Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e0cbb15-3cb7-449b-953a-b40949bdc32b.roa
File: 4e0cbb15-3cb7-449b-953a-b40949bdc32b.roa (raw, json)
Hash identifier: ERl1Tg4zKbYaKND3z0fDH4CUBsTCe/akb8pNOi2uvRQ=
Subject key identifier: 76:6A:D3:DC:BA:6E:A1:9D:8C:0A:ED:5C:A5:30:0A:65:D1:2E:34:27
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7ED33E18086DBC039848A462CE3A3C38CAF20003
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e0cbb15-3cb7-449b-953a-b40949bdc32b.roa
Signing time: Wed 06 Aug 2025 00:50:48 +0000
ROA not before: Wed 06 Aug 2025 00:50:48 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:d3:3e:18:08:6d:bc:03:98:48:a4:62:ce:3a:3c:38:ca:f2:00:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:48 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=2f4ada32e48368ac1426e253d8e3ec8b38343cee4f481609a0edd311e9acca1b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ae:25:fb:f5:07:38:7a:14:86:09:91:6a:4e:
c0:53:46:5e:3e:f3:b2:86:bb:12:69:36:2a:30:23:
f7:99:f1:4d:89:45:84:c3:2d:9e:97:35:88:93:3c:
ae:5f:f7:7d:69:89:46:7b:d5:5e:70:c7:f1:b7:24:
81:06:a4:39:86:b9:8a:af:d4:90:8c:df:15:b1:0e:
68:6a:48:36:0b:49:ac:bf:65:94:a8:61:43:80:01:
ce:45:30:51:98:00:d4:c7:b4:25:05:ed:8c:9a:ad:
a2:7a:6a:41:33:27:d9:43:62:33:93:77:9b:2b:ea:
01:6c:e3:c3:1d:e8:3c:c5:43:6d:39:16:f4:31:31:
4f:08:f0:ba:91:b6:0a:73:21:af:4d:6e:92:ae:68:
d1:98:0c:7a:0a:8d:9d:93:8b:a8:16:67:1b:fd:02:
69:50:76:1e:48:b1:c0:16:89:5b:d2:40:a6:d1:cd:
fd:34:3b:6e:cc:83:81:e9:0d:bf:0d:cc:0c:d1:9e:
0c:a1:9f:00:f5:4d:e6:c4:55:3d:84:b3:12:fa:91:
ae:a5:f6:a4:0d:ee:bf:77:ff:d5:0c:34:52:3f:74:
f2:33:66:6f:d4:b2:1b:c6:e2:11:23:36:5f:96:00:
1b:6a:15:c4:07:b5:43:02:a6:ed:d0:9d:ae:1e:d4:
b6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:6A:D3:DC:BA:6E:A1:9D:8C:0A:ED:5C:A5:30:0A:65:D1:2E:34:27
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e0cbb15-3cb7-449b-953a-b40949bdc32b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:9000::/40
Signature Algorithm: sha256WithRSAEncryption
81:19:8c:94:36:0a:4e:8d:7f:17:89:75:32:3a:c7:ce:20:d3:
69:f5:27:a5:0e:3f:94:20:16:98:ab:ca:bb:05:22:6c:22:c9:
23:c5:30:ae:c6:eb:13:15:00:bf:6e:63:62:82:48:3e:13:90:
c7:51:d6:e6:c0:1e:79:be:0a:d4:a7:eb:12:9a:8b:ec:98:51:
48:99:05:3b:39:bb:6b:d3:ea:98:2d:24:36:00:ad:a0:51:b9:
e0:87:5f:69:49:1b:c8:ba:2b:9c:7c:32:18:4c:26:d1:a4:0b:
8e:1d:d9:d3:a5:07:ef:64:bf:f4:94:0f:3d:64:7b:0f:57:de:
f4:ad:e6:95:86:37:fe:93:8a:b2:ba:ef:fb:99:7d:b8:5c:19:
d1:e4:8c:f0:f5:a3:3b:69:6f:26:33:39:70:ec:19:c3:57:d9:
15:51:64:96:4c:75:84:8a:c7:07:7f:c6:e6:c5:f3:71:c5:80:
ec:fe:b4:dd:3f:cb:21:6a:d0:d4:b8:64:e4:8a:4c:89:60:c6:
61:e7:40:8f:c1:ba:3b:0b:18:c5:68:c9:d1:6b:e0:25:c2:d2:
d3:e6:8e:c5:39:79:92:1e:82:92:fd:cd:5b:b9:48:f9:50:8a:
89:f1:54:82:50:28:83:82:9a:71:cd:03:c2:c6:f7:75:2e:d0:
30:6f:c1:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUftM+GAhtvAOYSKRizjo8OMryAAMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwNDhaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmNGFkYTMyZTQ4MzY4YWMxNDI2ZTI1M2Q4ZTNlYzhiMzgzNDNjZWU0ZjQ4
MTYwOWEwZWRkMzExZTlhY2NhMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6uJfv1Bzh6FIYJkWpOwFNGXj7zsoa7Emk2KjAj95nxTYlFhMMtnpc1iJM8
rl/3fWmJRnvVXnDH8bckgQakOYa5iq/UkIzfFbEOaGpINgtJrL9llKhhQ4ABzkUw
UZgA1Me0JQXtjJqtonpqQTMn2UNiM5N3myvqAWzjwx3oPMVDbTkW9DExTwjwupG2
CnMhr01ukq5o0ZgMegqNnZOLqBZnG/0CaVB2HkixwBaJW9JAptHN/TQ7bsyDgekN
vw3MDNGeDKGfAPVN5sRVPYSzEvqRrqX2pA3uv3f/1Qw0Uj908jNmb9SyG8biESM2
X5YAG2oVxAe1QwKm7dCdrh7UtjMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR2atPc
um6hnYwK7VylMApl0S40JzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGUwY2JiMTUtM2NiNy00NDliLTk1M2EtYjQwOTQ5YmRjMzJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCBGYyUNgpOjX8XiXUyOsfOINNp9SelDj+UIBaY
q8q7BSJsIskjxTCuxusTFQC/bmNigkg+E5DHUdbmwB55vgrUp+sSmovsmFFImQU7
Obtr0+qYLSQ2AK2gUbngh19pSRvIuiucfDIYTCbRpAuOHdnTpQfvZL/0lA89ZHsP
V970reaVhjf+k4qyuu/7mX24XBnR5Izw9aM7aW8mMzlw7BnDV9kVUWSWTHWEiscH
f8bmxfNxxYDs/rTdP8shatDUuGTkikyJYMZh50CPwbo7CxjFaMnRa+AlwtLT5o7F
OXmSHoKS/c1buUj5UIqJ8VSCUCiDgppxzQPCxvd1LtAwb8FU
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:11 2025 by rpki-client