Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa
File: 1db7d6f9-20a2-495c-9303-96004ae64814.roa (raw, json)
Hash identifier: TpFwvo2qfmSRQb3j9HM0Rn8UUc7a6dvHDEw7uMgVLmQ=
Subject key identifier: 54:A9:40:63:F8:67:71:A7:F5:0F:04:26:FE:61:6E:CF:D3:86:B7:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D4F03FA1DD1E086747B20C1C821D833F1644C0B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa
Signing time: Fri 01 Aug 2025 17:10:28 +0000
ROA not before: Fri 01 Aug 2025 17:10:28 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:4f:03:fa:1d:d1:e0:86:74:7b:20:c1:c8:21:d8:33:f1:64:4c:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:10:28 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=3b0c4ab0b2095c1fce3565b809585a4acaa1391d9b07e1de58e457f3efe591bf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c5:62:b3:b0:c2:95:14:53:60:79:2a:14:b3:
f8:5e:27:7c:8c:45:aa:35:dd:a4:f4:67:89:98:d5:
24:cc:15:48:ef:c9:1d:a8:4d:a9:4b:10:d1:4b:8a:
45:32:b0:13:d8:3c:b1:30:08:d2:b3:1b:86:17:d8:
2c:d8:bd:46:c8:77:f9:47:88:ac:b0:6a:84:14:a9:
9f:fb:eb:1d:6c:29:39:82:5b:87:28:11:84:ee:89:
2c:b8:0c:6e:8a:60:ce:06:4c:90:0a:9a:ab:bb:99:
e7:4c:3d:82:ba:e8:4b:64:c8:df:3d:93:c7:5b:2f:
33:eb:f9:36:dd:2f:e1:d2:c0:c2:65:00:71:12:33:
aa:a4:c8:8f:5a:3c:a5:01:72:fe:34:84:0f:0e:e4:
08:72:23:c2:bd:6d:91:b2:d8:3d:ba:0e:0a:c1:cc:
3a:95:da:3d:14:8e:fe:70:95:11:fb:57:98:13:86:
4d:be:f8:93:c0:c0:05:46:33:66:98:e5:6a:80:ed:
e9:b2:63:7f:a7:72:44:ac:a8:0f:93:13:21:94:a2:
a0:f1:1d:8f:70:26:93:b7:bf:df:23:0c:ab:46:c9:
04:1b:d4:a4:ea:f1:bc:12:50:d3:b6:08:e7:d4:81:
76:cd:df:a8:6f:22:54:0c:02:9e:96:af:1c:22:0f:
ae:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:A9:40:63:F8:67:71:A7:F5:0F:04:26:FE:61:6E:CF:D3:86:B7:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1db7d6f9-20a2-495c-9303-96004ae64814.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
60:1b:4e:34:d2:fb:a0:57:46:e7:db:92:ab:78:b7:08:7d:71:
f8:84:21:2f:b6:16:b6:81:64:ff:a7:29:4c:02:ca:a2:f0:59:
89:87:b3:44:e0:b9:82:06:5f:04:cb:1c:a2:08:f9:b8:0f:72:
1f:9b:38:2e:f9:25:b6:59:04:49:87:9f:75:27:c2:26:cb:e9:
8c:97:13:16:9c:7c:d5:84:c4:66:a5:41:59:b8:3b:df:57:74:
e3:c3:31:d0:6f:19:a3:0c:68:87:97:2c:6f:3d:eb:b7:f2:f9:
0f:ad:29:03:dc:09:bb:f1:64:64:de:1c:f6:7a:23:7e:be:8d:
ac:7d:4c:f0:f5:6e:b6:7e:ae:2a:c5:32:0e:b4:c2:06:ca:80:
ed:1b:8c:17:a2:d8:56:d0:36:2c:16:5b:4d:58:ef:1b:15:68:
53:98:12:2a:0c:ed:17:56:e4:ee:e0:2e:28:12:36:bb:53:75:
2f:4d:d0:42:33:dd:a6:f2:c0:50:13:61:89:a2:c0:d0:6b:a7:
1c:e1:5b:9b:09:8e:d5:bf:7b:83:7b:49:89:ae:87:be:b6:da:
e2:ea:ec:19:29:7c:78:c6:31:34:aa:e9:2b:9d:d8:8d:4a:27:
51:48:a8:79:f8:0d:71:75:97:2a:e9:3f:20:02:49:00:d5:76:
06:42:94:70
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTU8D+h3R4IZ0eyDByCHYM/FkTAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzEwMjhaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiMGM0YWIwYjIwOTVjMWZjZTM1NjViODA5NTg1YTRhY2FhMTM5MWQ5YjA3
ZTFkZTU4ZTQ1N2YzZWZlNTkxYmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3FYrOwwpUUU2B5KhSz+F4nfIxFqjXdpPRniZjVJMwVSO/JHahNqUsQ0UuK
RTKwE9g8sTAI0rMbhhfYLNi9Rsh3+UeIrLBqhBSpn/vrHWwpOYJbhygRhO6JLLgM
bopgzgZMkAqaq7uZ50w9grroS2TI3z2Tx1svM+v5Nt0v4dLAwmUAcRIzqqTIj1o8
pQFy/jSEDw7kCHIjwr1tkbLYPboOCsHMOpXaPRSO/nCVEftXmBOGTb74k8DABUYz
ZpjlaoDt6bJjf6dyRKyoD5MTIZSioPEdj3Amk7e/3yMMq0bJBBvUpOrxvBJQ07YI
59SBds3fqG8iVAwCnpavHCIPrk0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRUqUBj
+Gdxp/UPBCb+YW7P04a3sDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWRiN2Q2ZjktMjBhMi00OTVjLTkzMDMtOTYwMDRhZTY0ODE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G8I
wDANBgkqhkiG9w0BAQsFAAOCAQEAYBtONNL7oFdG59uSq3i3CH1x+IQhL7YWtoFk
/6cpTALKovBZiYezROC5ggZfBMscogj5uA9yH5s4LvkltlkESYefdSfCJsvpjJcT
Fpx81YTEZqVBWbg731d048Mx0G8Zowxoh5csbz3rt/L5D60pA9wJu/FkZN4c9noj
fr6NrH1M8PVutn6uKsUyDrTCBsqA7RuMF6LYVtA2LBZbTVjvGxVoU5gSKgztF1bk
7uAuKBI2u1N1L03QQjPdpvLAUBNhiaLA0GunHOFbmwmO1b97g3tJia6Hvrba4urs
GSl8eMYxNKrpK53YjUonUUioefgNcXWXKuk/IAJJANV2BkKUcA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:43 2025 by rpki-client