Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cb86308-98a0-48e5-8825-d398c0ce8099.roa
File: 4cb86308-98a0-48e5-8825-d398c0ce8099.roa (raw, json)
Hash identifier: qxMF8/9/rFOA7N60c0c7Mc5Do2BoZlhcL4ksNC7u2c4=
Subject key identifier: 00:B6:A8:91:DE:0D:D3:0E:65:44:C8:CB:10:32:E1:36:3D:88:9D:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59A1DC14D5C5F4A43A33EA28DAFC7727FF5B729E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cb86308-98a0-48e5-8825-d398c0ce8099.roa
Signing time: Tue 05 Aug 2025 19:20:19 +0000
ROA not before: Tue 05 Aug 2025 19:20:19 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:a1:dc:14:d5:c5:f4:a4:3a:33:ea:28:da:fc:77:27:ff:5b:72:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:20:19 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=4bb610384a02303f1957f6595c40d4e922beee43a6ad13e6421606a298f64545, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b7:ba:a7:c9:fd:05:2c:a2:15:f4:c2:50:0d:
95:11:45:06:7f:f1:cf:7f:da:7b:a1:67:0f:99:b2:
11:d4:c5:4c:b4:cc:52:72:b3:0d:79:06:10:03:c6:
0c:1c:c7:a1:e5:aa:3e:99:0c:f8:47:f6:1a:6e:52:
da:38:20:67:97:ae:25:2b:79:c3:2d:ac:46:b5:f3:
0c:61:ea:b9:a0:62:cc:44:dd:c0:22:bb:83:8e:13:
f1:01:fb:e9:21:29:66:59:77:2a:c1:c5:a9:85:df:
a0:d2:aa:64:13:86:55:83:8d:f1:24:eb:2e:86:78:
d6:ae:ec:28:84:dc:ea:24:c4:a7:a3:7c:60:2a:ef:
52:a5:0f:5d:cf:4b:62:8f:cd:02:69:00:f6:60:5d:
99:14:73:ef:a3:55:6a:b9:9b:e5:5f:6d:7f:50:24:
0b:42:ed:dd:05:3e:e4:94:3e:cf:70:fa:0a:75:32:
00:a6:1e:17:fe:47:6f:01:b6:31:8f:57:88:8c:29:
e9:43:17:f3:b9:4b:cf:8f:8a:96:bc:99:de:56:98:
a8:87:4a:21:15:f9:6d:da:cd:eb:76:aa:d5:9b:45:
7f:be:6b:b1:be:50:38:e6:68:9e:7f:64:38:9d:e7:
2a:d0:d4:bb:d3:4b:2b:d6:48:d3:44:3a:c2:f7:da:
62:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B6:A8:91:DE:0D:D3:0E:65:44:C8:CB:10:32:E1:36:3D:88:9D:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cb86308-98a0-48e5-8825-d398c0ce8099.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:5080::/48
Signature Algorithm: sha256WithRSAEncryption
4b:0d:54:f2:2a:7e:72:a5:77:1d:d9:ef:b8:8b:f9:4c:95:9e:
86:5e:49:3f:97:4c:06:f4:ba:1a:6e:52:59:25:58:c8:1d:11:
cf:ae:e5:9d:62:43:da:39:b2:2b:9d:73:b0:f2:da:47:9a:37:
11:50:e2:a6:5d:09:5b:4b:23:2c:f5:1b:27:69:ac:fb:79:f7:
7c:61:38:8b:75:04:46:e9:78:d4:6a:a8:99:a2:d3:31:5d:e6:
23:65:5e:7f:ef:c6:5c:d9:f8:31:5b:ff:b5:cb:0a:bb:4e:89:
8a:ad:da:28:46:50:66:51:ba:34:d9:43:52:a5:5a:12:c5:90:
69:4e:2c:1c:17:de:19:d2:42:d1:9c:3b:e4:2a:db:0f:2f:e8:
e5:6d:1b:b0:53:74:46:04:b9:d8:68:a1:c8:cd:ea:56:6e:b5:
d5:d5:c4:db:18:fa:da:e4:93:2a:15:1e:95:65:0a:4b:74:ee:
2b:49:b2:87:44:1a:a1:85:77:be:e7:b8:38:3d:25:23:27:89:
4f:91:51:65:db:cd:9c:88:6b:b3:f2:a2:91:0d:f6:30:03:79:
7e:08:3a:8a:83:4e:b7:93:c3:bb:fd:73:23:fd:55:ae:b2:18:
bf:98:9a:b0:8d:57:4d:7b:86:7f:47:0a:fa:8d:6f:2b:26:e0:
84:b7:e9:55
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWaHcFNXF9KQ6M+oo2vx3J/9bcp4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIwMTlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiYjYxMDM4NGEwMjMwM2YxOTU3ZjY1OTVjNDBkNGU5MjJiZWVlNDNhNmFk
MTNlNjQyMTYwNmEyOThmNjQ1NDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKi3uqfJ/QUsohX0wlANlRFFBn/xz3/ae6FnD5myEdTFTLTMUnKzDXkGEAPG
DBzHoeWqPpkM+Ef2Gm5S2jggZ5euJSt5wy2sRrXzDGHquaBizETdwCK7g44T8QH7
6SEpZll3KsHFqYXfoNKqZBOGVYON8STrLoZ41q7sKITc6iTEp6N8YCrvUqUPXc9L
Yo/NAmkA9mBdmRRz76NVarmb5V9tf1AkC0Lt3QU+5JQ+z3D6CnUyAKYeF/5HbwG2
MY9XiIwp6UMX87lLz4+KlryZ3laYqIdKIRX5bdrN63aq1ZtFf75rsb5QOOZonn9k
OJ3nKtDUu9NLK9ZI00Q6wvfaYn8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQAtqiR
3g3TDmVEyMsQMuE2PYidiDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNiODYzMDgtOThhMC00OGU1LTg4MjUtZDM5OGMwY2U4MDk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABQ
gDANBgkqhkiG9w0BAQsFAAOCAQEASw1U8ip+cqV3HdnvuIv5TJWehl5JP5dMBvS6
Gm5SWSVYyB0Rz67lnWJD2jmyK51zsPLaR5o3EVDipl0JW0sjLPUbJ2ms+3n3fGE4
i3UERul41GqomaLTMV3mI2Vef+/GXNn4MVv/tcsKu06Jiq3aKEZQZlG6NNlDUqVa
EsWQaU4sHBfeGdJC0Zw75CrbDy/o5W0bsFN0RgS52GihyM3qVm611dXE2xj62uST
KhUelWUKS3TuK0myh0QaoYV3vue4OD0lIyeJT5FRZdvNnIhrs/KikQ32MAN5fgg6
ioNOt5PDu/1zI/1VrrIYv5iasI1XTXuGf0cK+o1vKybghLfpVQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:03:51 2025 by rpki-client