Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/546828d4-9f43-44c2-bff8-aafeddca4e25.roa
File: 546828d4-9f43-44c2-bff8-aafeddca4e25.roa (raw, json)
Hash identifier: 0pFnjVM/VozGQzE6586F0do960wcCs9HXrgZqNNErZI=
Subject key identifier: 29:B0:79:6B:46:A9:ED:15:A5:3A:83:B3:4B:87:7A:A9:ED:5C:C9:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D5531C46A1C8B53E01CF1904A31A88943FF4B46
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/546828d4-9f43-44c2-bff8-aafeddca4e25.roa
Signing time: Tue 05 Aug 2025 19:20:12 +0000
ROA not before: Tue 05 Aug 2025 19:20:12 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:55:31:c4:6a:1c:8b:53:e0:1c:f1:90:4a:31:a8:89:43:ff:4b:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:20:12 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=1ece44b0949fb0b47b0d9a50f878adc7d207bf3155f9ade4c3508b562a81a56e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:af:90:ed:f0:41:4f:a2:56:9d:56:98:11:c6:
ac:a0:03:d2:e3:7a:67:16:5f:cf:e5:29:41:b3:ad:
74:17:b6:4a:5c:6e:09:e9:ad:05:cf:a8:6d:af:8f:
84:1c:f1:8a:b1:3f:9d:46:19:69:f5:18:3e:da:05:
eb:c8:75:ba:dd:41:2f:7d:22:d2:55:0f:a9:b0:8a:
22:7c:1a:f4:ce:88:f0:88:95:f4:6d:e7:c2:f5:d0:
17:cf:d4:87:04:42:9a:91:66:88:e2:75:94:40:bb:
79:95:ec:08:8f:d4:82:a8:bc:55:35:ae:14:7f:17:
15:52:8c:fa:b2:15:c0:13:47:f1:d8:96:2d:89:e0:
ec:32:20:de:91:2c:25:77:01:7a:a5:c2:4c:a4:bd:
22:95:db:a9:c1:03:68:c6:4d:3c:9d:12:6d:e3:a0:
ea:99:30:10:d2:5c:37:68:5d:2e:02:53:76:0f:62:
26:36:49:4e:25:17:1a:f8:85:99:19:1b:2e:62:83:
58:fa:51:de:9e:95:70:1c:2c:7d:94:c1:4d:94:32:
fa:d4:22:62:59:eb:46:05:ad:f9:82:76:cf:1b:70:
2f:2e:07:4d:88:b2:b2:f6:87:89:c4:01:7b:49:f8:
3c:c0:72:0d:3c:55:4e:d0:83:4a:84:67:fd:f6:88:
bb:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B0:79:6B:46:A9:ED:15:A5:3A:83:B3:4B:87:7A:A9:ED:5C:C9:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/546828d4-9f43-44c2-bff8-aafeddca4e25.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e040::/48
Signature Algorithm: sha256WithRSAEncryption
12:4e:db:ce:20:16:2d:3d:84:0f:19:d8:a0:22:17:52:0a:fe:
03:e3:24:1c:e9:ea:23:c8:9d:ce:52:58:f6:13:f2:59:fe:21:
31:6c:60:aa:af:14:a6:61:86:1c:56:56:59:b8:d5:c4:d2:8c:
b8:88:95:51:f0:3d:7d:7f:f7:4b:48:da:04:aa:55:ff:6b:72:
72:96:9b:07:86:06:b2:83:1e:37:18:09:05:53:7d:39:6f:17:
cb:39:f7:27:36:b9:38:93:47:4f:b5:5b:b2:be:ba:46:14:ca:
b9:e1:01:0f:e6:61:3b:0c:e6:ea:21:e3:73:9a:03:e4:16:5d:
a0:f1:46:42:23:3a:35:3b:94:17:1b:20:ca:da:e0:82:d6:a3:
90:c8:98:d0:58:94:24:27:00:c1:b1:ce:d8:98:7a:69:d2:04:
9d:6b:b9:47:ca:98:7b:0a:4f:77:15:8e:7e:2d:e0:4c:db:9d:
cd:a1:e2:db:c7:f0:77:23:70:36:d1:1a:2d:b7:4d:91:f4:8c:
c5:61:57:a8:94:a9:57:33:79:29:a0:50:1a:9d:fc:47:93:8f:
b6:a3:65:47:e4:78:5c:77:9d:bc:3f:00:ce:fc:9c:d6:f8:ad:
59:9f:67:26:5b:41:0a:9e:40:70:b2:dd:74:ee:0a:6e:f8:56:
c7:49:42:2c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbVUxxGoci1PgHPGQSjGoiUP/S0YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIwMTJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlY2U0NGIwOTQ5ZmIwYjQ3YjBkOWE1MGY4NzhhZGM3ZDIwN2JmMzE1NWY5
YWRlNGMzNTA4YjU2MmE4MWE1NmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIKvkO3wQU+iVp1WmBHGrKAD0uN6ZxZfz+UpQbOtdBe2SlxuCemtBc+oba+P
hBzxirE/nUYZafUYPtoF68h1ut1BL30i0lUPqbCKInwa9M6I8IiV9G3nwvXQF8/U
hwRCmpFmiOJ1lEC7eZXsCI/Ugqi8VTWuFH8XFVKM+rIVwBNH8diWLYng7DIg3pEs
JXcBeqXCTKS9IpXbqcEDaMZNPJ0SbeOg6pkwENJcN2hdLgJTdg9iJjZJTiUXGviF
mRkbLmKDWPpR3p6VcBwsfZTBTZQy+tQiYlnrRgWt+YJ2zxtwLy4HTYiysvaHicQB
e0n4PMByDTxVTtCDSoRn/faIu4cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQpsHlr
RqntFaU6g7NLh3qp7VzJgzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQ2ODI4ZDQtOWY0My00NGMyLWJmZjgtYWFmZWRkY2E0ZTI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
QDANBgkqhkiG9w0BAQsFAAOCAQEAEk7bziAWLT2EDxnYoCIXUgr+A+MkHOnqI8id
zlJY9hPyWf4hMWxgqq8UpmGGHFZWWbjVxNKMuIiVUfA9fX/3S0jaBKpV/2tycpab
B4YGsoMeNxgJBVN9OW8Xyzn3Jza5OJNHT7Vbsr66RhTKueEBD+ZhOwzm6iHjc5oD
5BZdoPFGQiM6NTuUFxsgytrggtajkMiY0FiUJCcAwbHO2Jh6adIEnWu5R8qYewpP
dxWOfi3gTNudzaHi28fwdyNwNtEaLbdNkfSMxWFXqJSpVzN5KaBQGp38R5OPtqNl
R+R4XHedvD8Azvyc1vitWZ9nJltBCp5AcLLddO4KbvhWx0lCLA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:34 2025 by rpki-client