Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cf83881-74f7-4033-977b-362e08e8d6d2.roa
File: 4cf83881-74f7-4033-977b-362e08e8d6d2.roa (raw, json)
Hash identifier: n2LTIvvxfsPFXV7qceqlxNzid8+72wYviBYIj3CzEAA=
Subject key identifier: 62:6D:DD:A7:25:CC:6B:D0:A3:83:13:B3:68:CA:62:2B:69:69:82:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4AAC3A9D73F1E7CF788944940D905ADF42810E17
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cf83881-74f7-4033-977b-362e08e8d6d2.roa
Signing time: Fri 01 Aug 2025 17:10:53 +0000
ROA not before: Fri 01 Aug 2025 17:10:53 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:ac:3a:9d:73:f1:e7:cf:78:89:44:94:0d:90:5a:df:42:81:0e:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:10:53 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=be7e3e6dfc99a8241da03bf8413b6fa7c746528539f6f38d9e00625040f4efa5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1c:46:c3:96:d4:9c:aa:75:56:7a:7d:4f:36:
8a:77:4e:0b:44:02:bc:11:16:cf:bf:75:6f:93:b4:
8b:dc:ff:61:42:5d:44:06:9f:5e:75:49:01:ee:16:
6a:3e:e6:c8:c2:96:b6:02:da:54:6e:ce:e8:30:39:
b9:3f:21:21:ce:5f:f8:16:5c:a0:9e:b7:a7:c8:2e:
a6:6b:b1:7b:37:4e:6d:02:e9:8e:3e:65:56:8d:fa:
e5:32:c6:3a:7e:3e:0b:6f:23:2c:8f:3e:81:d2:ee:
6f:ac:3c:4d:12:e3:ff:fe:ea:a6:f4:8c:36:8a:e2:
86:a7:96:59:47:e8:3c:41:91:8e:6f:14:35:15:d6:
da:74:45:90:29:86:d8:52:9e:6a:d7:f1:db:fd:46:
09:51:09:c7:ec:6f:a5:24:20:3d:32:c3:04:53:fd:
db:59:d4:b8:6f:2b:9d:2c:11:bd:d8:6d:a3:8f:b8:
a2:04:36:a2:9e:10:e9:d3:84:b2:28:f6:78:f1:49:
ee:6b:c0:c3:cc:d4:7a:9c:92:ad:b9:8a:4d:7e:38:
20:a2:7e:a1:65:f9:51:6f:cd:ab:54:75:eb:18:e9:
17:35:f3:d2:52:76:50:88:34:86:e7:ca:52:f3:1e:
c4:01:ae:4c:16:d1:02:ec:f0:7d:72:3f:93:7c:f4:
96:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:6D:DD:A7:25:CC:6B:D0:A3:83:13:B3:68:CA:62:2B:69:69:82:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cf83881-74f7-4033-977b-362e08e8d6d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:840::/48
Signature Algorithm: sha256WithRSAEncryption
bf:26:29:46:92:b5:b5:26:7a:73:ea:7c:b8:43:19:41:8a:ef:
22:c8:71:68:a4:4c:36:9d:72:3b:af:31:26:a6:02:85:7e:8c:
cb:3b:16:f5:d6:41:46:77:92:43:d5:3c:86:8f:d4:98:a1:8f:
2b:4f:a8:36:d7:78:dc:cd:e4:11:19:50:81:71:bb:7e:ef:47:
50:2b:f4:e3:25:5f:36:b4:18:a7:d7:38:81:f2:cb:2e:a4:ca:
db:f5:65:d7:4f:6a:21:e1:ef:09:04:e2:12:50:72:f9:f1:78:
9d:bc:fe:f9:31:d9:0a:f6:78:9b:6d:9a:94:a1:71:db:28:0a:
37:25:d9:c4:85:d5:29:73:43:82:0a:ee:63:25:fb:2c:5c:8c:
b2:18:7e:4b:b5:7b:ae:02:11:ba:ac:7f:a8:4c:34:12:e2:8b:
3a:8e:e4:47:72:a9:ce:ff:fb:74:44:62:95:09:9b:f5:3e:31:
16:9a:d7:4b:ac:bf:34:82:83:e9:77:a9:48:dd:26:9d:49:92:
e5:22:8f:72:28:5e:22:a2:c2:7a:b7:89:56:fa:aa:15:81:1e:
b4:9c:e2:a3:c0:40:8d:b7:ea:bd:81:8e:99:f7:eb:59:4b:d8:
d4:64:c4:4b:28:57:d4:3d:bd:f3:d2:51:fc:f4:0c:56:89:2d:
a5:45:bd:54
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSqw6nXPx5894iUSUDZBa30KBDhcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzEwNTNaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlN2UzZTZkZmM5OWE4MjQxZGEwM2JmODQxM2I2ZmE3Yzc0NjUyODUzOWY2
ZjM4ZDllMDA2MjUwNDBmNGVmYTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKocRsOW1JyqdVZ6fU82indOC0QCvBEWz791b5O0i9z/YUJdRAafXnVJAe4W
aj7myMKWtgLaVG7O6DA5uT8hIc5f+BZcoJ63p8gupmuxezdObQLpjj5lVo365TLG
On4+C28jLI8+gdLub6w8TRLj//7qpvSMNorihqeWWUfoPEGRjm8UNRXW2nRFkCmG
2FKeatfx2/1GCVEJx+xvpSQgPTLDBFP921nUuG8rnSwRvdhto4+4ogQ2op4Q6dOE
sij2ePFJ7mvAw8zUepySrbmKTX44IKJ+oWX5UW/Nq1R16xjpFzXz0lJ2UIg0hufK
UvMexAGuTBbRAuzwfXI/k3z0lhUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRibd2n
Jcxr0KODE7NoymIraWmClzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNmODM4ODEtNzRmNy00MDMzLTk3N2ItMzYyZTA4ZThkNmQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII
QDANBgkqhkiG9w0BAQsFAAOCAQEAvyYpRpK1tSZ6c+p8uEMZQYrvIshxaKRMNp1y
O68xJqYChX6MyzsW9dZBRneSQ9U8ho/UmKGPK0+oNtd43M3kERlQgXG7fu9HUCv0
4yVfNrQYp9c4gfLLLqTK2/Vl109qIeHvCQTiElBy+fF4nbz++THZCvZ4m22alKFx
2ygKNyXZxIXVKXNDggruYyX7LFyMshh+S7V7rgIRuqx/qEw0EuKLOo7kR3Kpzv/7
dERilQmb9T4xFprXS6y/NIKD6XepSN0mnUmS5SKPciheIqLCereJVvqqFYEetJzi
o8BAjbfqvYGOmffrWUvY1GTESyhX1D2989JR/PQMVoktpUW9VA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:54:56 2025 by rpki-client