Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b43f183-cd0a-4862-a7f0-bf7122100edb.roa
File: 4b43f183-cd0a-4862-a7f0-bf7122100edb.roa (raw, json)
Hash identifier: uYD6fkV78B3b+IOOchH5FEar5Qi3R9VaQ83bWdLURxc=
Subject key identifier: 40:7F:CA:43:CF:07:BB:62:5F:12:1B:71:A5:B1:89:47:54:D3:87:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 125AD63F294792854ADBF66D27639894B86099F3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b43f183-cd0a-4862-a7f0-bf7122100edb.roa
Signing time: Tue 05 Aug 2025 20:11:21 +0000
ROA not before: Tue 05 Aug 2025 20:11:21 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:5a:d6:3f:29:47:92:85:4a:db:f6:6d:27:63:98:94:b8:60:99:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:11:21 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=fc57e45ffdcf21ac1c16ee91c122253f62518a91af79891afc5a83e97169531e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:77:3f:20:3f:34:18:8e:5e:e8:fa:5f:5b:db:
8a:27:16:40:23:bf:ab:65:02:f2:11:97:aa:a4:9d:
e4:17:a7:9a:4e:2e:9a:f2:1b:aa:84:ef:24:94:53:
3b:da:fb:e1:3c:85:d3:83:99:82:8b:52:9b:e8:aa:
56:b9:22:a2:83:98:8b:28:a9:77:f1:43:80:45:db:
d8:cb:ed:b0:ae:2a:b5:fd:ae:79:d1:00:3e:79:23:
ce:3b:ad:55:9d:59:dd:b3:3d:bc:ef:62:ca:65:c8:
55:c3:23:d2:94:91:d4:a7:42:93:25:dc:25:8e:ac:
a9:27:1b:ec:fc:65:44:dc:e6:cf:4e:a7:56:9f:c7:
47:e6:c3:bb:34:5d:f5:b0:01:d7:5c:5d:eb:32:ff:
80:5b:8b:b1:b1:59:16:70:58:94:f0:1c:3b:e5:61:
77:fc:c5:1c:a1:71:9a:47:d8:ec:9f:c3:84:b5:9f:
c8:1b:3e:f7:fb:5a:10:6d:ad:a1:0f:bf:43:6c:f0:
03:68:b9:bc:6a:70:33:aa:2c:60:64:fa:53:cb:7d:
9b:e0:64:8f:06:ff:8a:d8:94:b7:d2:7d:e0:b1:e1:
c2:2d:40:a7:a5:01:47:19:cb:7e:9c:bf:3c:e6:61:
95:9f:2f:0e:79:7a:0b:ec:e2:fb:2a:e1:02:f8:af:
ad:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7F:CA:43:CF:07:BB:62:5F:12:1B:71:A5:B1:89:47:54:D3:87:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b43f183-cd0a-4862-a7f0-bf7122100edb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:c00::/38
Signature Algorithm: sha256WithRSAEncryption
60:7c:80:f2:fc:b1:ea:80:a0:fa:ac:a9:80:76:a6:5e:e4:26:
9b:1f:b2:0a:31:69:38:c1:af:c7:a3:01:22:30:19:91:8f:46:
cb:5a:ce:89:5b:80:26:e7:40:6e:2d:7f:7d:2a:9e:df:1f:c4:
69:73:17:0b:f6:0f:ff:50:c2:6c:b6:4f:e1:b1:f3:5c:bb:d8:
0c:34:5d:16:5c:0c:dd:17:6c:ff:0e:ba:57:4d:ea:1d:a3:59:
10:76:ac:67:c8:20:6c:f0:e0:a8:a6:1d:aa:5a:b2:24:61:2b:
3a:ca:ce:50:21:f3:af:24:64:b0:74:de:c7:42:90:dc:d7:f1:
7d:ce:d0:43:c5:8f:f2:79:8f:db:8f:b0:fc:d2:dd:df:69:d8:
1c:16:b3:26:49:98:2e:e9:91:f7:70:9b:04:a7:ea:fc:80:51:
14:27:14:1c:d0:9e:21:10:ae:9a:a8:ec:b6:f2:bd:89:2b:59:
98:b4:58:c8:fb:be:0a:03:5f:2f:bc:2c:70:77:46:71:80:c4:
88:17:eb:e9:ab:dd:ff:fe:31:58:83:ce:6f:ac:02:76:c0:20:
7d:65:0e:e0:4a:21:d6:9a:0d:e9:10:0b:d3:05:c0:e4:65:40:
54:b7:d7:fb:c7:61:9d:27:07:4d:c8:12:bc:02:c4:e1:c7:df:
fd:74:c8:ff
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUElrWPylHkoVK2/ZtJ2OYlLhgmfMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDExMjFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjNTdlNDVmZmRjZjIxYWMxYzE2ZWU5MWMxMjIyNTNmNjI1MThhOTFhZjc5
ODkxYWZjNWE4M2U5NzE2OTUzMWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZ3PyA/NBiOXuj6X1vbiicWQCO/q2UC8hGXqqSd5Benmk4umvIbqoTvJJRT
O9r74TyF04OZgotSm+iqVrkiooOYiyipd/FDgEXb2MvtsK4qtf2uedEAPnkjzjut
VZ1Z3bM9vO9iymXIVcMj0pSR1KdCkyXcJY6sqScb7PxlRNzmz06nVp/HR+bDuzRd
9bAB11xd6zL/gFuLsbFZFnBYlPAcO+Vhd/zFHKFxmkfY7J/DhLWfyBs+9/taEG2t
oQ+/Q2zwA2i5vGpwM6osYGT6U8t9m+Bkjwb/itiUt9J94LHhwi1Ap6UBRxnLfpy/
POZhlZ8vDnl6C+zi+yrhAvivrfMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRAf8pD
zwe7Yl8SG3GlsYlHVNOHpDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI0M2YxODMtY2QwYS00ODYyLWE3ZjAtYmY3MTIyMTAwZWRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQM
MA0GCSqGSIb3DQEBCwUAA4IBAQBgfIDy/LHqgKD6rKmAdqZe5CabH7IKMWk4wa/H
owEiMBmRj0bLWs6JW4Am50BuLX99Kp7fH8RpcxcL9g//UMJstk/hsfNcu9gMNF0W
XAzdF2z/DrpXTeodo1kQdqxnyCBs8OCoph2qWrIkYSs6ys5QIfOvJGSwdN7HQpDc
1/F9ztBDxY/yeY/bj7D80t3fadgcFrMmSZgu6ZH3cJsEp+r8gFEUJxQc0J4hEK6a
qOy28r2JK1mYtFjI+74KA18vvCxwd0ZxgMSIF+vpq93//jFYg85vrAJ2wCB9ZQ7g
SiHWmg3pEAvTBcDkZUBUt9f7x2GdJwdNyBK8AsThx9/9dMj/
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:35:17 2025 by rpki-client