Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
File: 4dc2c958-c749-4f2f-a83c-b419f7f45487.roa (raw, json)
Hash identifier: Lc04Qh/4KjkPSWAFVLP8gcEYyE+6ydvQot7gLXH9DLI=
Subject key identifier: 11:A9:5D:28:AD:7E:56:F4:A4:12:3C:76:67:B1:5A:66:98:FE:F9:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B8A3B5F51F8ADCB0EE5E9BAABEA30BF9FDFA5EB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
Signing time: Tue 05 Aug 2025 19:51:03 +0000
ROA not before: Tue 05 Aug 2025 19:51:03 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:8a:3b:5f:51:f8:ad:cb:0e:e5:e9:ba:ab:ea:30:bf:9f:df:a5:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:51:03 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=f32af568f2e8d14f2a937120b691a687a4737a6806868814d0a4b2e636eb4927, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:26:76:bf:2f:7c:29:3c:d5:31:67:4f:07:2d:
91:21:70:78:75:92:a5:df:ee:83:df:66:42:2e:17:
af:5f:02:49:e3:93:06:a3:03:fe:b6:6e:5a:56:e8:
a8:85:31:42:e3:fa:38:71:8d:18:36:e5:84:90:e9:
2f:72:a7:34:57:4b:95:82:f6:41:45:d0:3d:c9:c8:
7c:46:74:02:25:44:39:7c:f5:57:96:75:07:c1:c6:
5a:11:84:71:0f:ff:fd:da:b8:ae:50:86:81:51:9b:
0e:c8:df:20:df:58:de:6a:af:cb:e2:04:3b:29:64:
31:9c:e0:7d:fd:3a:f3:70:01:da:43:0a:15:a3:11:
52:9e:96:bc:27:5d:9f:6f:c0:ea:2b:44:aa:5e:5a:
89:c8:b5:4e:22:95:12:77:1b:ea:57:8b:cf:ac:19:
8d:13:07:0f:76:e9:85:3b:ec:d8:88:4d:04:4b:36:
3d:65:17:76:a7:1e:dd:cc:27:a5:85:03:52:f7:41:
03:f7:67:e8:07:52:9d:b8:cd:26:fa:94:5a:01:6f:
5d:e5:50:5d:8d:ac:33:f6:58:61:aa:ee:41:67:42:
eb:cd:70:ad:9f:80:2c:17:70:04:c2:5c:aa:bf:33:
59:18:7a:ed:08:0c:b5:8a:21:b6:a5:7d:da:7a:84:
8d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:A9:5D:28:AD:7E:56:F4:A4:12:3C:76:67:B1:5A:66:98:FE:F9:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
2a:33:58:dc:53:c8:2d:2d:db:bf:77:fe:bb:b3:d6:6f:9b:25:
da:ce:71:7b:d1:71:c9:c6:4f:f1:7d:21:67:b7:21:84:61:a3:
66:29:ad:25:e3:49:a4:3d:8c:fa:5c:e2:b2:27:66:8d:3f:59:
46:eb:9f:1e:ef:87:94:d1:39:17:99:70:41:c6:3c:b4:40:3c:
1b:85:de:f7:3f:d1:80:cf:a8:ff:76:94:cd:f7:da:88:ba:8d:
08:33:b5:e5:d6:6c:55:49:79:28:86:ec:0b:75:f1:f3:4a:80:
22:7f:da:0a:88:82:aa:54:0e:84:f4:48:0e:eb:95:67:13:86:
50:cc:4a:bf:9d:4d:0d:e0:fe:cf:d8:bc:1d:46:25:ee:73:47:
68:22:e1:ea:c6:d1:1f:0e:e2:2c:fd:6b:62:f7:54:f6:81:fe:
72:8b:6b:55:1e:ea:b6:37:ff:2c:e1:a0:86:79:48:2b:4b:b5:
c3:2a:cc:ea:7b:b6:34:5b:60:e7:cb:81:d2:b0:d6:53:7e:c3:
b1:cd:f7:05:79:cf:5e:15:17:8f:23:44:55:e7:71:3b:ad:a2:
73:c1:27:43:b3:56:b0:48:1e:f3:e6:05:31:a5:8f:fe:ec:02:
a7:50:17:e1:97:e9:dc:04:4c:06:24:f3:56:f2:99:3c:12:38:
95:b0:5c:6e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUa4o7X1H4rcsO5em6q+owv5/fpeswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUxMDNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzMmFmNTY4ZjJlOGQxNGYyYTkzNzEyMGI2OTFhNjg3YTQ3MzdhNjgwNjg2
ODgxNGQwYTRiMmU2MzZlYjQ5MjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEmdr8vfCk81TFnTwctkSFweHWSpd/ug99mQi4Xr18CSeOTBqMD/rZuWlbo
qIUxQuP6OHGNGDblhJDpL3KnNFdLlYL2QUXQPcnIfEZ0AiVEOXz1V5Z1B8HGWhGE
cQ///dq4rlCGgVGbDsjfIN9Y3mqvy+IEOylkMZzgff0683AB2kMKFaMRUp6WvCdd
n2/A6itEql5aici1TiKVEncb6leLz6wZjRMHD3bphTvs2IhNBEs2PWUXdqce3cwn
pYUDUvdBA/dn6AdSnbjNJvqUWgFvXeVQXY2sM/ZYYaruQWdC681wrZ+ALBdwBMJc
qr8zWRh67QgMtYohtqV92nqEjZcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQRqV0o
rX5W9KQSPHZnsVpmmP75uzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGRjMmM5NTgtYzc0OS00ZjJmLWE4M2MtYjQxOWY3ZjQ1NDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hrg
MA0GCSqGSIb3DQEBCwUAA4IBAQAqM1jcU8gtLdu/d/67s9ZvmyXaznF70XHJxk/x
fSFntyGEYaNmKa0l40mkPYz6XOKyJ2aNP1lG658e74eU0TkXmXBBxjy0QDwbhd73
P9GAz6j/dpTN99qIuo0IM7Xl1mxVSXkohuwLdfHzSoAif9oKiIKqVA6E9EgO65Vn
E4ZQzEq/nU0N4P7P2LwdRiXuc0doIuHqxtEfDuIs/Wti91T2gf5yi2tVHuq2N/8s
4aCGeUgrS7XDKszqe7Y0W2Dny4HSsNZTfsOxzfcFec9eFRePI0RV53E7raJzwSdD
s1awSB7z5gUxpY/+7AKnUBfhl+ncBEwGJPNW8pk8EjiVsFxu
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:56 2025 by rpki-client