Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
File: 4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa (raw, json)
Hash identifier: wC1v9VYQOHCPNZu2BTUwdOmpQal8tcqBNsZF/Y7Qkno=
Subject key identifier: 65:80:86:E0:E5:80:89:19:D7:94:D3:D0:22:83:7C:E2:D6:1A:C4:F0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4494E1C07AAB6FBDFDE6B9796B73AC5AB4A26EF7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
Signing time: Fri 22 Aug 2025 15:10:08 +0000
ROA not before: Fri 22 Aug 2025 15:10:08 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:94:e1:c0:7a:ab:6f:bd:fd:e6:b9:79:6b:73:ac:5a:b4:a2:6e:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:08 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=07f12524e0258ee087ce81e26807fec4ac752327f8cda609e875469e62cf95e2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:2d:55:90:50:16:88:6c:80:6b:de:39:41:91:
35:d9:0a:6d:0a:ef:40:cf:71:a0:84:b3:64:7b:d4:
c9:54:65:d0:a9:d2:b8:94:27:52:48:c2:31:e0:8d:
67:58:08:af:e8:68:c0:0f:95:52:cb:02:30:46:2d:
05:67:3b:ab:50:db:fb:f9:c5:2a:10:e5:85:60:13:
5d:16:f2:7f:4a:62:79:59:8b:3b:47:e8:f1:b9:08:
5d:09:a1:28:bb:cd:f6:51:ce:46:71:1f:d6:c4:8b:
3c:e5:12:d0:cb:4b:97:ae:43:6c:eb:4a:5c:5b:7a:
06:7a:0f:d5:8c:ae:c9:51:a2:3e:7e:32:6d:33:6e:
23:6b:e1:a6:08:50:4b:f5:07:14:c1:9d:e5:60:23:
00:23:da:fc:11:0c:ac:d0:88:08:1e:9b:19:8a:84:
80:c5:79:76:a0:34:b5:8d:52:07:50:e7:6d:10:5e:
33:a7:ee:53:ec:90:3d:7f:85:ca:e6:f5:84:e7:b9:
25:a7:09:43:fa:ba:6c:5f:40:92:47:55:f2:af:b1:
15:8d:42:fc:15:8c:07:6f:4c:c8:9e:26:01:04:18:
94:32:d4:22:33:f9:8b:c9:3d:52:8f:28:6e:de:fa:
3c:91:ad:04:48:44:cf:20:7f:b4:e4:ac:ab:b3:71:
4f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:80:86:E0:E5:80:89:19:D7:94:D3:D0:22:83:7C:E2:D6:1A:C4:F0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:a000::/40
Signature Algorithm: sha256WithRSAEncryption
19:b4:cc:78:1a:02:06:a7:5c:86:fb:a3:8a:dc:6b:a9:86:55:
01:78:8f:ea:32:13:18:8e:b2:53:08:2a:ec:53:07:70:69:2f:
cc:a8:10:52:e0:0f:10:06:a9:26:66:ef:82:60:24:85:fd:ad:
fd:eb:fc:8c:c1:e0:79:84:5f:1c:0a:a9:76:51:5a:25:0a:59:
09:5a:8f:3f:8f:25:e7:e2:99:8a:76:ca:a4:12:f7:b2:f9:7c:
33:fd:43:6b:59:9a:c0:e1:99:7e:ae:85:b7:77:d8:a5:6e:1e:
5b:4a:e3:c1:b3:ad:a3:71:b0:27:3d:ba:25:0f:6d:e4:2c:34:
74:77:55:6d:94:66:da:ef:e2:a6:ef:c2:05:75:c2:58:97:b4:
5a:e1:d0:d7:33:0a:1e:24:b0:e3:78:fd:d5:dc:1a:ab:c0:a5:
77:ab:fe:ef:97:e9:b1:a4:e9:e0:90:09:19:c2:22:29:78:1e:
38:d6:77:7f:43:5b:57:d6:99:e9:1e:29:c5:cc:e7:27:98:17:
33:8b:dd:58:0c:01:de:d7:dc:d3:7d:50:38:ae:e1:98:d9:cf:
3d:85:73:f2:cf:2c:92:f1:eb:cb:0a:c4:bc:f7:71:52:87:40:
05:c6:57:ea:cf:47:d7:4f:2d:b2:b2:c7:49:1a:a6:6c:fe:96:
92:aa:3d:d6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURJThwHqrb7395rl5a3OsWrSibvcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwMDhaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3ZjEyNTI0ZTAyNThlZTA4N2NlODFlMjY4MDdmZWM0YWM3NTIzMjdmOGNk
YTYwOWU4NzU0NjllNjJjZjk1ZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN8tVZBQFohsgGveOUGRNdkKbQrvQM9xoISzZHvUyVRl0KnSuJQnUkjCMeCN
Z1gIr+howA+VUssCMEYtBWc7q1Db+/nFKhDlhWATXRbyf0pieVmLO0fo8bkIXQmh
KLvN9lHORnEf1sSLPOUS0MtLl65DbOtKXFt6BnoP1YyuyVGiPn4ybTNuI2vhpghQ
S/UHFMGd5WAjACPa/BEMrNCICB6bGYqEgMV5dqA0tY1SB1DnbRBeM6fuU+yQPX+F
yub1hOe5JacJQ/q6bF9AkkdV8q+xFY1C/BWMB29MyJ4mAQQYlDLUIjP5i8k9Uo8o
bt76PJGtBEhEzyB/tOSsq7NxT50CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRlgIbg
5YCJGdeU09Aig3zi1hrE8DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGJhNTRlNGYtMDI5NC00ZTgzLTgwMzctN2QyNjZjMzdmMGM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCg
MA0GCSqGSIb3DQEBCwUAA4IBAQAZtMx4GgIGp1yG+6OK3GuphlUBeI/qMhMYjrJT
CCrsUwdwaS/MqBBS4A8QBqkmZu+CYCSF/a396/yMweB5hF8cCql2UVolClkJWo8/
jyXn4pmKdsqkEvey+Xwz/UNrWZrA4Zl+roW3d9ilbh5bSuPBs62jcbAnPbolD23k
LDR0d1VtlGba7+Km78IFdcJYl7Ra4dDXMwoeJLDjeP3V3BqrwKV3q/7vl+mxpOng
kAkZwiIpeB441nd/Q1tX1pnpHinFzOcnmBczi91YDAHe19zTfVA4ruGY2c89hXPy
zyyS8evLCsS893FSh0AFxlfqz0fXTy2yssdJGqZs/paSqj3W
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:35:23 2025 by rpki-client