Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9a4f3cd-603a-4fdc-bd65-8d9488d4fd09.roa
File: a9a4f3cd-603a-4fdc-bd65-8d9488d4fd09.roa (raw, json)
Hash identifier: FX0QjZImzA+nFWz7jic0MQAAUrNFZ/yj6/RkFeM4x4Y=
Subject key identifier: 46:9C:87:5D:73:19:FA:1C:A6:DC:2D:67:93:67:A5:37:9A:2D:BD:68
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A4F468F2BFA2870D3A4189D493DB18581361F46
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9a4f3cd-603a-4fdc-bd65-8d9488d4fd09.roa
Signing time: Wed 06 Aug 2025 00:50:12 +0000
ROA not before: Wed 06 Aug 2025 00:50:12 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:4f:46:8f:2b:fa:28:70:d3:a4:18:9d:49:3d:b1:85:81:36:1f:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:12 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=6375024555151939722b98a380c60bd40c94a4450b3dcfacf67116a292d929da, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d7:c4:e3:8f:28:b0:97:5a:65:b5:2f:20:a4:
31:6f:b8:c8:83:ca:ac:0e:7a:89:fc:cd:c6:a0:52:
5e:5d:83:91:23:53:0e:76:9a:0f:a4:49:a5:4d:32:
bd:95:98:3c:12:18:94:96:85:eb:49:53:2e:a7:58:
d3:8a:56:66:c8:60:a4:03:79:68:16:b2:ff:d8:3c:
2f:f9:48:db:db:b8:47:08:44:cd:7f:46:36:b1:ba:
26:35:e9:19:d9:98:9d:68:d3:a0:2a:e8:d5:5d:ba:
34:71:06:cf:d6:6b:b3:26:16:a0:a2:49:3b:55:95:
41:5a:3c:08:35:eb:b3:61:23:99:9a:31:c0:e9:b4:
09:de:e8:b9:e9:47:c2:80:f3:8a:28:eb:8a:4b:37:
3f:11:a9:e0:71:50:fd:57:6a:a1:27:ce:be:fe:80:
4c:a4:69:ed:d4:e2:8b:e2:ae:01:38:1f:a0:6b:2f:
78:b3:7f:92:ff:eb:61:db:4a:2a:b4:2f:96:9e:f1:
07:7d:51:32:9c:d2:35:30:5f:8e:89:c8:c6:c3:aa:
cb:95:5a:6f:ce:db:39:89:27:d4:4b:dc:74:1d:3c:
f4:ab:10:86:32:11:e3:b4:a5:08:09:b7:81:0e:15:
05:97:a3:c5:9b:a0:7c:ee:da:36:44:60:dc:08:73:
d6:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:9C:87:5D:73:19:FA:1C:A6:DC:2D:67:93:67:A5:37:9A:2D:BD:68
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9a4f3cd-603a-4fdc-bd65-8d9488d4fd09.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8c00::/38
Signature Algorithm: sha256WithRSAEncryption
7e:05:d8:37:88:51:42:ed:b7:fc:f9:18:35:8d:48:f6:66:12:
c1:97:29:d0:bc:5c:7f:bd:3f:39:f7:98:0f:14:0f:76:8d:9d:
f9:ce:c3:6a:dd:af:99:0c:07:59:be:b7:34:b0:9b:db:c8:74:
59:18:e1:fe:9f:43:2c:a8:6d:49:c2:e1:b1:31:22:0a:70:bd:
4c:5f:26:d5:58:26:b9:cf:65:17:0b:0e:91:37:ae:0a:81:9f:
cf:b6:57:fc:fa:7e:fd:47:cf:d9:68:f2:2d:0a:e5:1a:4a:c3:
f9:92:5b:e0:c5:6b:7f:60:3c:9f:d9:58:ee:fc:55:f4:b6:5d:
ae:b9:9e:ed:c5:fb:b8:cd:01:0b:b6:35:12:b7:e1:43:6e:1b:
c6:56:8e:1e:02:19:ba:36:27:dc:a7:d7:a5:0e:bc:8d:07:8e:
bf:2c:87:cf:b7:38:74:63:0c:6f:0b:bf:44:0f:6b:19:7b:61:
06:66:93:81:aa:d2:86:e1:63:f8:cb:0c:c0:86:00:9e:39:50:
81:ba:4c:e1:04:ba:0b:58:4f:6d:c7:bd:66:5a:40:13:b0:50:
a5:ed:04:61:a2:a6:88:de:10:b4:cf:4b:e9:32:e8:13:de:ee:
ae:b5:7c:72:f6:d4:eb:17:e4:03:bc:96:ea:7a:ae:24:35:bf:
af:4a:60:82
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCk9Gjyv6KHDTpBidST2xhYE2H0YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwMTJaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzNzUwMjQ1NTUxNTE5Mzk3MjJiOThhMzgwYzYwYmQ0MGM5NGE0NDUwYjNk
Y2ZhY2Y2NzExNmEyOTJkOTI5ZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHXxOOPKLCXWmW1LyCkMW+4yIPKrA56ifzNxqBSXl2DkSNTDnaaD6RJpU0y
vZWYPBIYlJaF60lTLqdY04pWZshgpAN5aBay/9g8L/lI29u4RwhEzX9GNrG6JjXp
GdmYnWjToCro1V26NHEGz9ZrsyYWoKJJO1WVQVo8CDXrs2EjmZoxwOm0Cd7ouelH
woDziijriks3PxGp4HFQ/VdqoSfOvv6ATKRp7dTii+KuATgfoGsveLN/kv/rYdtK
KrQvlp7xB31RMpzSNTBfjonIxsOqy5Vab87bOYkn1EvcdB089KsQhjIR47SlCAm3
gQ4VBZejxZugfO7aNkRg3Ahz1vECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRGnIdd
cxn6HKbcLWeTZ6U3mi29aDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTlhNGYzY2QtNjAzYS00ZmRjLWJkNjUtOGQ5NDg4ZDRmZDA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCM
MA0GCSqGSIb3DQEBCwUAA4IBAQB+Bdg3iFFC7bf8+Rg1jUj2ZhLBlynQvFx/vT85
95gPFA92jZ35zsNq3a+ZDAdZvrc0sJvbyHRZGOH+n0MsqG1JwuGxMSIKcL1MXybV
WCa5z2UXCw6RN64KgZ/Ptlf8+n79R8/ZaPItCuUaSsP5klvgxWt/YDyf2Vju/FX0
tl2uuZ7txfu4zQELtjUSt+FDbhvGVo4eAhm6Nifcp9elDryNB46/LIfPtzh0Ywxv
C79ED2sZe2EGZpOBqtKG4WP4ywzAhgCeOVCBukzhBLoLWE9tx71mWkATsFCl7QRh
oqaI3hC0z0vpMugT3u6utXxy9tTrF+QDvJbqeq4kNb+vSmCC
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:53:59 2025 by rpki-client