Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ff4816c3-2e55-42d8-a2fa-8e7ac7375d0e.roa
File: ff4816c3-2e55-42d8-a2fa-8e7ac7375d0e.roa (raw, json)
Hash identifier: l8E2yzR/lv3fgPDVShg2EwC96wt53p5m/tjcYkOqT/0=
Subject key identifier: 30:D5:1A:67:E8:E3:F7:C2:67:71:6B:9B:CA:3D:14:7C:A0:47:68:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47745D03ACDE9039D69AD8678B3185118BE5FD06
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ff4816c3-2e55-42d8-a2fa-8e7ac7375d0e.roa
Signing time: Tue 19 Aug 2025 16:50:40 +0000
ROA not before: Tue 19 Aug 2025 16:50:40 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:74:5d:03:ac:de:90:39:d6:9a:d8:67:8b:31:85:11:8b:e5:fd:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:40 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=6caeba751034a44072076b3d08b0a8a4bee0a85f3240b22beeab01c3ce7828b8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4e:e5:3d:0b:26:c3:0a:e3:2d:bf:78:ec:cc:
9f:53:25:8a:97:9a:f2:37:6a:93:20:88:2a:e1:86:
fa:64:2e:62:d0:8d:b1:e4:4c:20:b0:3a:0a:15:b9:
4a:49:d3:c8:61:b7:6b:3f:04:15:00:0d:c2:25:fe:
e1:06:4e:e2:01:99:6d:b4:eb:f7:33:94:9f:de:fc:
ea:1d:85:f3:6b:86:f7:d1:e6:14:1c:7e:da:16:3e:
4f:3c:bf:67:b4:38:c5:77:12:7e:fc:55:15:42:1a:
cf:b8:10:22:2a:ef:f9:0a:a6:a3:d5:62:ff:74:b5:
4a:78:86:f4:eb:20:0f:7d:74:b7:3b:aa:4a:f4:12:
73:50:7e:e7:b0:e5:00:b2:60:a1:7d:a7:19:f2:78:
a3:92:76:8c:02:bd:69:49:c0:14:a4:d0:32:f2:62:
28:42:55:5a:1b:d8:75:03:60:68:47:34:8f:66:68:
fd:59:30:99:1d:72:80:c1:23:f1:26:b3:68:ad:a7:
04:b1:d8:58:ec:4c:8e:56:ce:76:ea:3e:97:33:3e:
59:ab:12:d2:f8:ea:24:f6:60:e4:53:4c:69:5d:31:
09:6a:72:f8:5d:f3:69:fb:82:d5:ee:ef:5d:06:cd:
25:dd:ac:c5:63:bb:ad:a7:d8:79:7a:d7:9a:6e:9a:
be:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D5:1A:67:E8:E3:F7:C2:67:71:6B:9B:CA:3D:14:7C:A0:47:68:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ff4816c3-2e55-42d8-a2fa-8e7ac7375d0e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:a000::/40
Signature Algorithm: sha256WithRSAEncryption
a0:86:49:a6:ac:a8:51:3b:90:66:9b:46:6d:b2:e2:aa:8b:b7:
a6:d7:13:fa:4d:1e:3e:e1:a4:a2:2b:fd:83:bb:c6:34:63:1c:
22:b4:9e:18:62:ad:00:e0:d1:66:0e:5d:75:c1:81:0b:53:f9:
57:c8:a0:d9:ac:13:36:08:5f:9d:60:22:e6:84:21:15:7d:e5:
da:e7:87:1b:cb:4b:47:1d:8f:35:c0:d4:77:2b:04:64:b3:20:
45:3c:bb:2c:f4:77:8c:39:0f:0e:3d:cc:0e:b8:d7:8d:7a:fe:
9f:0f:c7:29:49:19:53:03:19:01:33:cf:6e:a9:47:25:68:3c:
ca:6d:be:dc:8b:52:85:98:ba:cb:d0:79:b3:3f:2f:6a:ba:6d:
69:80:6f:7c:63:cf:57:26:08:be:35:c2:66:df:04:ef:00:19:
63:a7:ae:b7:6a:aa:86:ce:eb:d8:d6:d4:48:9c:e0:b8:c7:79:
03:78:e3:d7:fb:3e:26:2b:7a:3b:30:87:6c:8a:74:9f:c0:20:
b3:0a:78:96:04:d1:ff:fb:8c:b0:ce:fb:47:57:27:45:df:ff:
e3:42:6d:3e:21:8f:4f:de:3b:18:da:69:c5:ed:fc:62:ae:90:
13:26:b4:ee:d2:6d:fc:53:e5:60:fe:60:9f:b3:37:17:0f:3f:
b5:2e:4a:b3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR3RdA6zekDnWmthnizGFEYvl/QYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwNDBaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjYWViYTc1MTAzNGE0NDA3MjA3NmIzZDA4YjBhOGE0YmVlMGE4NWYzMjQw
YjIyYmVlYWIwMWMzY2U3ODI4YjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBO5T0LJsMK4y2/eOzMn1Mlipea8jdqkyCIKuGG+mQuYtCNseRMILA6ChW5
SknTyGG3az8EFQANwiX+4QZO4gGZbbTr9zOUn9786h2F82uG99HmFBx+2hY+Tzy/
Z7Q4xXcSfvxVFUIaz7gQIirv+Qqmo9Vi/3S1SniG9OsgD310tzuqSvQSc1B+57Dl
ALJgoX2nGfJ4o5J2jAK9aUnAFKTQMvJiKEJVWhvYdQNgaEc0j2Zo/VkwmR1ygMEj
8SazaK2nBLHYWOxMjlbOduo+lzM+WasS0vjqJPZg5FNMaV0xCWpy+F3zafuC1e7v
XQbNJd2sxWO7rafYeXrXmm6avhMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQw1Rpn
6OP3wmdxa5vKPRR8oEdoVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmY0ODE2YzMtMmU1NS00MmQ4LWEyZmEtOGU3YWM3Mzc1ZDBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSg
MA0GCSqGSIb3DQEBCwUAA4IBAQCghkmmrKhRO5Bmm0ZtsuKqi7em1xP6TR4+4aSi
K/2Du8Y0YxwitJ4YYq0A4NFmDl11wYELU/lXyKDZrBM2CF+dYCLmhCEVfeXa54cb
y0tHHY81wNR3KwRksyBFPLss9HeMOQ8OPcwOuNeNev6fD8cpSRlTAxkBM89uqUcl
aDzKbb7ci1KFmLrL0HmzPy9qum1pgG98Y89XJgi+NcJm3wTvABljp663aqqGzuvY
1tRInOC4x3kDeOPX+z4mK3o7MIdsinSfwCCzCniWBNH/+4ywzvtHVydF3//jQm0+
IY9P3jsY2mnF7fxirpATJrTu0m38U+Vg/mCfszcXDz+1Lkqz
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:10 2025 by rpki-client