Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
File: 470f3c02-20c3-480f-a788-60d7378cea9b.roa (raw, json)
Hash identifier: 0tcpmsFkjFeD7ah5aQkR0PJJSRbTZF/WjdGuu/sRlDc=
Subject key identifier: 50:EA:B9:F9:B8:CA:4A:A8:7B:1F:01:43:52:14:22:7B:82:2F:B8:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 685EDD88CEF8F12672833E74D2C703CC56AA313D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
Signing time: Fri 01 Aug 2025 17:10:21 +0000
ROA not before: Fri 01 Aug 2025 17:10:21 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:5e:dd:88:ce:f8:f1:26:72:83:3e:74:d2:c7:03:cc:56:aa:31:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:10:21 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=9acf486137781b4169e177910523bad5f33832b0bf962ac14d037e45f36bb130, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:96:61:6d:e4:d0:91:76:b5:be:f9:3b:69:19:
ed:ba:10:1e:89:c2:56:7c:84:2c:e0:cd:e8:7c:80:
1a:d9:57:ac:b7:23:53:f9:0e:33:ed:8d:81:39:6c:
e9:6b:b6:7b:69:c8:a9:a5:b2:5a:02:da:8c:a1:98:
0c:7c:7f:8c:0c:8b:66:09:3a:21:e0:b9:3d:e9:03:
55:b2:10:e9:d7:e8:69:bb:12:45:63:7b:b4:dd:2d:
06:65:51:57:48:25:66:be:c1:a0:86:0e:f9:95:f0:
30:a5:e1:2f:bf:d9:6d:45:cd:d3:2c:7b:d0:0a:72:
31:ff:27:6c:83:6c:6f:ed:67:d9:cf:5a:d0:69:01:
c8:ec:66:1f:49:b5:b0:93:d9:4e:2c:b8:06:87:82:
cb:8c:45:26:b0:b9:c5:67:87:fe:e6:4f:a1:69:62:
56:95:43:ba:80:1b:51:a2:5a:60:f3:17:77:f2:c9:
9c:34:ea:e4:5d:6d:81:be:80:c3:47:6c:56:5e:7e:
b7:99:45:2d:be:17:f2:8c:ed:19:0b:6b:25:79:15:
e0:c5:41:79:75:6a:3b:6e:3d:0d:3b:6f:08:fb:1b:
b9:c6:9e:74:6e:cb:de:8f:e5:e2:ea:ab:80:0d:f2:
80:7a:39:7f:d2:cc:f8:60:3d:47:a1:f4:25:60:b2:
ab:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:EA:B9:F9:B8:CA:4A:A8:7B:1F:01:43:52:14:22:7B:82:2F:B8:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470f3c02-20c3-480f-a788-60d7378cea9b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:880::/48
Signature Algorithm: sha256WithRSAEncryption
a3:97:36:f2:71:31:3d:7f:ac:cd:8f:68:6c:c7:99:06:c3:5e:
12:04:94:2d:11:a5:08:fd:bd:2f:0f:14:15:2d:a0:92:ad:e3:
35:a7:e3:7b:16:4f:6b:c2:d7:32:48:ae:d0:fe:68:99:8b:74:
07:ab:4b:cb:f4:90:5a:c0:a5:b8:33:ce:5b:38:d5:b5:60:a0:
7b:e5:a6:15:59:21:ef:7c:d1:91:44:11:8a:26:1a:95:2c:ca:
a6:60:40:d6:a4:d5:5f:a9:d4:77:00:3f:90:a7:21:34:fd:0e:
4d:90:4f:69:0c:b5:01:67:6a:24:42:05:91:78:dd:cc:97:54:
0c:fe:27:59:66:b8:e7:62:da:f0:ed:c8:75:31:9e:36:fe:bd:
0e:e1:96:bc:08:0c:ea:15:ae:f7:22:64:fd:69:31:40:08:ca:
23:b3:00:96:4c:ac:e0:cc:ff:85:aa:2f:72:32:ec:66:85:69:
ed:77:c7:84:e0:2b:d8:9c:c5:00:44:a1:13:de:48:23:1c:88:
00:07:d5:17:68:81:81:98:c9:e8:14:3b:23:f1:2c:1a:14:fb:
88:6a:84:25:48:27:28:12:2c:58:19:09:00:39:45:01:4a:ad:
5a:10:51:18:1a:b0:65:41:e2:0f:b3:bf:3e:ae:d0:2b:fe:07:
57:ad:3d:ee
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaF7diM748SZygz500scDzFaqMT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzEwMjFaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhY2Y0ODYxMzc3ODFiNDE2OWUxNzc5MTA1MjNiYWQ1ZjMzODMyYjBiZjk2
MmFjMTRkMDM3ZTQ1ZjM2YmIxMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKOWYW3k0JF2tb75O2kZ7boQHonCVnyELODN6HyAGtlXrLcjU/kOM+2NgTls
6Wu2e2nIqaWyWgLajKGYDHx/jAyLZgk6IeC5PekDVbIQ6dfoabsSRWN7tN0tBmVR
V0glZr7BoIYO+ZXwMKXhL7/ZbUXN0yx70ApyMf8nbINsb+1n2c9a0GkByOxmH0m1
sJPZTiy4BoeCy4xFJrC5xWeH/uZPoWliVpVDuoAbUaJaYPMXd/LJnDTq5F1tgb6A
w0dsVl5+t5lFLb4X8oztGQtrJXkV4MVBeXVqO249DTtvCPsbucaedG7L3o/l4uqr
gA3ygHo5f9LM+GA9R6H0JWCyq0ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRQ6rn5
uMpKqHsfAUNSFCJ7gi+4qzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDcwZjNjMDItMjBjMy00ODBmLWE3ODgtNjBkNzM3OGNlYTliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8I
gDANBgkqhkiG9w0BAQsFAAOCAQEAo5c28nExPX+szY9obMeZBsNeEgSULRGlCP29
Lw8UFS2gkq3jNafjexZPa8LXMkiu0P5omYt0B6tLy/SQWsCluDPOWzjVtWCge+Wm
FVkh73zRkUQRiiYalSzKpmBA1qTVX6nUdwA/kKchNP0OTZBPaQy1AWdqJEIFkXjd
zJdUDP4nWWa452La8O3IdTGeNv69DuGWvAgM6hWu9yJk/WkxQAjKI7MAlkys4Mz/
haovcjLsZoVp7XfHhOAr2JzFAEShE95IIxyIAAfVF2iBgZjJ6BQ7I/EsGhT7iGqE
JUgnKBIsWBkJADlFAUqtWhBRGBqwZUHiD7O/Pq7QK/4HV6097g==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:28 2025 by rpki-client