Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
File: cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa (raw, json)
Hash identifier: cIMSqVoB82OjYiLPZnaSHYn0yLwucO2wyfkHP1Y6qRg=
Subject key identifier: 4D:43:57:61:2F:40:01:85:DB:5F:F2:8A:7E:E5:6C:BC:AA:0E:2C:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12BA8C6BFACF0A96E382AEFA41144A3BDF14D430
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
Signing time: Tue 05 Aug 2025 20:01:33 +0000
ROA not before: Tue 05 Aug 2025 20:01:33 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:ba:8c:6b:fa:cf:0a:96:e3:82:ae:fa:41:14:4a:3b:df:14:d4:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:01:33 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=fb1ef6b6c55689c6874fea527dc8b9d7de56e4efaa3bfbdb38d71feaf3772c7c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4c:83:95:ed:f5:79:e7:56:c4:40:75:d3:56:
f7:10:3b:71:88:f3:95:f1:74:bf:61:7e:7e:d7:a5:
f7:88:70:0c:61:2c:25:b1:60:75:38:81:ef:85:45:
0c:06:8f:48:90:23:0e:fa:80:73:97:8b:93:19:3e:
2b:45:ed:4a:07:4c:48:9c:7f:3c:5e:3c:01:20:53:
67:a9:98:37:bd:8e:ec:b8:a6:ab:17:d9:7f:78:8b:
7a:2d:24:9c:eb:3e:53:3e:b5:44:35:bc:54:be:f5:
6e:01:71:9b:b3:56:0a:b3:28:8e:d4:b6:ee:2e:79:
8e:32:7a:6e:e4:0d:5b:90:5d:ef:5f:51:b2:bd:b2:
10:d9:41:1f:47:95:93:ae:0f:05:6a:50:f3:ad:b0:
c3:41:e6:2c:31:72:bb:37:ff:6e:4a:13:6d:89:50:
a6:c8:a5:f3:e3:9d:ba:29:82:67:d9:3e:8d:ef:1c:
bd:c9:b8:e9:fd:94:13:94:4b:2d:e3:58:d8:80:e7:
55:fc:a0:ad:04:64:80:43:c8:9d:a2:e3:e0:62:6c:
69:99:66:6b:e0:b6:1c:d9:0b:72:c6:52:63:a5:64:
2e:a9:b8:fd:7f:77:63:d2:b4:4d:71:17:39:ef:b1:
c9:42:44:3b:fc:c7:c6:82:52:42:35:1c:33:49:a5:
49:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:43:57:61:2F:40:01:85:DB:5F:F2:8A:7E:E5:6C:BC:AA:0E:2C:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:a000::/40
Signature Algorithm: sha256WithRSAEncryption
0e:e6:4a:49:1d:0a:63:a0:6d:96:9c:65:51:a2:2d:ac:8d:c2:
c1:7e:b7:38:c7:9d:b6:32:84:d5:82:3f:b1:44:1c:b2:75:06:
ea:f0:86:c6:05:60:30:69:ac:b5:6a:dd:72:c6:d5:34:3d:db:
1c:55:b8:cc:90:7d:fa:45:1c:8f:54:07:85:a9:0a:50:7a:1b:
d5:59:ff:38:62:1f:55:46:85:f5:f7:99:8d:54:0b:ec:99:ad:
8e:0f:ea:c5:37:66:1b:3a:b5:15:ef:18:d6:2a:12:f4:a3:27:
6e:2d:32:ea:f4:e5:43:b2:d7:cf:e0:17:ca:ff:14:65:11:d7:
4e:1d:c6:c0:70:c6:ac:81:0e:72:03:d4:f8:95:c1:d8:16:32:
75:df:0b:51:6d:27:1d:1c:65:dd:4b:7f:88:a0:e7:15:e5:89:
57:f8:85:76:4c:88:1e:62:6c:87:e9:37:74:1c:f8:1d:95:a7:
a5:b8:24:ca:25:a6:1e:7a:e0:da:66:3f:b6:0c:63:91:d2:d1:
f8:90:39:2d:ef:8e:fa:56:08:88:19:be:fb:d4:10:c1:45:dd:
c2:d4:5c:b2:72:4e:48:ce:31:10:cc:c7:5c:90:06:64:dd:78:
56:4e:8e:d2:b3:32:43:ec:21:5b:f7:2e:00:b4:88:17:f8:c4:
d5:9e:95:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUErqMa/rPCpbjgq76QRRKO98U1DAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAxMzNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiMWVmNmI2YzU1Njg5YzY4NzRmZWE1MjdkYzhiOWQ3ZGU1NmU0ZWZhYTNi
ZmJkYjM4ZDcxZmVhZjM3NzJjN2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJBMg5Xt9XnnVsRAddNW9xA7cYjzlfF0v2F+ftel94hwDGEsJbFgdTiB74VF
DAaPSJAjDvqAc5eLkxk+K0XtSgdMSJx/PF48ASBTZ6mYN72O7LimqxfZf3iLei0k
nOs+Uz61RDW8VL71bgFxm7NWCrMojtS27i55jjJ6buQNW5Bd719Rsr2yENlBH0eV
k64PBWpQ862ww0HmLDFyuzf/bkoTbYlQpsil8+OduimCZ9k+je8cvcm46f2UE5RL
LeNY2IDnVfygrQRkgEPInaLj4GJsaZlma+C2HNkLcsZSY6VkLqm4/X93Y9K0TXEX
Oe+xyUJEO/zHxoJSQjUcM0mlSYECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRNQ1dh
L0ABhdtf8op+5Wy8qg4saTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I0YTczZTEtYmU2Yi00Y2JhLWIxMzAtYTIyYmIzOWNmNjcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKg
MA0GCSqGSIb3DQEBCwUAA4IBAQAO5kpJHQpjoG2WnGVRoi2sjcLBfrc4x522MoTV
gj+xRByydQbq8IbGBWAwaay1at1yxtU0PdscVbjMkH36RRyPVAeFqQpQehvVWf84
Yh9VRoX195mNVAvsma2OD+rFN2YbOrUV7xjWKhL0oyduLTLq9OVDstfP4BfK/xRl
EddOHcbAcMasgQ5yA9T4lcHYFjJ13wtRbScdHGXdS3+IoOcV5YlX+IV2TIgeYmyH
6Td0HPgdlaeluCTKJaYeeuDaZj+2DGOR0tH4kDkt7476VgiIGb771BDBRd3C1Fyy
ck5IzjEQzMdckAZk3XhWTo7SszJD7CFb9y4AtIgX+MTVnpW5
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:37 2025 by rpki-client