Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91473fe5-f129-48d9-8d23-63d62cec663a.roa
File: 91473fe5-f129-48d9-8d23-63d62cec663a.roa (raw, json)
Hash identifier: mQDO4yLLfWmbRlaIV5S4igxNc2qpNEW6oc/N5SsLd2s=
Subject key identifier: 1F:6A:21:90:96:CE:E2:1D:CC:B0:30:1E:82:5B:D3:86:9F:36:5A:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47A31CE12552A14F5560CB2A55B5AB07CB2F188B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91473fe5-f129-48d9-8d23-63d62cec663a.roa
Signing time: Fri 01 Aug 2025 17:10:56 +0000
ROA not before: Fri 01 Aug 2025 17:10:56 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:a3:1c:e1:25:52:a1:4f:55:60:cb:2a:55:b5:ab:07:cb:2f:18:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 1 17:10:56 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=60126d2c247b9de9432021bdab0566e6847ac1c431bd2b9406101ebc2f224cd3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c7:32:e6:b5:24:a9:1f:d3:9d:e4:1b:4e:0a:
d0:ee:96:8f:62:3e:a8:3d:79:f5:47:e0:98:07:44:
1d:56:44:f0:46:c9:41:06:a6:22:0a:dc:70:03:e5:
9d:f5:cb:17:9d:52:89:8a:66:42:63:bb:59:56:0b:
5b:fe:cf:41:eb:f3:9f:c8:08:73:f7:48:54:1a:fd:
81:20:e9:2e:7d:9d:ce:b1:82:a5:d3:b9:db:a9:1d:
56:4c:47:e3:e9:cf:a1:24:12:fe:9f:03:8f:c9:2c:
01:6b:a6:39:7e:d0:fc:40:c2:b7:bb:f2:53:6b:49:
bd:1b:ed:71:09:e0:df:bc:da:bf:72:b3:7f:9c:0c:
27:11:be:c4:2a:c7:0f:c0:5a:7b:04:e0:17:f8:c6:
55:5d:75:8b:9f:1d:8d:e3:28:4a:8b:c9:43:2d:f5:
d6:ad:24:8a:b5:04:7a:0c:8a:93:62:77:58:32:44:
74:a0:87:45:0a:89:e1:05:f0:55:8d:7b:f5:dc:90:
cc:8d:53:f8:24:8a:7b:20:67:85:fa:cd:e0:e8:c2:
99:20:4d:d4:bb:dc:95:81:0b:d2:22:ae:fc:2f:fa:
d0:5d:fe:99:76:f5:4e:5d:b0:be:62:38:ce:d8:5f:
dd:c3:57:72:c7:11:6d:80:2a:8d:2d:db:31:c7:66:
47:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:6A:21:90:96:CE:E2:1D:CC:B0:30:1E:82:5B:D3:86:9F:36:5A:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91473fe5-f129-48d9-8d23-63d62cec663a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:840::/48
Signature Algorithm: sha256WithRSAEncryption
a4:d1:71:b9:63:a9:58:bf:e8:ac:41:e1:16:b5:77:25:e9:d7:
d6:30:9d:bb:45:b5:74:31:c8:0e:4d:99:e6:1c:b0:1b:78:41:
ca:2d:54:06:8a:54:58:6c:e9:34:04:80:7e:df:d9:22:82:4e:
d1:88:6a:1f:1b:13:94:30:05:a3:7a:04:b2:61:e7:67:04:4a:
20:4e:28:79:ad:d9:ad:d8:93:70:e1:ea:c0:df:32:a9:43:8f:
1a:97:18:e8:7f:37:e0:bc:0d:6a:14:8a:c7:25:d1:7b:6e:65:
86:e8:30:01:c2:73:25:b2:e7:32:2f:1b:93:c9:00:98:41:57:
09:05:4a:a0:01:1c:d9:63:a1:26:49:1b:2f:11:4c:0e:b6:ec:
4b:02:de:12:f5:cc:7b:d2:06:6e:ce:e7:93:3f:88:98:fb:45:
f2:9a:53:34:13:76:55:07:7c:d5:74:ad:2c:c9:02:87:77:16:
06:4a:07:e6:33:2d:c3:7b:4e:02:45:80:c0:a9:24:5c:75:4a:
55:38:f9:5c:96:9b:64:8b:01:a6:0e:b1:38:99:86:fb:5a:f7:
0c:63:c0:46:1d:98:7e:79:51:e9:66:12:d0:ad:4f:4d:b7:4f:
01:b0:52:4e:29:c7:f2:72:3a:00:c9:bf:a8:3e:04:08:1f:0b:
a0:44:4f:83
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUR6Mc4SVSoU9VYMsqVbWrB8svGIswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDExNzEwNTZaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwMTI2ZDJjMjQ3YjlkZTk0MzIwMjFiZGFiMDU2NmU2ODQ3YWMxYzQzMWJk
MmI5NDA2MTAxZWJjMmYyMjRjZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJHHMua1JKkf053kG04K0O6Wj2I+qD159UfgmAdEHVZE8EbJQQamIgrccAPl
nfXLF51SiYpmQmO7WVYLW/7PQevzn8gIc/dIVBr9gSDpLn2dzrGCpdO526kdVkxH
4+nPoSQS/p8Dj8ksAWumOX7Q/EDCt7vyU2tJvRvtcQng37zav3Kzf5wMJxG+xCrH
D8BaewTgF/jGVV11i58djeMoSovJQy311q0kirUEegyKk2J3WDJEdKCHRQqJ4QXw
VY179dyQzI1T+CSKeyBnhfrN4OjCmSBN1LvclYEL0iKu/C/60F3+mXb1Tl2wvmI4
zthf3cNXcscRbYAqjS3bMcdmRykCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQfaiGQ
ls7iHcywMB6CW9OGnzZaGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTE0NzNmZTUtZjEyOS00OGQ5LThkMjMtNjNkNjJjZWM2NjNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DgI
QDANBgkqhkiG9w0BAQsFAAOCAQEApNFxuWOpWL/orEHhFrV3JenX1jCdu0W1dDHI
Dk2Z5hywG3hByi1UBopUWGzpNASAft/ZIoJO0YhqHxsTlDAFo3oEsmHnZwRKIE4o
ea3ZrdiTcOHqwN8yqUOPGpcY6H834LwNahSKxyXRe25lhugwAcJzJbLnMi8bk8kA
mEFXCQVKoAEc2WOhJkkbLxFMDrbsSwLeEvXMe9IGbs7nkz+ImPtF8ppTNBN2VQd8
1XStLMkCh3cWBkoH5jMtw3tOAkWAwKkkXHVKVTj5XJabZIsBpg6xOJmG+1r3DGPA
Rh2YfnlR6WYS0K1PTbdPAbBSTinH8nI6AMm/qD4ECB8LoERPgw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:21 2025 by rpki-client