Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
File: 4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa (raw, json)
Hash identifier: feCwfDwUrtSLL5udZZZhmHUw8ZmEJdiiz6Snowo25Nc=
Subject key identifier: FB:B6:8E:BE:B1:C3:FB:C1:E7:A9:5A:BD:95:71:C2:1E:87:41:90:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5175F8375001E0C2EEDB3848B28B32A7D2D6F7E4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
Signing time: Tue 05 Aug 2025 19:41:16 +0000
ROA not before: Tue 05 Aug 2025 19:41:16 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:75:f8:37:50:01:e0:c2:ee:db:38:48:b2:8b:32:a7:d2:d6:f7:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:41:16 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=d1892e8c31268875d791818ef0f0e9187b91f96fde94ffa95f6276473e54e25d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:92:76:93:f6:73:35:44:e0:d7:97:b1:b3:2a:
c3:e1:a1:db:4a:c1:4c:97:b1:47:21:ae:a6:bd:b6:
64:ef:50:e7:f7:69:91:ac:5f:e1:83:57:c4:5d:33:
46:91:2d:b1:af:35:4e:f2:5a:98:70:53:5b:e6:cb:
4c:70:e5:c9:46:96:ba:fe:96:9c:ec:56:b4:76:71:
a5:ba:71:93:75:77:d5:cb:37:7e:ae:25:39:5c:14:
aa:35:4f:32:1f:7b:ee:ad:37:86:16:14:07:bd:3f:
a3:ee:b5:41:f2:86:f1:93:18:df:ab:e6:3d:da:59:
75:e9:d8:aa:52:d3:15:61:18:a9:9e:25:61:39:74:
72:81:b8:5a:9c:ac:64:f2:d3:76:19:0b:e4:e7:e0:
00:8a:49:e0:8b:2f:31:81:d9:6a:56:2e:c0:85:84:
57:54:42:61:cd:4e:d8:b7:ce:f4:ba:25:ff:5c:5e:
8f:9f:0f:e8:e4:f7:4e:3b:5f:ae:88:bc:41:ea:70:
15:a0:9f:f5:6e:2b:96:1b:00:25:90:9c:4e:1c:15:
78:4c:42:66:6a:c6:83:9d:a8:35:7a:b8:10:e0:b1:
c2:f7:5b:d8:85:d1:1e:74:27:a6:a8:80:27:4a:ec:
3d:cd:e8:42:6b:58:e8:58:43:dc:37:22:5c:5d:b5:
92:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B6:8E:BE:B1:C3:FB:C1:E7:A9:5A:BD:95:71:C2:1E:87:41:90:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:e000::/40
Signature Algorithm: sha256WithRSAEncryption
97:9c:bc:a4:c5:cf:58:f4:b3:c9:fb:4a:5b:a4:36:d3:77:b3:
f6:76:0f:0a:6a:c3:b6:36:87:9d:00:a7:a0:4b:3b:bd:67:5a:
00:ec:c2:ae:d4:40:b0:91:ea:7f:81:49:ba:70:14:81:27:e4:
17:e6:6a:4f:d6:f9:dc:f8:df:67:d1:37:7e:57:78:25:1e:b8:
b1:c4:4d:a7:ef:21:1d:2b:19:f4:7d:f4:94:46:22:ea:e6:be:
5e:34:de:97:a3:39:6b:b1:d5:47:e9:37:0c:97:13:79:f0:06:
76:9e:90:a2:c1:d0:59:8c:a9:78:8a:f1:c6:32:2d:c2:f9:92:
94:90:1d:07:c5:05:de:42:db:9c:ef:60:90:2c:a6:af:35:21:
5a:26:ed:13:61:c8:98:86:8d:a5:e7:50:42:88:c7:99:11:92:
58:f3:92:36:97:5c:eb:16:a2:64:91:67:d0:4e:d0:93:18:f7:
41:eb:45:3c:03:8d:1c:52:31:72:e8:d8:bd:c0:0f:96:c9:76:
03:73:59:ad:a0:44:c6:41:0f:47:22:96:f8:49:69:62:ef:6e:
30:04:45:94:5d:0b:de:e6:ba:cd:33:fe:89:5f:e2:5c:3b:88:
44:9c:c1:33:71:53:8f:b2:17:de:aa:df:e6:5a:95:98:cd:09:
3b:f1:b0:51
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUXX4N1AB4MLu2zhIsosyp9LW9+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQxMTZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxODkyZThjMzEyNjg4NzVkNzkxODE4ZWYwZjBlOTE4N2I5MWY5NmZkZTk0
ZmZhOTVmNjI3NjQ3M2U1NGUyNWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJuSdpP2czVE4NeXsbMqw+Gh20rBTJexRyGupr22ZO9Q5/dpkaxf4YNXxF0z
RpEtsa81TvJamHBTW+bLTHDlyUaWuv6WnOxWtHZxpbpxk3V31cs3fq4lOVwUqjVP
Mh977q03hhYUB70/o+61QfKG8ZMY36vmPdpZdenYqlLTFWEYqZ4lYTl0coG4Wpys
ZPLTdhkL5OfgAIpJ4IsvMYHZalYuwIWEV1RCYc1O2LfO9Lol/1xej58P6OT3Tjtf
roi8QepwFaCf9W4rlhsAJZCcThwVeExCZmrGg52oNXq4EOCxwvdb2IXRHnQnpqiA
J0rsPc3oQmtY6FhD3DciXF21ktcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT7to6+
scP7weepWr2VccIeh0GQhTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI1MjBmMmYtN2ZjMC00MWFmLThjNTMtZWMwNjc1YWE4M2QwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G3g
MA0GCSqGSIb3DQEBCwUAA4IBAQCXnLykxc9Y9LPJ+0pbpDbTd7P2dg8KasO2Noed
AKegSzu9Z1oA7MKu1ECwkep/gUm6cBSBJ+QX5mpP1vnc+N9n0Td+V3glHrixxE2n
7yEdKxn0ffSURiLq5r5eNN6XozlrsdVH6TcMlxN58AZ2npCiwdBZjKl4ivHGMi3C
+ZKUkB0HxQXeQtuc72CQLKavNSFaJu0TYciYho2l51BCiMeZEZJY85I2l1zrFqJk
kWfQTtCTGPdB60U8A40cUjFy6Ni9wA+WyXYDc1mtoETGQQ9HIpb4SWli724wBEWU
XQve5rrNM/6JX+JcO4hEnMEzcVOPshfeqt/mWpWYzQk78bBR
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:59 2025 by rpki-client