qXL7uSYMH5xhL6J8n9Gb7/WUr6gkypkziTnVmuZ5fOGXRU05
CTX9dFrAfkqf2IRRVlFC0PhJGEpExrbZQm/gnP3Cy8XYyx/q8apldIZegEIXViHP
D7oyjKhc86ZOEmJRNU27h9bvvDkrVf7hP7errhqxKkSKgfKstWgU4UtNC+xXgh3f
u3inN6cRNz4Xv6yDwPdzkqDovfnA9fMo5xc+XZ70nvpffSP+Idaht9U412KjlPYO
dYVHYhpdQbvspHMGNHhbhXEcgep6NiZ1cWdwEswcDH/oDW9QTc3oG5oVTzFgZZ3z
GrbOMRjC2czpItm2+JOfQQUi4UkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSfMh0D
4wzeG/QiMt6XaA9QXNZIOzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhNjE3MmMtZjI2My00NjQ1LThkN2EtNDBhMTVhZWUyMzNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGA
MA0GCSqGSIb3DQEBCwUAA4IBAQCVUS+AXh9Db4BUXd3/eHgvclVoblY+ton7VSkh
ablfHZdMCIFiz1FRW2re+ap0upzTcKtw0Rw+iNN7KEs9Z2WjxjSo2Wpv85BNiNpO
DtPJ6VCi1UwEH1jVBJvmT0dUR0ZXYgSfuDC1x7XJDX3/RSxmBlBvzjgTQu5QEJ3B
X8HkFlriHdxl4bMwRAN5rZjcW8ZTkOuD+k1cU/6DITYC9PY3QG4BPw6Vt7kWJeVb
h6K2p/1+OgUJCnYxPPpj7M8ofqDQ0uOQcbesK52vD1G4u2Ir2U6UZghLkog4iZJY
ecD2IzuhCrqMf70PJOXCuFBfMpalCs8murWCrigXrW7DwuQJ
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:07 2025 by rpki-client