Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4622ab3d-f2d8-4bec-a18b-b056342928a8.roa
File: 4622ab3d-f2d8-4bec-a18b-b056342928a8.roa (raw, json)
Hash identifier: 6PBpr+0Ffv/CvvAuIbcHa+eqIaeGcpcDQMmauwJ/ejU=
Subject key identifier: C7:53:39:F5:54:0E:10:4C:16:2C:E3:53:10:FA:81:A9:73:82:F7:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34C4622C34E82C0FC31D810E324313E356D45AD5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4622ab3d-f2d8-4bec-a18b-b056342928a8.roa
Signing time: Mon 01 Sep 2025 19:41:09 +0000
ROA not before: Mon 01 Sep 2025 19:41:09 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:a080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:c4:62:2c:34:e8:2c:0f:c3:1d:81:0e:32:43:13:e3:56:d4:5a:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:41:09 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=2b24ce65a19069e60bdadc0c74f38ae6606fdf14e019fccf4d41e4fe2c78bcd8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:af:b7:b2:78:1a:c4:e4:3c:76:5c:64:65:99:
1e:ea:b6:2e:44:e3:dc:33:4d:76:13:2d:a4:5f:28:
b1:f0:52:5f:43:9b:3a:58:78:7e:cb:e2:ae:41:18:
32:0d:31:fb:07:15:8c:eb:f2:d2:85:fb:c1:b6:ff:
9c:b1:12:97:6b:a0:1e:7e:8e:47:27:4c:f5:2e:ef:
79:28:70:5d:21:94:78:0d:69:68:63:9e:43:d5:75:
55:b3:55:56:aa:f4:57:9f:8e:57:3d:d4:27:c2:8d:
0b:b4:3c:5a:08:6b:32:bf:5d:9f:1f:8d:3c:09:ef:
e2:12:62:4e:11:2f:48:1c:0e:1c:7a:c5:d8:75:bd:
07:c2:9b:ed:e3:07:5d:6d:2d:c2:49:f4:aa:7f:ed:
4b:c0:31:c4:22:59:ca:0b:a6:74:75:5a:80:78:b6:
03:df:6f:c4:74:9f:dc:48:1a:78:b2:99:ee:50:df:
02:f3:5f:00:da:a1:1a:fc:71:a7:44:43:91:40:27:
c6:d7:15:ac:a4:be:d5:41:69:f3:73:2c:54:40:58:
f0:ac:df:f6:ff:08:ef:32:d9:4d:3f:d3:d7:d8:38:
77:0e:5e:6a:d1:03:0f:52:75:34:9e:ce:c6:67:fc:
91:05:1a:bc:be:4d:e4:31:a9:d0:ac:0d:c7:1a:28:
8e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:53:39:F5:54:0E:10:4C:16:2C:E3:53:10:FA:81:A9:73:82:F7:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4622ab3d-f2d8-4bec-a18b-b056342928a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:a080::/48
Signature Algorithm: sha256WithRSAEncryption
42:59:0b:e5:e2:a4:73:7e:1d:c0:46:7a:35:c3:d6:27:27:11:
55:4f:aa:70:1f:4f:73:ca:20:93:2c:e8:cc:77:56:c0:be:80:
38:68:2d:a7:e9:de:dc:67:70:86:b2:c1:41:ff:80:57:9a:1b:
2d:2b:5e:fc:bd:fb:63:3f:da:2a:8d:41:44:e3:85:fc:fe:eb:
81:cb:ec:67:c5:f1:9b:89:fe:6d:20:2d:2b:f0:bc:00:bc:12:
32:0f:e0:80:b7:7d:f9:78:8b:cb:1e:00:b6:4a:f7:66:2a:6d:
d7:02:67:a9:ca:3f:2b:8a:72:63:f6:b9:7f:06:9c:dc:46:1b:
63:f2:8f:94:16:ea:85:5e:60:4a:3d:6a:6d:b6:54:85:bf:d9:
b7:0b:c2:1e:ad:78:ce:02:05:5a:f1:ae:cc:3a:2b:85:c4:2d:
cb:10:2b:1c:09:31:57:45:2b:ef:1b:2c:20:a5:c4:38:2d:d0:
7c:51:a3:14:82:96:44:af:63:8b:89:16:78:c9:a9:0d:0a:7b:
5c:1a:1e:4b:af:89:02:fd:49:c2:d4:84:36:1b:32:e4:1c:8c:
6e:ee:1b:5c:3c:a1:fc:f5:af:db:4f:0a:59:f6:0c:31:d7:95:
60:77:3e:3d:e7:ea:e4:e9:af:ff:b4:30:a7:ca:98:23:68:fe:
0f:c5:17:6b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNMRiLDToLA/DHYEOMkMT41bUWtUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTQxMDlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiMjRjZTY1YTE5MDY5ZTYwYmRhZGMwYzc0ZjM4YWU2NjA2ZmRmMTRlMDE5
ZmNjZjRkNDFlNGZlMmM3OGJjZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyvt7J4GsTkPHZcZGWZHuq2LkTj3DNNdhMtpF8osfBSX0ObOlh4fsvirkEY
Mg0x+wcVjOvy0oX7wbb/nLESl2ugHn6ORydM9S7veShwXSGUeA1paGOeQ9V1VbNV
Vqr0V5+OVz3UJ8KNC7Q8WghrMr9dnx+NPAnv4hJiThEvSBwOHHrF2HW9B8Kb7eMH
XW0twkn0qn/tS8AxxCJZygumdHVagHi2A99vxHSf3EgaeLKZ7lDfAvNfANqhGvxx
p0RDkUAnxtcVrKS+1UFp83MsVEBY8Kzf9v8I7zLZTT/T19g4dw5eatEDD1J1NJ7O
xmf8kQUavL5N5DGp0KwNxxoojukCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTHUzn1
VA4QTBYs41MQ+oGpc4L34TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDYyMmFiM2QtZjJkOC00YmVjLWExOGItYjA1NjM0MjkyOGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGg
gDANBgkqhkiG9w0BAQsFAAOCAQEAQlkL5eKkc34dwEZ6NcPWJycRVU+qcB9Pc8og
kyzozHdWwL6AOGgtp+ne3GdwhrLBQf+AV5obLSte/L37Yz/aKo1BROOF/P7rgcvs
Z8Xxm4n+bSAtK/C8ALwSMg/ggLd9+XiLyx4Atkr3Zipt1wJnqco/K4pyY/a5fwac
3EYbY/KPlBbqhV5gSj1qbbZUhb/ZtwvCHq14zgIFWvGuzDorhcQtyxArHAkxV0Ur
7xssIKXEOC3QfFGjFIKWRK9ji4kWeMmpDQp7XBoeS6+JAv1JwtSENhsy5ByMbu4b
XDyh/PWv208KWfYMMdeVYHc+Pefq5Omv/7Qwp8qYI2j+D8UXaw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:28 2025 by rpki-client