Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6d14d01-1a1b-448e-bb4a-73279a06c540.roa
File: a6d14d01-1a1b-448e-bb4a-73279a06c540.roa (raw, json)
Hash identifier: rcfbU5YghWh2HG/7rmIpV+63B8YR9uuLYA2caPrBPNM=
Subject key identifier: BD:B4:4B:78:38:96:CC:F4:E4:B8:A2:F2:FA:80:87:48:FA:5C:2A:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 033DA520B3E2D7459A0F1538E160714A9CF5B16A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6d14d01-1a1b-448e-bb4a-73279a06c540.roa
Signing time: Tue 05 Aug 2025 19:00:59 +0000
ROA not before: Tue 05 Aug 2025 19:00:59 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:3d:a5:20:b3:e2:d7:45:9a:0f:15:38:e1:60:71:4a:9c:f5:b1:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:00:59 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=0fa54a7f274ca794eb66af109b741908906caa6cb413db7371d0f7c202663a91, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b2:b6:f2:4f:af:cc:ba:96:05:67:fa:a2:aa:
4b:34:86:a7:ff:1e:ca:3c:cb:6b:1f:3e:8b:57:48:
11:68:7a:f6:c3:c7:98:51:db:83:3f:47:65:82:00:
90:d1:4f:d4:fc:27:d6:30:89:13:0f:9c:db:36:0d:
66:13:56:55:a4:5d:63:99:18:ed:bc:7e:5c:a0:c2:
ea:7d:3d:7b:16:60:db:26:10:2b:fe:fe:7c:5a:03:
09:97:a6:85:5b:78:4b:b2:4f:aa:01:70:fb:12:57:
c1:8e:b5:6d:f2:b7:43:95:f1:c8:0f:6a:fd:a6:c7:
2e:c8:c5:b9:ae:67:f1:d6:e2:8f:75:b7:a6:a7:0e:
fb:26:59:88:3a:b1:0f:ee:57:71:c1:bc:57:22:d6:
5b:db:22:6b:18:3d:81:1b:49:98:db:ce:33:28:40:
24:53:ce:70:57:55:3e:10:fd:e2:0c:00:32:23:1c:
7f:f0:84:11:06:11:fd:bf:b3:c5:d3:ee:a4:ee:37:
9d:3d:c0:dc:2e:8b:e7:77:02:5d:bd:32:91:a9:1c:
7e:a4:ff:f0:d8:96:ad:a8:4f:45:e2:6c:1a:7b:fc:
96:b0:1f:be:3d:05:16:30:01:96:a8:3f:b1:9f:f0:
58:b1:4b:93:bc:65:5e:6c:cc:81:2b:26:64:57:bc:
90:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:B4:4B:78:38:96:CC:F4:E4:B8:A2:F2:FA:80:87:48:FA:5C:2A:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6d14d01-1a1b-448e-bb4a-73279a06c540.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:5040::/48
Signature Algorithm: sha256WithRSAEncryption
03:ba:31:3f:29:78:54:f2:40:f6:d4:c8:3f:98:40:7a:96:02:
1e:85:22:ab:7a:14:52:ee:34:f3:b5:3b:f9:c5:78:80:dc:ec:
cb:d5:4c:ff:6a:ba:92:63:09:bf:23:d1:1a:d9:07:2c:2f:61:
1d:85:fd:14:fe:cc:b1:0e:93:ca:5a:53:e8:80:4e:10:c9:87:
09:a4:ca:d2:67:20:a8:13:57:f4:da:40:c8:32:ec:64:c0:00:
36:5f:bb:84:94:9a:f1:d4:6a:f5:fc:b5:83:7f:21:6a:b8:5a:
d7:21:af:79:57:c6:2f:e9:f0:90:b4:eb:e0:dd:97:9c:55:f7:
ea:0c:ba:0b:1f:23:5a:41:57:42:a1:f1:c5:51:f8:b7:26:78:
d8:25:a9:99:f4:a5:97:0e:74:61:9a:30:a5:af:96:84:ad:41:
a3:e2:72:0f:9c:4e:ed:da:2b:d1:3d:61:3b:6c:ad:61:27:ec:
4c:cc:a2:3d:6c:2a:72:e4:ce:f7:dc:50:26:16:64:94:61:3c:
0a:55:4f:6c:be:cd:44:d6:be:9b:58:ca:1a:7b:e2:68:a5:11:
3b:f5:83:29:09:34:67:d4:2d:31:9e:f6:2c:94:e2:48:db:a5:
20:97:03:28:f6:5f:fd:48:14:18:70:3b:95:a8:98:77:f9:f7:
12:b6:8b:55
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAz2lILPi10WaDxU44WBxSpz1sWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAwNTlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmYTU0YTdmMjc0Y2E3OTRlYjY2YWYxMDliNzQxOTA4OTA2Y2FhNmNiNDEz
ZGI3MzcxZDBmN2MyMDI2NjNhOTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGytvJPr8y6lgVn+qKqSzSGp/8eyjzLax8+i1dIEWh69sPHmFHbgz9HZYIA
kNFP1Pwn1jCJEw+c2zYNZhNWVaRdY5kY7bx+XKDC6n09exZg2yYQK/7+fFoDCZem
hVt4S7JPqgFw+xJXwY61bfK3Q5XxyA9q/abHLsjFua5n8dbij3W3pqcO+yZZiDqx
D+5XccG8VyLWW9siaxg9gRtJmNvOMyhAJFPOcFdVPhD94gwAMiMcf/CEEQYR/b+z
xdPupO43nT3A3C6L53cCXb0ykakcfqT/8NiWrahPReJsGnv8lrAfvj0FFjABlqg/
sZ/wWLFLk7xlXmzMgSsmZFe8kEUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS9tEt4
OJbM9OS4ovL6gIdI+lwqQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZkMTRkMDEtMWExYi00NDhlLWJiNGEtNzMyNzlhMDZjNTQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAA7oxPyl4VPJA9tTIP5hAepYCHoUiq3oUUu40
87U7+cV4gNzsy9VM/2q6kmMJvyPRGtkHLC9hHYX9FP7MsQ6TylpT6IBOEMmHCaTK
0mcgqBNX9NpAyDLsZMAANl+7hJSa8dRq9fy1g38harha1yGveVfGL+nwkLTr4N2X
nFX36gy6Cx8jWkFXQqHxxVH4tyZ42CWpmfSllw50YZowpa+WhK1Bo+JyD5xO7dor
0T1hO2ytYSfsTMyiPWwqcuTO99xQJhZklGE8ClVPbL7NRNa+m1jKGnviaKURO/WD
KQk0Z9QtMZ72LJTiSNulIJcDKPZf/UgUGHA7laiYd/n3EraLVQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:54:10 2025 by rpki-client