Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
File: 4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa (raw, json)
Hash identifier: p99yiOI+XkkqkqvZFf1NcTu683wWY2d0T0BoeWf6fqs=
Subject key identifier: DC:FE:40:35:AA:7C:E6:90:EA:C2:4F:2D:67:96:2E:4C:5D:BE:4C:BF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49417BFAD9F2CB1DBDB8E4CF2A43ED60EF6F481E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
Signing time: Tue 05 Aug 2025 19:51:25 +0000
ROA not before: Tue 05 Aug 2025 19:51:25 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:41:7b:fa:d9:f2:cb:1d:bd:b8:e4:cf:2a:43:ed:60:ef:6f:48:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:51:25 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=e330e4ab0ee77a3548b68760b0a4c56f21e2ccc8f0665a69bbcdbcf73718fb7f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b7:6b:d5:30:32:9a:76:6c:8f:5d:94:14:fb:
45:c3:3a:06:90:43:ee:17:3d:a4:41:8a:be:22:3a:
44:61:7c:00:ad:d0:d5:5e:8c:06:cb:10:ef:13:b4:
12:d5:8c:4f:36:4d:7e:5f:ef:ee:66:1a:2e:b9:ca:
e0:1e:d9:a0:dd:c2:9f:e9:96:57:4b:73:90:2e:4e:
3c:4c:fb:d3:69:1f:de:8a:1c:aa:06:f9:af:15:6c:
ac:db:71:49:f2:6f:6c:38:17:14:e1:31:1d:c0:b5:
b5:fc:8e:73:a0:e0:ff:95:0e:de:2c:44:4c:a3:4a:
7e:14:c4:6f:5c:0b:08:86:d7:4f:ed:c4:b0:cb:0b:
b1:58:a6:16:9d:bc:13:96:34:36:fc:fc:6a:8b:d1:
84:30:d0:90:6b:5a:bf:68:00:8f:e6:57:27:3e:8c:
0a:87:78:f8:a6:af:87:66:be:d0:ea:ad:8b:a5:64:
12:b5:6c:d6:b2:c2:ce:c1:66:8c:ec:f8:d6:9b:a3:
59:de:c4:21:15:c3:79:99:99:0e:0c:fa:85:8a:00:
d7:08:ea:69:52:7c:39:e6:0b:51:31:59:51:fb:43:
60:c1:2b:7c:af:e5:6a:8c:f2:79:a5:e0:66:ca:eb:
fe:e1:c1:11:2d:ed:93:af:37:e1:c5:a4:29:db:a4:
ce:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:FE:40:35:AA:7C:E6:90:EA:C2:4F:2D:67:96:2E:4C:5D:BE:4C:BF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:c000::/40
Signature Algorithm: sha256WithRSAEncryption
0f:76:34:72:78:65:9d:72:ad:ec:06:da:9e:6f:49:92:3a:0f:
e2:41:21:81:20:66:01:7a:8c:40:0d:e2:83:39:ec:4c:95:c9:
39:40:76:60:3b:6f:df:3e:cf:66:ff:ba:cb:50:8c:fa:87:76:
60:38:6a:ef:6f:20:ce:76:f8:d9:91:d8:96:be:5c:2e:4f:18:
08:35:52:18:70:9e:04:fe:40:36:a6:0a:0d:cb:da:b6:a6:5b:
10:fc:c5:41:0c:9d:f2:bc:9d:6e:b5:eb:b8:f4:e3:25:07:fe:
29:0e:d4:33:c0:59:f3:7d:e9:4a:6d:87:b6:ba:c3:04:f2:3f:
a9:e8:b7:5c:20:79:bf:86:a3:91:54:1b:80:08:03:cd:05:97:
35:6f:5c:88:39:a5:13:df:6f:48:ad:3f:13:68:a8:9a:ad:2e:
d2:5e:af:7a:6f:e3:5c:21:95:52:1d:29:5d:27:db:45:22:fa:
a4:08:81:fc:7d:f2:e2:a3:a1:1f:0c:f2:dc:9a:e3:4e:9d:3d:
ba:e9:45:49:06:00:95:df:85:22:0d:90:9c:e8:9c:dc:ec:37:
a2:74:e4:1b:f3:21:1d:63:7a:f8:0c:4c:e7:6b:3b:e9:17:48:
df:2c:01:e3:1e:80:9a:e1:1b:5c:fb:e7:cd:31:cb:bf:02:d0:
b7:7a:68:02
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSUF7+tnyyx29uOTPKkPtYO9vSB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUxMjVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzMzBlNGFiMGVlNzdhMzU0OGI2ODc2MGIwYTRjNTZmMjFlMmNjYzhmMDY2
NWE2OWJiY2RiY2Y3MzcxOGZiN2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMK3a9UwMpp2bI9dlBT7RcM6BpBD7hc9pEGKviI6RGF8AK3Q1V6MBssQ7xO0
EtWMTzZNfl/v7mYaLrnK4B7ZoN3Cn+mWV0tzkC5OPEz702kf3oocqgb5rxVsrNtx
SfJvbDgXFOExHcC1tfyOc6Dg/5UO3ixETKNKfhTEb1wLCIbXT+3EsMsLsVimFp28
E5Y0Nvz8aovRhDDQkGtav2gAj+ZXJz6MCod4+Kavh2a+0Oqti6VkErVs1rLCzsFm
jOz41pujWd7EIRXDeZmZDgz6hYoA1wjqaVJ8OeYLUTFZUftDYMErfK/laozyeaXg
Zsrr/uHBES3tk6834cWkKdukzmsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTc/kA1
qnzmkOrCTy1nli5MXb5MvzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFkNGIxZDUtMTczZS00YzEzLTgwMzItYWIyZGQxZmFmZWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FDA
MA0GCSqGSIb3DQEBCwUAA4IBAQAPdjRyeGWdcq3sBtqeb0mSOg/iQSGBIGYBeoxA
DeKDOexMlck5QHZgO2/fPs9m/7rLUIz6h3ZgOGrvbyDOdvjZkdiWvlwuTxgINVIY
cJ4E/kA2pgoNy9q2plsQ/MVBDJ3yvJ1uteu49OMlB/4pDtQzwFnzfelKbYe2usME
8j+p6LdcIHm/hqORVBuACAPNBZc1b1yIOaUT329IrT8TaKiarS7SXq96b+NcIZVS
HSldJ9tFIvqkCIH8ffLio6EfDPLcmuNOnT266UVJBgCV34UiDZCc6Jzc7DeidOQb
8yEdY3r4DEznazvpF0jfLAHjHoCa4Rtc++fNMcu/AtC3emgC
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:58 2025 by rpki-client