Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cb86308-98a0-48e5-8825-d398c0ce8099.roa
File: 4cb86308-98a0-48e5-8825-d398c0ce8099.roa (raw, json)
Hash identifier: xeAWQee0jZfQxO6uKMR4JVVLwryUu5RG0/b0Pip/ZBU=
Subject key identifier: D1:36:61:C3:9F:30:7F:8C:FD:A2:EF:27:E2:32:15:30:A0:79:D1:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 06442D1EA6D3E98642BF450214BA00729770D268
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cb86308-98a0-48e5-8825-d398c0ce8099.roa
Signing time: Fri 11 Jul 2025 19:20:53 +0000
ROA not before: Fri 11 Jul 2025 19:20:53 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:44:2d:1e:a6:d3:e9:86:42:bf:45:02:14:ba:00:72:97:70:d2:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:20:53 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=add2658c302c989416e408a83b3af5cc5973eceb6c84975a67aa8029b2e2a2ee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:95:64:9f:1d:39:2f:fa:16:f5:a9:f3:58:f6:
07:74:ed:ac:4d:e9:c0:fc:a2:20:ff:1f:85:24:0d:
3f:41:1f:36:1b:1c:04:f9:7b:5d:0a:c9:d6:2f:5f:
02:b2:ba:1e:cb:85:52:78:0a:86:ab:b2:4b:ff:8a:
bf:c5:67:ce:62:c5:97:21:84:01:46:ab:ff:c6:c9:
b3:fd:86:78:86:4a:bf:ba:8f:56:cb:66:8a:3d:4d:
8d:c7:65:a3:cd:a7:1f:d1:6d:23:8a:36:d2:be:ce:
22:db:51:29:d6:87:e0:95:74:ce:3d:2a:85:f4:d9:
73:c1:80:0c:70:3c:8d:ff:ce:38:d3:6d:20:88:24:
5c:75:ad:4f:a5:43:37:14:05:03:58:79:bd:d6:a8:
c5:37:3a:e3:20:7f:1d:4c:72:07:7c:1a:f6:8f:71:
ee:95:1a:d4:bc:29:3a:58:6c:7f:0c:b4:19:76:1d:
5e:73:49:20:e3:b7:98:c1:f6:ec:88:3e:41:f2:70:
dc:a0:87:4f:de:ea:25:5e:75:99:7b:75:74:fa:92:
f9:8e:df:48:18:9b:b2:28:54:c0:99:6e:da:40:fa:
d6:96:e7:da:0a:02:6d:f8:ab:a4:b6:64:6e:0c:a9:
6d:f3:b2:9a:b0:4c:c4:b6:35:39:24:71:7a:07:62:
be:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:36:61:C3:9F:30:7F:8C:FD:A2:EF:27:E2:32:15:30:A0:79:D1:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cb86308-98a0-48e5-8825-d398c0ce8099.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:5080::/48
Signature Algorithm: sha256WithRSAEncryption
4e:ea:6b:25:82:ae:73:75:f1:29:53:53:83:56:be:6f:aa:96:
fc:5b:9a:34:52:05:4c:e2:b6:33:9a:c3:56:2c:63:cd:42:b8:
73:f5:c2:d5:d3:83:a9:1a:97:a2:0f:45:07:b7:02:c6:8e:f1:
76:8b:4e:75:ff:65:a1:eb:27:b0:01:f7:75:b3:14:e7:05:e4:
75:e7:75:95:65:2f:0c:3e:97:f3:e6:51:02:bb:ec:ee:2f:8d:
e9:c8:d3:48:35:4d:39:7a:d3:9f:a5:33:73:ba:a9:ad:37:12:
6e:75:53:0b:5b:85:23:b5:38:e2:d5:58:9e:d2:3a:fc:82:65:
62:9a:11:80:e7:ed:1e:55:f1:80:70:7a:c4:28:dd:7e:f6:45:
bc:bc:da:bb:91:5a:72:13:aa:ea:26:c4:7c:3c:4f:a0:dc:37:
6f:d5:c8:98:4e:1a:00:7d:25:cc:14:41:31:bd:ad:4c:5f:63:
07:d0:3d:b6:02:18:66:0f:72:e1:e7:83:3e:7a:d8:c5:f9:da:
6a:04:e2:65:89:91:d5:be:47:dc:f0:dc:5b:16:97:a9:de:bb:
6a:3c:cc:47:67:8a:e7:76:e7:3f:93:c6:c9:f9:a9:e9:0d:a4:
ab:23:13:0d:13:84:48:96:3e:79:4d:13:30:32:cc:e6:ab:1b:
b6:ed:1e:d3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBkQtHqbT6YZCv0UCFLoAcpdw0mgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIwNTNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkZDI2NThjMzAyYzk4OTQxNmU0MDhhODNiM2FmNWNjNTk3M2VjZWI2Yzg0
OTc1YTY3YWE4MDI5YjJlMmEyZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOVZJ8dOS/6FvWp81j2B3TtrE3pwPyiIP8fhSQNP0EfNhscBPl7XQrJ1i9f
ArK6HsuFUngKhquyS/+Kv8VnzmLFlyGEAUar/8bJs/2GeIZKv7qPVstmij1Njcdl
o82nH9FtI4o20r7OIttRKdaH4JV0zj0qhfTZc8GADHA8jf/OONNtIIgkXHWtT6VD
NxQFA1h5vdaoxTc64yB/HUxyB3wa9o9x7pUa1LwpOlhsfwy0GXYdXnNJIOO3mMH2
7Ig+QfJw3KCHT97qJV51mXt1dPqS+Y7fSBibsihUwJlu2kD61pbn2goCbfirpLZk
bgypbfOymrBMxLY1OSRxegdivscCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTRNmHD
nzB/jP2i7yfiMhUwoHnRRDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNiODYzMDgtOThhMC00OGU1LTg4MjUtZDM5OGMwY2U4MDk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABQ
gDANBgkqhkiG9w0BAQsFAAOCAQEATuprJYKuc3XxKVNTg1a+b6qW/FuaNFIFTOK2
M5rDVixjzUK4c/XC1dODqRqXog9FB7cCxo7xdotOdf9loesnsAH3dbMU5wXkded1
lWUvDD6X8+ZRArvs7i+N6cjTSDVNOXrTn6Uzc7qprTcSbnVTC1uFI7U44tVYntI6
/IJlYpoRgOftHlXxgHB6xCjdfvZFvLzau5FachOq6ibEfDxPoNw3b9XImE4aAH0l
zBRBMb2tTF9jB9A9tgIYZg9y4eeDPnrYxfnaagTiZYmR1b5H3PDcWxaXqd67ajzM
R2eK53bnP5PGyfmp6Q2kqyMTDROESJY+eU0TMDLM5qsbtu0e0w==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:45:00 2025 by rpki-client