Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
File: 4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa (raw, json)
Hash identifier: aK8ClaM+ghutcV5x3sh37JPCTzeRqRPHwAa7rKba5M4=
Subject key identifier: 41:7E:D0:CB:02:DA:2C:CF:47:A3:2B:DE:96:BA:3A:00:09:20:93:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7CFDA37466903CE42D6365C7072C80AF12C61D81
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
Signing time: Mon 28 Jul 2025 16:10:08 +0000
ROA not before: Mon 28 Jul 2025 16:10:08 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:fd:a3:74:66:90:3c:e4:2d:63:65:c7:07:2c:80:af:12:c6:1d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:08 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=063a2c240da2b7c7ad8f0eed9b4cf54c7b0fda4e2f508ce337685f394e3454e5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:be:61:01:d2:90:18:0e:ca:d8:1d:f0:ff:93:
f4:46:52:ab:49:43:3b:49:39:7c:8b:fd:03:14:2a:
ed:4e:59:2c:d7:cd:e7:97:43:05:2e:25:b0:96:52:
63:4c:bd:4f:34:4b:e4:2c:2c:f4:67:7f:d8:c8:48:
78:b3:e9:d8:4a:5b:11:83:5e:1e:6b:53:30:46:8e:
c9:b7:dc:d3:00:0c:2a:21:de:6c:36:d6:b9:2d:66:
43:78:7e:22:f9:cc:50:4d:08:db:da:d2:aa:5f:c6:
4d:60:68:2a:c3:bf:00:bb:4b:fd:3c:7a:2e:27:86:
21:a5:1a:8a:bc:2e:7f:f5:cb:48:ba:0d:2b:16:23:
d6:7b:07:ca:48:28:5d:22:b4:2d:8a:3c:2e:2e:46:
78:fb:03:0a:86:47:1d:fc:06:6c:d8:b3:29:f7:f3:
94:e2:4c:12:4e:f3:29:94:33:a5:21:46:df:ed:4f:
16:d7:75:b9:b0:cc:c4:77:26:ee:aa:f3:02:3c:8c:
46:ff:9f:35:bf:b9:bb:a6:93:f2:e0:74:f3:3e:ea:
03:91:84:54:4b:98:42:28:85:48:30:ce:d7:32:b2:
ad:c5:ec:a1:16:7d:20:1f:d5:17:2f:a2:55:6d:ea:
4b:fb:32:90:62:1c:4c:06:02:6f:9e:75:3a:e7:07:
24:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:7E:D0:CB:02:DA:2C:CF:47:A3:2B:DE:96:BA:3A:00:09:20:93:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:a000::/40
Signature Algorithm: sha256WithRSAEncryption
00:64:f0:1a:1e:57:fa:fc:c9:ef:e7:de:aa:42:e9:8a:94:2a:
e2:2c:14:01:6f:ac:67:ff:80:84:42:48:e1:d8:a0:07:08:7e:
72:fe:0b:b8:10:7d:77:aa:cf:c6:b3:d8:26:c3:b8:36:00:f2:
21:85:29:43:c1:80:5c:ea:36:06:05:1e:33:4a:53:0a:fd:67:
b0:9d:df:23:ee:fa:03:91:b7:f2:13:26:34:00:c5:6e:c2:40:
a4:74:c6:31:16:7c:b7:1b:00:6c:c8:13:fd:11:eb:1f:30:c9:
db:aa:7f:b1:93:83:7a:5b:37:b6:b6:a1:f7:b0:90:6f:52:b5:
6f:1d:1e:21:9f:ac:15:4f:be:8d:11:79:bc:fc:b4:da:af:10:
0f:ac:6c:6d:a1:ae:92:49:55:a8:75:a9:1a:74:9e:6a:99:1c:
d6:58:79:04:f6:f4:26:94:84:75:5e:62:a0:c1:62:72:5c:ea:
21:02:d3:a1:f3:1e:32:c9:e4:ef:83:46:fc:d9:d6:1f:7e:f1:
65:72:cc:fa:94:53:20:2b:fb:05:ed:37:97:9a:bb:d0:00:66:
1c:d7:72:11:d6:56:fe:9c:0b:37:57:e1:68:82:01:d4:5f:15:
c5:d3:f7:8a:9c:54:83:9d:75:ad:c5:b4:0b:79:bb:02:a7:55:
a2:42:fb:d4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfP2jdGaQPOQtY2XHByyArxLGHYEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMDhaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2M2EyYzI0MGRhMmI3YzdhZDhmMGVlZDliNGNmNTRjN2IwZmRhNGUyZjUw
OGNlMzM3Njg1ZjM5NGUzNDU0ZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOK+YQHSkBgOytgd8P+T9EZSq0lDO0k5fIv9AxQq7U5ZLNfN55dDBS4lsJZS
Y0y9TzRL5Cws9Gd/2MhIeLPp2EpbEYNeHmtTMEaOybfc0wAMKiHebDbWuS1mQ3h+
IvnMUE0I29rSql/GTWBoKsO/ALtL/Tx6LieGIaUairwuf/XLSLoNKxYj1nsHykgo
XSK0LYo8Li5GePsDCoZHHfwGbNizKffzlOJMEk7zKZQzpSFG3+1PFtd1ubDMxHcm
7qrzAjyMRv+fNb+5u6aT8uB08z7qA5GEVEuYQiiFSDDO1zKyrcXsoRZ9IB/VFy+i
VW3qS/sykGIcTAYCb551OucHJKkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRBftDL
Atosz0ejK96WujoACSCTkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGJhNTRlNGYtMDI5NC00ZTgzLTgwMzctN2QyNjZjMzdmMGM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCg
MA0GCSqGSIb3DQEBCwUAA4IBAQAAZPAaHlf6/Mnv596qQumKlCriLBQBb6xn/4CE
Qkjh2KAHCH5y/gu4EH13qs/Gs9gmw7g2APIhhSlDwYBc6jYGBR4zSlMK/Wewnd8j
7voDkbfyEyY0AMVuwkCkdMYxFny3GwBsyBP9EesfMMnbqn+xk4N6Wze2tqH3sJBv
UrVvHR4hn6wVT76NEXm8/LTarxAPrGxtoa6SSVWodakadJ5qmRzWWHkE9vQmlIR1
XmKgwWJyXOohAtOh8x4yyeTvg0b82dYffvFlcsz6lFMgK/sF7TeXmrvQAGYc13IR
1lb+nAs3V+FoggHUXxXF0/eKnFSDnXWtxbQLebsCp1WiQvvU
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:55 2025 by rpki-client