Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/113e55fd-9531-4700-bcdc-5abe9a806b41.roa
File: 113e55fd-9531-4700-bcdc-5abe9a806b41.roa (raw, json)
Hash identifier: rhF0s+rDY/bPDhVlD+ZQxCNU0GZZfEUKTSRP4TcSiuE=
Subject key identifier: 3D:FC:0F:E6:32:13:5F:38:92:96:07:34:52:68:31:3E:36:D2:42:B1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49F006AF9ED643E6C6763DC933862E6107BDB142
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/113e55fd-9531-4700-bcdc-5abe9a806b41.roa
Signing time: Fri 01 Aug 2025 17:10:58 +0000
ROA not before: Fri 01 Aug 2025 17:10:58 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:f0:06:af:9e:d6:43:e6:c6:76:3d:c9:33:86:2e:61:07:bd:b1:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:10:58 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=4c2a0f1fd52472252ff55dfcf96f7ab532e73228fb9cd6e34070fb8345b2e808, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:11:83:93:6f:09:72:e1:52:97:b3:1c:ce:9a:
a6:2f:2b:3b:14:4e:9e:56:f4:b7:03:89:e0:36:98:
d3:e0:04:67:b3:68:51:35:f3:d4:a0:77:33:bf:84:
73:7b:d2:89:f5:8c:cf:76:7b:f7:a5:52:1b:29:41:
2d:24:ff:ad:d9:26:db:f4:d2:19:9a:dc:50:4d:1d:
92:11:a3:d3:53:26:b3:27:74:40:78:eb:0c:ba:a9:
88:39:24:b3:30:dc:a8:52:e2:56:75:49:cd:59:2a:
04:6e:c1:de:42:aa:91:7b:32:5a:d7:b8:98:15:40:
4d:7e:83:c9:cc:34:2c:bd:e3:ad:6a:3c:bd:76:ad:
35:fc:18:4e:0d:cd:3f:2a:60:07:00:be:59:80:b1:
9a:eb:a7:90:cf:88:e6:c3:3c:d5:8d:53:88:d0:d1:
26:a5:78:8d:29:91:fc:8e:95:0d:4d:0e:e3:ff:02:
99:16:8b:3d:fd:e7:3f:51:27:ed:21:f9:7f:f5:08:
e4:4a:04:19:17:e9:35:5b:75:04:61:c4:03:8a:66:
8d:77:fe:9f:cf:96:7d:02:8d:50:d5:5e:7f:64:27:
09:54:20:a9:5e:d9:35:53:3a:87:8d:8e:fb:71:1e:
f5:2e:bc:f0:b2:03:bf:62:3b:0d:1b:d9:c6:ca:5b:
a4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:FC:0F:E6:32:13:5F:38:92:96:07:34:52:68:31:3E:36:D2:42:B1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/113e55fd-9531-4700-bcdc-5abe9a806b41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:800::/40
Signature Algorithm: sha256WithRSAEncryption
0f:2e:09:36:f8:91:31:16:00:db:cb:f9:1c:2d:f7:f7:39:30:
d8:e4:e2:37:6c:e0:84:89:9d:3d:04:00:31:9e:46:f0:e9:56:
b7:47:78:4a:66:49:d0:30:e8:82:35:64:80:93:66:fe:23:39:
df:80:fd:52:b6:f3:b7:34:22:90:15:24:b8:8b:4d:9f:8a:f6:
9d:9c:ce:c1:99:c1:8d:b7:e6:c9:d5:26:bc:bc:5b:e6:21:0f:
7c:fa:af:06:c5:7e:41:ce:73:f5:c9:3d:cb:26:34:1d:5c:7d:
fd:82:ab:f6:e2:f3:ec:28:97:3f:dd:88:23:ac:8e:f1:aa:a0:
1c:f9:4d:de:bd:1c:5c:bd:33:fa:0f:75:3b:60:54:ca:1f:8d:
e3:c8:55:73:41:55:7d:8d:c8:6f:9a:e8:8f:07:37:3f:fd:97:
9f:11:3e:2a:08:36:ce:ee:94:45:5c:e8:26:28:13:d8:98:47:
e2:f5:0d:f5:8d:11:54:64:ff:eb:5f:c5:4f:3b:db:aa:5f:8b:
e5:af:8c:47:b9:3c:78:5b:9c:83:40:10:45:f4:72:ac:61:db:
3f:47:99:c7:98:4e:76:ab:a9:1e:27:da:dd:d3:21:26:cd:90:
a3:1b:6a:4f:63:7e:b2:02:d3:d6:e7:4f:13:6e:2f:d0:66:fa:
8e:f8:bc:23
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSfAGr57WQ+bGdj3JM4YuYQe9sUIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzEwNThaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjMmEwZjFmZDUyNDcyMjUyZmY1NWRmY2Y5NmY3YWI1MzJlNzMyMjhmYjlj
ZDZlMzQwNzBmYjgzNDViMmU4MDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYRg5NvCXLhUpezHM6api8rOxROnlb0twOJ4DaY0+AEZ7NoUTXz1KB3M7+E
c3vSifWMz3Z796VSGylBLST/rdkm2/TSGZrcUE0dkhGj01Mmsyd0QHjrDLqpiDkk
szDcqFLiVnVJzVkqBG7B3kKqkXsyWte4mBVATX6Dycw0LL3jrWo8vXatNfwYTg3N
PypgBwC+WYCxmuunkM+I5sM81Y1TiNDRJqV4jSmR/I6VDU0O4/8CmRaLPf3nP1En
7SH5f/UI5EoEGRfpNVt1BGHEA4pmjXf+n8+WfQKNUNVef2QnCVQgqV7ZNVM6h42O
+3Ee9S688LIDv2I7DRvZxspbpI0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9/A/m
MhNfOJKWBzRSaDE+NtJCsTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTEzZTU1ZmQtOTUzMS00NzAwLWJjZGMtNWFiZTlhODA2YjQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYI
MA0GCSqGSIb3DQEBCwUAA4IBAQAPLgk2+JExFgDby/kcLff3OTDY5OI3bOCEiZ09
BAAxnkbw6Va3R3hKZknQMOiCNWSAk2b+IznfgP1StvO3NCKQFSS4i02fivadnM7B
mcGNt+bJ1Sa8vFvmIQ98+q8GxX5BznP1yT3LJjQdXH39gqv24vPsKJc/3YgjrI7x
qqAc+U3evRxcvTP6D3U7YFTKH43jyFVzQVV9jchvmuiPBzc//ZefET4qCDbO7pRF
XOgmKBPYmEfi9Q31jRFUZP/rX8VPO9uqX4vlr4xHuTx4W5yDQBBF9HKsYds/R5nH
mE52q6keJ9rd0yEmzZCjG2pPY36yAtPW508Tbi/QZvqO+Lwj
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:58:21 2025 by rpki-client