Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4f5beeeb-9d92-4f06-bd20-3e902727e44b.roa
File: 4f5beeeb-9d92-4f06-bd20-3e902727e44b.roa (raw, json)
Hash identifier: 6bHJq/66BYkYShbOwXBWPGadcUwZgnnvaKiPsQlilpI=
Subject key identifier: 48:44:11:C6:E3:EB:69:EE:CB:68:8F:C6:53:66:04:11:F0:66:3E:FA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B2D47261FAFF264FDD68F9972AA1C7C1D89EC20
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4f5beeeb-9d92-4f06-bd20-3e902727e44b.roa
Signing time: Wed 30 Jul 2025 20:07:29 +0000
ROA not before: Wed 30 Jul 2025 20:07:29 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:2d:47:26:1f:af:f2:64:fd:d6:8f:99:72:aa:1c:7c:1d:89:ec:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 30 20:07:29 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=f2c1136f32f4c01795a80dfefc5f9da7b5a83e33ea574ea90206aa8a0bc8b91a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ec:d2:84:48:2d:69:19:0c:82:af:23:ae:74:
5e:1f:29:d8:1b:f2:bf:ff:5a:c1:bc:8f:68:81:c0:
f7:ca:e5:72:12:30:9b:95:bb:94:e7:1c:6a:f3:02:
40:31:8f:64:8b:ad:f4:57:31:53:58:a6:3d:01:46:
c8:9d:c4:0c:dc:a9:81:df:39:f8:db:f4:bd:1d:93:
42:f0:81:a4:e0:34:74:dc:4b:e1:32:92:40:19:15:
b3:2a:ac:21:99:e3:9f:e3:29:b4:00:6a:1b:5d:4c:
4c:31:37:ea:20:ac:e9:ca:97:31:8c:d8:ab:b7:e7:
fe:6f:8e:73:62:04:a6:5d:2d:75:06:5a:a2:a1:e5:
cd:17:ba:e1:43:ae:02:7c:c0:5b:98:39:4b:2e:1e:
41:70:81:e7:57:3e:0f:df:a9:c8:de:4c:f4:c9:97:
d6:93:26:72:64:cf:ae:81:63:c7:ac:89:39:22:b9:
e1:a1:04:02:43:47:12:1c:a8:46:1f:52:ec:f0:16:
82:fc:b6:99:e7:02:d0:eb:eb:7d:5a:e5:ac:da:e0:
6d:9d:4d:ab:c2:cc:07:bc:e8:c2:26:c1:0d:cc:97:
ad:55:82:14:8d:b8:b6:c4:ba:bf:c6:45:f1:a2:64:
3b:e6:d6:5e:cb:68:ed:84:bb:f2:67:2d:c7:43:3b:
d0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:44:11:C6:E3:EB:69:EE:CB:68:8F:C6:53:66:04:11:F0:66:3E:FA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4f5beeeb-9d92-4f06-bd20-3e902727e44b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:800::/40
Signature Algorithm: sha256WithRSAEncryption
9b:91:6d:ce:bc:07:80:1f:1e:84:eb:15:bd:8a:85:56:98:b7:
45:18:58:65:64:57:f2:f6:91:33:3c:9e:4a:44:30:85:e1:7c:
9c:ad:17:97:3c:e4:e0:5b:1f:0a:d0:e7:46:e7:9d:aa:42:91:
f7:29:41:76:77:66:b8:3c:54:b8:9a:2f:80:68:a7:40:2d:3f:
c8:32:bb:74:45:ff:55:0b:6a:af:bd:cf:e6:a2:e4:e7:d2:9f:
fd:24:bc:5f:d1:8e:19:e1:7f:60:97:41:37:8a:dc:bf:10:00:
92:20:9a:6c:c3:c4:2e:69:88:51:9b:98:ba:46:f3:0c:fb:aa:
ae:24:53:23:16:b4:bf:a6:ba:87:52:8d:95:27:d3:f4:be:65:
9e:d8:ef:f0:65:bf:1e:48:bd:df:7f:74:6f:92:a1:f3:65:e1:
0e:02:e3:a0:f8:50:22:7d:36:9f:bd:86:74:a2:f0:e9:b5:70:
56:cb:83:b3:38:4f:63:e8:11:84:ba:bb:c0:6d:10:c3:46:ff:
85:c5:f4:92:26:7f:d0:a8:00:d7:a8:9e:34:0d:42:b2:b8:a5:
19:b9:53:44:e0:43:ac:b6:35:5b:7f:31:0a:cd:4e:7f:a1:15:
7f:74:22:66:3a:95:4b:1b:01:d8:f4:71:41:90:ce:a4:8f:3a:
da:4f:e1:f1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUey1HJh+v8mT91o+ZcqocfB2J7CAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MzAyMDA3MjlaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyYzExMzZmMzJmNGMwMTc5NWE4MGRmZWZjNWY5ZGE3YjVhODNlMzNlYTU3
NGVhOTAyMDZhYThhMGJjOGI5MWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANns0oRILWkZDIKvI650Xh8p2Bvyv/9awbyPaIHA98rlchIwm5W7lOccavMC
QDGPZIut9FcxU1imPQFGyJ3EDNypgd85+Nv0vR2TQvCBpOA0dNxL4TKSQBkVsyqs
IZnjn+MptABqG11MTDE36iCs6cqXMYzYq7fn/m+Oc2IEpl0tdQZaoqHlzRe64UOu
AnzAW5g5Sy4eQXCB51c+D9+pyN5M9MmX1pMmcmTProFjx6yJOSK54aEEAkNHEhyo
Rh9S7PAWgvy2mecC0OvrfVrlrNrgbZ1Nq8LMB7zowibBDcyXrVWCFI24tsS6v8ZF
8aJkO+bWXsto7YS78mctx0M70KMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRIRBHG
4+tp7stoj8ZTZgQR8GY++jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGY1YmVlZWItOWQ5Mi00ZjA2LWJkMjAtM2U5MDI3MjdlNDRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HsI
MA0GCSqGSIb3DQEBCwUAA4IBAQCbkW3OvAeAHx6E6xW9ioVWmLdFGFhlZFfy9pEz
PJ5KRDCF4XycrReXPOTgWx8K0OdG552qQpH3KUF2d2a4PFS4mi+AaKdALT/IMrt0
Rf9VC2qvvc/mouTn0p/9JLxf0Y4Z4X9gl0E3ity/EACSIJpsw8QuaYhRm5i6RvMM
+6quJFMjFrS/prqHUo2VJ9P0vmWe2O/wZb8eSL3ff3RvkqHzZeEOAuOg+FAifTaf
vYZ0ovDptXBWy4OzOE9j6BGEurvAbRDDRv+FxfSSJn/QqADXqJ40DUKyuKUZuVNE
4EOstjVbfzEKzU5/oRV/dCJmOpVLGwHY9HFBkM6kjzraT+Hx
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:21 2025 by rpki-client