Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c5783ee-ddea-4cae-b6f4-3d26d328b36c.roa
File: 4c5783ee-ddea-4cae-b6f4-3d26d328b36c.roa (raw, json)
Hash identifier: ZWypBxyTbUaNU3LfSURZntBbMVoZXxNgccMds/RKCbE=
Subject key identifier: 21:98:1A:4D:5F:77:0A:2F:28:CB:39:DA:0E:C6:B0:8D:E1:B2:4A:12
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5DFAC928C64A1740836872A23F7419B7E56DC317
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c5783ee-ddea-4cae-b6f4-3d26d328b36c.roa
Signing time: Tue 05 Aug 2025 18:51:21 +0000
ROA not before: Tue 05 Aug 2025 18:51:21 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:fa:c9:28:c6:4a:17:40:83:68:72:a2:3f:74:19:b7:e5:6d:c3:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:51:21 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=a719cef212521c2c6e014d627ca8c79914bd3dbb5a573eebad7e5bdb03301a6f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:27:3e:21:5b:e3:a4:8c:0a:fd:6a:64:f9:0b:
49:cc:46:20:72:1c:c5:96:6e:04:1a:02:02:fb:e7:
ed:72:2d:9b:5b:2f:e4:77:c6:f3:45:f1:6c:b1:7e:
b3:21:d1:05:8a:44:0e:f1:7e:79:e6:4d:ac:3a:a4:
be:f8:50:de:6d:82:c6:71:e0:1e:00:a6:31:73:ac:
6e:ca:49:73:9f:6d:9f:94:19:48:7e:0e:09:b6:28:
41:f9:8b:aa:ab:ab:92:fa:6d:76:82:bd:7e:f0:a8:
e1:ad:92:8b:80:6a:b0:c3:3f:17:73:49:b9:22:a3:
9d:b1:27:98:c6:a7:44:17:78:93:1e:96:84:10:08:
6b:61:01:2b:07:a3:1b:5d:f5:cf:de:39:cc:5b:75:
39:d5:be:d4:32:4e:b7:67:d3:ff:03:80:d5:73:2c:
73:a9:b9:a5:f7:7a:b5:87:bb:b7:d7:34:e9:f3:30:
3b:66:7a:26:a8:51:c2:07:f4:54:ad:2f:20:39:44:
60:53:13:12:42:05:f9:56:96:bd:fd:41:00:c9:1c:
0b:15:0f:06:9a:bf:04:d8:9b:f1:a3:c3:4c:30:37:
78:fb:d8:cf:d7:39:41:05:2e:74:57:90:2e:cf:b6:
da:7e:d2:a5:49:68:ef:b4:0b:9a:7b:d5:81:f6:ba:
af:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:98:1A:4D:5F:77:0A:2F:28:CB:39:DA:0E:C6:B0:8D:E1:B2:4A:12
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c5783ee-ddea-4cae-b6f4-3d26d328b36c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
7d:6f:e3:0d:14:4f:cd:6c:b4:a8:f5:00:5a:0c:85:1e:f4:93:
3d:12:d5:9b:41:8d:1b:9a:dc:85:38:a7:2d:00:37:d7:e7:9b:
67:ef:79:a3:8f:b4:42:e6:18:d5:2f:36:9a:c2:06:8c:a6:25:
0c:3a:60:9c:84:62:22:23:76:c3:73:7d:92:17:d0:52:c0:e8:
9c:08:cd:26:4b:69:85:bb:f7:d5:6f:dd:a0:06:da:6f:0b:d0:
bc:48:46:1c:93:1c:fb:55:fb:77:15:d7:61:ea:83:c4:14:4d:
18:56:59:8b:ee:13:82:9e:47:99:36:63:27:60:6d:39:16:6b:
6a:d6:c1:1d:7f:c8:a3:61:fd:c2:f6:55:e2:f3:cf:1e:8e:bb:
7d:5c:b9:e0:63:95:a1:ae:64:2c:ad:72:39:3a:9c:7c:c2:2b:
65:03:e2:46:3a:3e:3a:61:a1:5e:c4:9b:43:21:12:7a:1e:cd:
60:db:30:b6:b0:71:f1:23:1a:3a:a0:ad:65:fd:5a:ae:24:e0:
b5:72:89:38:18:1e:9d:85:7e:63:f1:85:b7:75:f8:21:5f:80:
8c:24:93:f0:c6:21:94:f2:fe:a0:0b:b4:2d:d4:cc:f4:5d:c8:
3b:b5:6e:ef:0e:cf:e7:52:45:87:a5:e8:c6:8d:3e:a9:e6:91:
67:68:f8:cb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXfrJKMZKF0CDaHKiP3QZt+VtwxcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODUxMjFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3MTljZWYyMTI1MjFjMmM2ZTAxNGQ2MjdjYThjNzk5MTRiZDNkYmI1YTU3
M2VlYmFkN2U1YmRiMDMzMDFhNmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJQnPiFb46SMCv1qZPkLScxGIHIcxZZuBBoCAvvn7XItm1sv5HfG80XxbLF+
syHRBYpEDvF+eeZNrDqkvvhQ3m2CxnHgHgCmMXOsbspJc59tn5QZSH4OCbYoQfmL
qqurkvptdoK9fvCo4a2Si4BqsMM/F3NJuSKjnbEnmManRBd4kx6WhBAIa2EBKwej
G131z945zFt1OdW+1DJOt2fT/wOA1XMsc6m5pfd6tYe7t9c06fMwO2Z6JqhRwgf0
VK0vIDlEYFMTEkIF+VaWvf1BAMkcCxUPBpq/BNib8aPDTDA3ePvYz9c5QQUudFeQ
Ls+22n7SpUlo77QLmnvVgfa6r+8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQhmBpN
X3cKLyjLOdoOxrCN4bJKEjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM1NzgzZWUtZGRlYS00Y2FlLWI2ZjQtM2QyNmQzMjhiMzZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGg
wDANBgkqhkiG9w0BAQsFAAOCAQEAfW/jDRRPzWy0qPUAWgyFHvSTPRLVm0GNG5rc
hTinLQA31+ebZ+95o4+0QuYY1S82msIGjKYlDDpgnIRiIiN2w3N9khfQUsDonAjN
Jktphbv31W/doAbabwvQvEhGHJMc+1X7dxXXYeqDxBRNGFZZi+4Tgp5HmTZjJ2Bt
ORZratbBHX/Io2H9wvZV4vPPHo67fVy54GOVoa5kLK1yOTqcfMIrZQPiRjo+OmGh
XsSbQyESeh7NYNswtrBx8SMaOqCtZf1ariTgtXKJOBgenYV+Y/GFt3X4IV+AjCST
8MYhlPL+oAu0LdTM9F3IO7Vu7w7P51JFh6Xoxo0+qeaRZ2j4yw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:17 2025 by rpki-client