Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8fa5442d-f7b6-4531-9d3e-f61e3e8920e5.roa
File: 8fa5442d-f7b6-4531-9d3e-f61e3e8920e5.roa (raw, json)
Hash identifier: /zb+x5xQqveC1OJQMnDNyFPN/hAbVL7syb5X8OTqJc4=
Subject key identifier: 32:43:DF:D8:62:F6:3C:61:43:85:A1:5D:5A:E6:0A:6E:FD:2C:43:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12A270288B6803B43148C3BDB845A96EBF7A3121
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8fa5442d-f7b6-4531-9d3e-f61e3e8920e5.roa
Signing time: Mon 28 Jul 2025 16:10:02 +0000
ROA not before: Mon 28 Jul 2025 16:10:02 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:a2:70:28:8b:68:03:b4:31:48:c3:bd:b8:45:a9:6e:bf:7a:31:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 28 16:10:02 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=c6aba48b6491197f8c97a653365bd8f84e505dd8c140ced48f9da27702217a07, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ce:d6:ba:02:25:ca:da:e3:cc:b8:a3:f4:06:
a5:e3:7c:a9:f7:de:34:94:2a:da:b2:1f:ed:47:a1:
9f:ee:7b:19:30:2b:cf:a9:7d:9f:58:35:ae:7a:f9:
ae:80:e8:f7:50:59:65:74:41:81:b9:ac:d1:52:bc:
cb:ac:86:6e:b9:d4:b9:f9:25:0a:fd:69:6c:7c:6d:
39:5b:80:0d:70:4f:a4:90:da:f6:45:e4:8f:f6:ee:
cc:74:a9:07:a9:71:e2:dc:cf:f9:2e:04:fe:bf:0f:
58:69:3a:65:46:ea:3d:d3:17:43:8f:d3:9b:a3:4e:
ea:e4:40:dc:b1:37:0d:6d:0f:75:f0:46:10:fd:53:
4f:1b:30:67:a6:e4:17:6c:36:e4:df:df:f0:27:c1:
56:fb:97:d3:70:cc:5d:75:38:61:58:b3:04:1d:24:
ed:a8:18:08:9f:09:b1:5f:f1:22:94:d6:62:03:4a:
91:56:76:16:5a:06:89:05:15:e1:c2:0c:9e:74:7f:
0b:87:da:81:10:3f:54:ac:a2:6d:de:74:80:ea:03:
57:6a:76:f6:ef:ea:2c:94:93:9d:f5:6c:fc:4a:c5:
15:2e:70:15:9b:a7:91:a0:f3:6f:03:6a:67:cc:16:
75:37:a4:24:68:ae:c8:04:22:b0:07:93:39:d5:08:
a8:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:43:DF:D8:62:F6:3C:61:43:85:A1:5D:5A:E6:0A:6E:FD:2C:43:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8fa5442d-f7b6-4531-9d3e-f61e3e8920e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:1000::/40
Signature Algorithm: sha256WithRSAEncryption
87:a1:21:20:99:04:b6:6a:d4:47:5a:ae:e8:7f:88:fb:72:be:
0e:bd:b3:d3:5a:9c:31:a6:96:38:85:e1:fe:bc:6e:2d:52:81:
ab:dc:f9:9c:45:0b:4a:d3:cd:00:2f:4b:87:e1:fd:50:33:92:
1d:a3:49:93:59:98:d7:f3:1b:4e:7d:a2:c6:02:19:47:c3:51:
6c:15:ab:c2:c7:aa:da:28:52:b6:f0:a0:21:83:49:78:7f:35:
1b:92:82:10:66:10:7d:51:85:44:c5:91:76:e5:06:f7:3a:ba:
d9:34:0f:51:54:e3:07:8f:7f:3c:bd:b0:e2:0b:52:5d:45:7c:
09:9b:08:ce:67:b8:ec:78:09:29:22:60:bd:28:0e:ff:64:ea:
9c:d9:e5:39:1d:7e:41:64:39:af:81:64:44:24:70:a0:72:c6:
c1:f8:a0:af:78:ab:ed:74:4b:09:f8:65:34:42:a0:54:5e:01:
bd:98:e0:a5:48:ee:8d:36:87:1c:ab:cd:ca:f9:8d:60:6d:79:
27:9a:8e:3f:08:e2:27:0a:66:40:24:82:3d:7c:8e:2d:57:f1:
24:21:02:9e:8f:a8:2a:98:ea:89:e9:84:ee:4c:57:0f:d8:d8:
50:39:05:91:f9:38:e5:24:f4:56:2b:26:78:0c:f6:b7:6d:0e:
79:3f:26:41
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEqJwKItoA7QxSMO9uEWpbr96MSEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjgxNjEwMDJaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2YWJhNDhiNjQ5MTE5N2Y4Yzk3YTY1MzM2NWJkOGY4NGU1MDVkZDhjMTQw
Y2VkNDhmOWRhMjc3MDIyMTdhMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3O1roCJcra48y4o/QGpeN8qffeNJQq2rIf7Uehn+57GTArz6l9n1g1rnr5
roDo91BZZXRBgbms0VK8y6yGbrnUufklCv1pbHxtOVuADXBPpJDa9kXkj/buzHSp
B6lx4tzP+S4E/r8PWGk6ZUbqPdMXQ4/Tm6NO6uRA3LE3DW0PdfBGEP1TTxswZ6bk
F2w25N/f8CfBVvuX03DMXXU4YVizBB0k7agYCJ8JsV/xIpTWYgNKkVZ2FloGiQUV
4cIMnnR/C4fagRA/VKyibd50gOoDV2p29u/qLJSTnfVs/ErFFS5wFZunkaDzbwNq
Z8wWdTekJGiuyAQisAeTOdUIqIkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQyQ9/Y
YvY8YUOFoV1a5gpu/SxDXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGZhNTQ0MmQtZjdiNi00NTMxLTlkM2UtZjYxZTNlODkyMGU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCHoSEgmQS2atRHWq7of4j7cr4OvbPTWpwxppY4
heH+vG4tUoGr3PmcRQtK080AL0uH4f1QM5Ido0mTWZjX8xtOfaLGAhlHw1FsFavC
x6raKFK28KAhg0l4fzUbkoIQZhB9UYVExZF25Qb3OrrZNA9RVOMHj388vbDiC1Jd
RXwJmwjOZ7jseAkpImC9KA7/ZOqc2eU5HX5BZDmvgWREJHCgcsbB+KCveKvtdEsJ
+GU0QqBUXgG9mOClSO6NNoccq83K+Y1gbXknmo4/COInCmZAJII9fI4tV/EkIQKe
j6gqmOqJ6YTuTFcP2NhQOQWR+TjlJPRWKyZ4DPa3bQ55PyZB
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:58:48 2025 by rpki-client