Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa
File: 8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa (raw, json)
Hash identifier: FTYQ+qWZUCKNdOYhkInc18lpQZfdW6jMlieMvJ3BfPM=
Subject key identifier: E8:CB:8B:32:FA:D4:76:F4:92:88:E3:D2:FD:9D:B1:D6:20:14:6D:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B14BC654F53DBD9C67DCD1552DE4B262369455C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa
Signing time: Wed 06 Aug 2025 00:50:55 +0000
ROA not before: Wed 06 Aug 2025 00:50:55 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:14:bc:65:4f:53:db:d9:c6:7d:cd:15:52:de:4b:26:23:69:45:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:55 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=54578436471ae3c714eea2a9dea12ad63e2799b6770aa2763f428d97e80782c9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d5:47:37:19:56:26:2a:e5:3b:af:b8:42:94:
fb:3d:17:4f:ff:92:ba:e4:5d:2e:7d:fb:10:ed:ae:
e0:77:47:54:c0:01:bf:ba:8a:17:1f:56:2b:27:4d:
97:ba:42:2d:b1:28:3c:61:c3:62:c1:52:1d:99:0a:
c9:91:15:67:c6:a7:89:8f:f2:f1:bd:8f:92:a4:1c:
c0:3f:83:74:f5:26:53:c4:9b:3e:3a:f3:7a:80:e5:
22:1b:9d:ca:ee:e7:b4:55:e9:43:55:54:c5:3a:d6:
5a:08:05:0c:33:22:05:89:70:0a:7f:4d:b0:02:73:
21:df:bd:9d:9f:e3:80:3b:7c:30:07:3a:99:49:98:
89:65:3d:60:01:4e:7b:a8:fe:94:6e:8b:39:a7:3f:
53:53:58:bf:79:16:b4:43:1a:cf:34:ee:12:6a:1f:
0e:86:27:5f:59:49:91:d7:1b:25:e8:34:9c:52:bf:
3b:8c:0f:04:1c:c5:a6:ea:b2:f5:55:e9:bd:bd:9e:
df:4e:d2:b8:2c:6f:ef:11:cf:d7:c6:1e:d0:56:24:
36:bd:24:09:91:80:82:e3:f9:98:b9:fa:9d:28:31:
e5:63:f0:c8:d0:ca:0c:f0:74:8e:d2:07:6e:30:2c:
fa:19:b8:3b:c6:4a:f4:88:f2:72:ed:f4:c6:9c:83:
d0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:CB:8B:32:FA:D4:76:F4:92:88:E3:D2:FD:9D:B1:D6:20:14:6D:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8a57e982-c6b8-4aa7-b30a-38bed64dfc31.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:8000::/40
Signature Algorithm: sha256WithRSAEncryption
1f:50:c4:e9:26:96:e0:36:0a:75:27:c0:0d:0b:6c:b6:17:e3:
e8:02:0b:ff:f6:89:9d:36:71:7a:56:03:83:ce:52:a3:02:d8:
0f:65:62:6d:bb:ad:95:92:e5:c4:b0:24:7c:e1:fc:f6:50:90:
00:98:cf:74:5b:70:50:0e:b9:68:bc:40:0d:ac:bf:6b:ef:1f:
79:69:63:c9:c3:96:25:64:73:c2:02:e5:6e:7e:16:78:96:a5:
03:be:bf:a2:02:07:e1:32:4b:b9:b5:5b:e8:2f:b9:12:c5:2f:
76:02:45:18:da:f1:ff:e9:92:8d:d1:5c:a9:9a:cb:5c:50:ee:
35:03:be:81:be:3b:b3:2a:c8:79:7d:15:e6:e7:7e:4c:c6:74:
14:c0:02:4b:97:00:69:01:35:2b:e8:e6:ba:98:c9:79:1f:68:
60:c7:72:97:70:2b:36:7c:3a:4c:32:7e:83:ea:71:63:0c:55:
e9:30:2a:d4:8c:93:4c:67:a1:7c:e2:90:a9:f3:61:50:f0:c5:
a2:c3:bd:39:13:49:8c:f7:8e:98:54:52:c1:2e:8c:69:47:68:
ac:47:5e:bf:16:c8:5a:2d:f8:09:1b:49:65:6d:26:90:83:bd:
9c:6f:f0:8e:6b:a3:60:a0:86:24:d4:7f:57:d2:a3:4d:ad:8f:
10:ba:94:7b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSxS8ZU9T29nGfc0VUt5LJiNpRVwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwNTVaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0NTc4NDM2NDcxYWUzYzcxNGVlYTJhOWRlYTEyYWQ2M2UyNzk5YjY3NzBh
YTI3NjNmNDI4ZDk3ZTgwNzgyYzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrVRzcZViYq5TuvuEKU+z0XT/+SuuRdLn37EO2u4HdHVMABv7qKFx9WKydN
l7pCLbEoPGHDYsFSHZkKyZEVZ8aniY/y8b2PkqQcwD+DdPUmU8SbPjrzeoDlIhud
yu7ntFXpQ1VUxTrWWggFDDMiBYlwCn9NsAJzId+9nZ/jgDt8MAc6mUmYiWU9YAFO
e6j+lG6LOac/U1NYv3kWtEMazzTuEmofDoYnX1lJkdcbJeg0nFK/O4wPBBzFpuqy
9VXpvb2e307SuCxv7xHP18Ye0FYkNr0kCZGAguP5mLn6nSgx5WPwyNDKDPB0jtIH
bjAs+hm4O8ZK9Ijycu30xpyD0LkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBToy4sy
+tR29JKI49L9nbHWIBRt9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGE1N2U5ODItYzZiOC00YWE3LWIzMGEtMzhiZWQ2NGRmYzMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+A
MA0GCSqGSIb3DQEBCwUAA4IBAQAfUMTpJpbgNgp1J8ANC2y2F+PoAgv/9omdNnF6
VgODzlKjAtgPZWJtu62VkuXEsCR84fz2UJAAmM90W3BQDrlovEANrL9r7x95aWPJ
w5YlZHPCAuVufhZ4lqUDvr+iAgfhMku5tVvoL7kSxS92AkUY2vH/6ZKN0Vypmstc
UO41A76BvjuzKsh5fRXm535MxnQUwAJLlwBpATUr6Oa6mMl5H2hgx3KXcCs2fDpM
Mn6D6nFjDFXpMCrUjJNMZ6F84pCp82FQ8MWiw705E0mM946YVFLBLoxpR2isR16/
FshaLfgJG0llbSaQg72cb/COa6NgoIYk1H9X0qNNrY8QupR7
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:14 2025 by rpki-client