Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/adb1351f-3dd5-4e4f-8955-1514f42e48e2.roa
File: adb1351f-3dd5-4e4f-8955-1514f42e48e2.roa (raw, json)
Hash identifier: SXO4G0NNUpoqXtvbzz8O8Gh7RdByRf104XOddgGzE9w=
Subject key identifier: D2:39:85:0B:C8:2C:61:13:52:60:A4:57:97:74:8C:AA:A5:D8:0A:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 405C35CFCB4CA02A5D7723EA21ED996946D3E8BD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/adb1351f-3dd5-4e4f-8955-1514f42e48e2.roa
Signing time: Mon 21 Jul 2025 16:40:50 +0000
ROA not before: Mon 21 Jul 2025 16:40:50 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:1080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:5c:35:cf:cb:4c:a0:2a:5d:77:23:ea:21:ed:99:69:46:d3:e8:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 21 16:40:50 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=4fb5c6cf878af1b1d17f83ff5375b5aa123699f0525a75715ea1a3a75d5d2826, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:05:9b:c1:34:0b:c2:b0:80:d7:93:71:17:37:
c0:6d:24:62:86:35:6e:5a:0d:dd:7c:ed:d6:da:79:
c7:79:e9:ac:b8:be:04:9e:3f:7d:a2:fe:e6:61:d3:
d2:d2:47:27:ee:4e:62:30:5d:d4:cd:d9:c9:f3:36:
ac:11:dd:5b:34:34:43:72:db:76:e9:77:4a:81:a4:
74:66:7d:50:cf:9b:cf:24:1e:4d:15:e4:b4:42:84:
4e:a4:4c:c7:89:38:3d:38:3a:81:e3:a6:86:20:30:
f9:1f:76:0d:44:f6:ac:ae:f5:63:24:6a:21:f0:36:
93:e5:ce:c0:53:b2:ed:4a:e8:dd:c9:c1:5a:7e:3b:
18:bb:0f:a3:48:a9:75:f5:48:8f:e0:25:87:ac:db:
2a:57:aa:58:65:f0:b2:e7:ee:f8:55:9a:b8:36:b4:
38:3f:7a:14:79:31:24:bb:66:e0:02:ac:93:d9:f9:
04:ae:ed:25:a4:81:b5:ed:d2:39:98:25:9f:f0:90:
0a:54:fe:ad:4e:a3:ef:1d:89:08:f9:8f:02:63:b3:
b7:7a:85:d3:ce:d9:a6:a1:b6:20:96:20:4d:ae:66:
55:40:71:04:f9:69:29:fc:47:b1:d6:e6:3e:23:ed:
1f:05:a1:57:7f:dd:55:03:71:e4:da:b8:85:a6:e8:
f5:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:39:85:0B:C8:2C:61:13:52:60:A4:57:97:74:8C:AA:A5:D8:0A:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/adb1351f-3dd5-4e4f-8955-1514f42e48e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:1080::/46
Signature Algorithm: sha256WithRSAEncryption
1f:3b:f2:2f:df:b2:e2:8e:64:5d:c0:b0:33:43:33:91:d8:8e:
34:77:17:c6:e2:17:7d:bc:24:41:f7:d6:e2:2d:1a:23:a7:09:
0c:c1:b5:30:bc:3d:ba:5b:20:48:5a:9a:46:22:a0:98:fa:db:
df:be:8a:4d:49:0a:1c:60:86:54:44:a7:ff:51:fd:79:2a:26:
bd:4b:1f:c7:37:02:08:1f:69:13:9c:5d:8d:8c:39:e6:d1:59:
15:56:16:07:11:e6:4d:f1:5e:04:e8:40:95:61:cd:91:91:0f:
89:0c:e4:7f:7d:95:9a:c1:75:27:38:2f:a8:b5:4f:e3:0d:bb:
68:0a:66:db:3e:45:fc:4c:85:0e:cb:3c:7f:24:85:31:61:2d:
54:83:90:22:cb:03:2a:e8:6f:15:1c:4d:9f:a3:fe:71:21:86:
82:cb:2a:e7:db:98:78:8f:32:1e:06:95:6e:13:b2:30:c9:5d:
5a:8b:b5:a8:1c:40:60:92:db:cb:5c:f6:0e:0c:d5:ba:13:10:
54:f4:f5:71:e0:a7:15:5d:17:21:66:cc:ed:4b:79:e2:26:1c:
a3:34:1e:e4:7a:14:69:c8:2d:a2:1a:7e:db:e8:e9:64:d9:91:
46:ba:3a:53:e2:a5:b3:0b:13:13:d8:82:8a:e9:f0:2c:03:1b:
1b:5e:76:20
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQFw1z8tMoCpddyPqIe2ZaUbT6L0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MjExNjQwNTBaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmYjVjNmNmODc4YWYxYjFkMTdmODNmZjUzNzViNWFhMTIzNjk5ZjA1MjVh
NzU3MTVlYTFhM2E3NWQ1ZDI4MjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0Fm8E0C8KwgNeTcRc3wG0kYoY1bloN3Xzt1tp5x3nprLi+BJ4/faL+5mHT
0tJHJ+5OYjBd1M3ZyfM2rBHdWzQ0Q3Lbdul3SoGkdGZ9UM+bzyQeTRXktEKETqRM
x4k4PTg6geOmhiAw+R92DUT2rK71YyRqIfA2k+XOwFOy7Uro3cnBWn47GLsPo0ip
dfVIj+Alh6zbKleqWGXwsufu+FWauDa0OD96FHkxJLtm4AKsk9n5BK7tJaSBte3S
OZgln/CQClT+rU6j7x2JCPmPAmOzt3qF087ZpqG2IJYgTa5mVUBxBPlpKfxHsdbm
PiPtHwWhV3/dVQNx5Nq4habo9R8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTSOYUL
yCxhE1JgpFeXdIyqpdgKKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWRiMTM1MWYtM2RkNS00ZTRmLTg5NTUtMTUxNGY0MmU0OGUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAHzvyL9+y4o5kXcCwM0MzkdiONHcXxuIXfbwk
QffW4i0aI6cJDMG1MLw9ulsgSFqaRiKgmPrb376KTUkKHGCGVESn/1H9eSomvUsf
xzcCCB9pE5xdjYw55tFZFVYWBxHmTfFeBOhAlWHNkZEPiQzkf32VmsF1JzgvqLVP
4w27aApm2z5F/EyFDss8fySFMWEtVIOQIssDKuhvFRxNn6P+cSGGgssq59uYeI8y
HgaVbhOyMMldWou1qBxAYJLby1z2DgzVuhMQVPT1ceCnFV0XIWbM7Ut54iYcozQe
5HoUacgtohp+2+jpZNmRRro6U+KlswsTE9iCiunwLAMbG152IA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:55:27 2025 by rpki-client