Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
File: a84526d7-5029-439b-9e16-14cd601eb5a1.roa (raw, json)
Hash identifier: ++1UxXZqKzeA+tMvm000djyOzbK2KDMtr5VZw3tXBXE=
Subject key identifier: BD:45:A7:5F:43:F4:12:3A:11:31:86:55:29:F0:8D:3B:65:C0:79:D9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3BFA9E8796664A9524FC53E14E221AEC7A90A5A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
Signing time: Tue 05 Aug 2025 19:31:32 +0000
ROA not before: Tue 05 Aug 2025 19:31:32 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:fa:9e:87:96:66:4a:95:24:fc:53:e1:4e:22:1a:ec:7a:90:a5:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:31:32 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=9f14bc14f273e9381a8da41a640c87f7a1f091ee9b363a998b125391bc906730, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:32:46:08:f2:81:51:a0:21:08:39:e6:8d:a1:
97:e0:04:4d:25:ff:9e:e0:77:15:71:d1:31:bc:a3:
39:b8:df:25:b2:53:47:56:28:d3:91:ec:8d:9b:60:
e0:00:c8:e7:65:cb:1f:df:28:d9:6e:6d:cd:56:c1:
a4:7e:83:27:b8:18:16:82:d0:3f:0a:01:d7:ec:f0:
ff:45:24:ec:ce:1a:8a:52:b8:64:3e:68:bd:20:92:
5e:68:b8:80:a2:fe:71:59:8b:4d:03:c1:19:51:84:
ff:de:a7:3d:a5:38:cb:36:2b:90:b9:19:b4:dd:3c:
3d:74:57:1d:4f:40:7f:ab:d0:02:80:44:54:76:ae:
9d:f2:1c:db:87:b3:fd:36:2b:ac:e2:23:3c:02:e9:
e1:a7:47:bf:27:a3:c4:c7:a9:33:67:80:5e:a5:07:
bb:b2:62:d9:a6:e5:89:8d:6d:bf:b4:cf:12:7e:9e:
47:87:45:18:aa:d7:ef:41:5e:c8:e7:2d:55:b0:3e:
36:72:66:13:3d:ce:0b:a4:1a:b4:e9:bc:d8:5a:a3:
2e:ae:ce:1b:ff:3b:70:fb:f4:da:b0:db:85:5c:0b:
de:54:ea:75:30:f7:ff:1d:40:9e:d9:52:16:cd:61:
de:80:67:84:32:ab:e0:34:70:ee:d7:15:30:3e:9f:
aa:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:45:A7:5F:43:F4:12:3A:11:31:86:55:29:F0:8D:3B:65:C0:79:D9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6080::/48
Signature Algorithm: sha256WithRSAEncryption
7b:f5:d7:22:4f:fe:57:09:b9:58:b3:67:ab:c9:3b:fa:d8:f3:
f5:85:ca:17:ab:2c:a1:9e:fe:d7:db:91:94:02:23:b3:09:fe:
ef:2f:76:1c:a3:95:cf:06:cd:c5:7d:1f:b3:6a:fb:f5:1b:bf:
f2:bf:a8:36:b8:2c:b6:9e:69:5c:6a:8b:6f:a7:10:45:c1:e6:
a4:3e:34:dd:69:22:95:18:aa:95:00:c8:68:e9:fd:5e:ba:dd:
02:7d:d0:83:5c:02:08:7d:f4:d3:4b:fa:1c:04:9c:b3:2e:58:
c8:24:3d:df:9f:3c:c3:3a:da:a9:ea:0a:f1:ee:a5:0d:f2:db:
0c:fa:49:ba:3e:27:77:fc:6b:fa:a0:e6:0a:29:4e:4b:9d:7a:
f0:85:e3:6a:4f:bb:fb:12:75:15:7c:fc:7d:ca:9c:13:f4:53:
41:db:78:72:9a:05:32:a9:3f:dc:dd:3a:7e:f3:69:2e:61:50:
cd:e9:99:12:ab:46:88:12:a2:ef:55:e1:b2:9a:a8:97:39:b5:
fe:68:68:ba:c7:28:a7:c6:8f:64:51:9d:29:e9:40:40:ac:ed:
e6:1a:a7:89:56:2a:89:5a:3c:36:02:30:eb:eb:46:39:90:25:
4e:f1:85:df:da:f6:3b:00:a6:08:c5:66:16:8f:e4:56:aa:40:
7b:1a:b3:47
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUO/qeh5ZmSpUk/FPhTiIa7HqQpaMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMxMzJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmMTRiYzE0ZjI3M2U5MzgxYThkYTQxYTY0MGM4N2Y3YTFmMDkxZWU5YjM2
M2E5OThiMTI1MzkxYmM5MDY3MzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAyRgjygVGgIQg55o2hl+AETSX/nuB3FXHRMbyjObjfJbJTR1Yo05HsjZtg
4ADI52XLH98o2W5tzVbBpH6DJ7gYFoLQPwoB1+zw/0Uk7M4ailK4ZD5ovSCSXmi4
gKL+cVmLTQPBGVGE/96nPaU4yzYrkLkZtN08PXRXHU9Af6vQAoBEVHaunfIc24ez
/TYrrOIjPALp4adHvyejxMepM2eAXqUHu7Ji2abliY1tv7TPEn6eR4dFGKrX70Fe
yOctVbA+NnJmEz3OC6QatOm82FqjLq7OG/87cPv02rDbhVwL3lTqdTD3/x1AntlS
Fs1h3oBnhDKr4DRw7tcVMD6fqt8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS9Radf
Q/QSOhExhlUp8I07ZcB52TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTg0NTI2ZDctNTAyOS00MzliLTllMTYtMTRjZDYwMWViNWExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg
gDANBgkqhkiG9w0BAQsFAAOCAQEAe/XXIk/+Vwm5WLNnq8k7+tjz9YXKF6ssoZ7+
19uRlAIjswn+7y92HKOVzwbNxX0fs2r79Ru/8r+oNrgstp5pXGqLb6cQRcHmpD40
3WkilRiqlQDIaOn9XrrdAn3Qg1wCCH3000v6HAScsy5YyCQ93588wzraqeoK8e6l
DfLbDPpJuj4nd/xr+qDmCilOS5168IXjak+7+xJ1FXz8fcqcE/RTQdt4cpoFMqk/
3N06fvNpLmFQzemZEqtGiBKi71Xhspqolzm1/mhouscop8aPZFGdKelAQKzt5hqn
iVYqiVo8NgIw6+tGOZAlTvGF39r2OwCmCMVmFo/kVqpAexqzRw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:22 2025 by rpki-client