Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4abf1b04-0256-404f-a4c7-5d1c2c8ad9b7.roa
File: 4abf1b04-0256-404f-a4c7-5d1c2c8ad9b7.roa (raw, json)
Hash identifier: HDbxLTJ3hChXNBXi4wxtreMMj88r0onAnFWcilP6dJk=
Subject key identifier: BA:C8:A6:2E:8C:7E:61:10:ED:EE:22:B5:0A:E4:95:B6:82:CD:A4:FA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35E6DB86E686382330B07EFFBA8CD75036CEBE58
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4abf1b04-0256-404f-a4c7-5d1c2c8ad9b7.roa
Signing time: Thu 04 Sep 2025 19:51:56 +0000
ROA not before: Thu 04 Sep 2025 19:51:56 +0000
ROA not after: Thu 09 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d034:6040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:e6:db:86:e6:86:38:23:30:b0:7e:ff:ba:8c:d7:50:36:ce:be:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 4 19:51:56 2025 GMT
Not After : Oct 9 23:59:59 2025 GMT
Subject: serialNumber=124b86e960cb21cc79fd0340088e54dbec5828872d546d1fd5bc6f3296f7b0d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c2:60:e0:49:9d:b0:52:60:59:78:85:06:31:
da:ef:57:10:4f:c7:22:35:3a:37:49:0a:6d:5c:fb:
06:6f:10:ba:19:96:83:4e:4c:d6:b2:04:7a:8a:0f:
a8:cd:73:39:dc:69:b0:84:2f:f2:85:5b:1f:7d:1b:
35:b9:77:0d:da:ce:ac:a5:c3:82:e3:3a:48:96:1d:
4b:c8:0d:65:bd:fa:f6:b9:b9:7e:4e:77:8a:06:5c:
41:ea:0f:b9:e2:35:c9:af:20:94:7d:8f:fb:86:8c:
dc:f0:fd:36:eb:ad:5b:ac:9c:4c:3a:73:46:20:c8:
2c:0b:8a:2f:eb:a9:f5:66:29:21:09:3d:a6:e4:a6:
76:d6:ad:be:8f:19:4b:d3:85:eb:69:12:ef:80:a5:
eb:ef:70:63:a5:f2:51:0a:b5:81:ee:77:58:17:de:
03:a5:bd:7d:90:60:60:e4:3f:ff:a2:e1:c5:f3:67:
eb:a9:bd:60:02:87:ed:6b:4e:06:71:34:59:a0:da:
29:87:f5:21:c3:53:7e:40:a4:2e:21:47:95:c9:d9:
db:37:1f:21:39:6c:da:7b:16:42:7a:f2:78:1f:51:
8d:20:8a:6f:79:25:e1:c8:3f:05:90:fd:b5:94:2d:
6b:cb:40:68:1c:b3:e0:c1:49:03:2f:55:b6:9a:5d:
0a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C8:A6:2E:8C:7E:61:10:ED:EE:22:B5:0A:E4:95:B6:82:CD:A4:FA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4abf1b04-0256-404f-a4c7-5d1c2c8ad9b7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6040::/46
Signature Algorithm: sha256WithRSAEncryption
3c:c2:98:f2:58:dc:17:93:81:3f:12:94:a7:0f:58:f4:e1:a3:
ab:d6:16:d7:56:d2:a1:a4:7e:da:3e:cf:3d:c5:9a:1d:9e:db:
6d:da:35:f1:30:c3:b0:92:bc:3a:23:17:cc:2f:e4:ff:eb:6e:
e4:96:c2:be:c8:a7:45:b2:b8:cb:e8:e0:fd:8c:f3:87:c9:74:
0a:7b:c9:cb:d9:36:e8:8b:a8:e4:6d:e3:64:cc:e4:dd:9b:9a:
9e:f5:47:a5:e0:34:04:3e:d3:0f:ea:d0:66:a6:10:14:00:c2:
3c:68:ce:76:7d:83:15:25:47:ae:f7:58:cf:d9:ae:f7:3b:f2:
fb:84:df:01:f3:91:50:7f:b4:97:84:42:9e:65:d0:1d:df:1d:
e0:2d:a1:bd:13:50:17:04:b2:20:02:bc:d1:26:d7:14:9e:2b:
ce:a2:6b:fd:19:d2:a3:1c:b0:75:2f:40:4b:76:49:e3:a6:88:
5d:83:b0:b0:43:21:66:3e:a9:4c:e6:fc:35:c8:1b:d4:44:06:
71:6a:ae:b4:54:56:8c:74:ab:da:87:c6:ed:d1:ab:c0:ea:4d:
6f:5a:59:06:29:5d:ab:49:7d:74:fe:84:22:7d:17:25:fb:6f:
76:fd:42:18:e0:48:ab:78:67:e0:34:f2:dd:3d:f2:e5:60:91:
26:59:d0:ce
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNebbhuaGOCMwsH7/uozXUDbOvlgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDQxOTUxNTZaFw0yNTEwMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyNGI4NmU5NjBjYjIxY2M3OWZkMDM0MDA4OGU1NGRiZWM1ODI4ODcyZDU0
NmQxZmQ1YmM2ZjMyOTZmN2IwZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvCYOBJnbBSYFl4hQYx2u9XEE/HIjU6N0kKbVz7Bm8QuhmWg05M1rIEeooP
qM1zOdxpsIQv8oVbH30bNbl3DdrOrKXDguM6SJYdS8gNZb369rm5fk53igZcQeoP
ueI1ya8glH2P+4aM3PD9NuutW6ycTDpzRiDILAuKL+up9WYpIQk9puSmdtatvo8Z
S9OF62kS74Cl6+9wY6XyUQq1ge53WBfeA6W9fZBgYOQ//6LhxfNn66m9YAKH7WtO
BnE0WaDaKYf1IcNTfkCkLiFHlcnZ2zcfITls2nsWQnryeB9RjSCKb3kl4cg/BZD9
tZQta8tAaByz4MFJAy9VtppdCnkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS6yKYu
jH5hEO3uIrUK5JW2gs2k+jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFiZjFiMDQtMDI1Ni00MDRmLWE0YzctNWQxYzJjOGFkOWI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg
QDANBgkqhkiG9w0BAQsFAAOCAQEAPMKY8ljcF5OBPxKUpw9Y9OGjq9YW11bSoaR+
2j7PPcWaHZ7bbdo18TDDsJK8OiMXzC/k/+tu5JbCvsinRbK4y+jg/Yzzh8l0CnvJ
y9k26Iuo5G3jZMzk3ZuanvVHpeA0BD7TD+rQZqYQFADCPGjOdn2DFSVHrvdYz9mu
9zvy+4TfAfORUH+0l4RCnmXQHd8d4C2hvRNQFwSyIAK80SbXFJ4rzqJr/RnSoxyw
dS9AS3ZJ46aIXYOwsEMhZj6pTOb8Ncgb1EQGcWqutFRWjHSr2ofG7dGrwOpNb1pZ
Bildq0l9dP6EIn0XJftvdv1CGOBIq3hn4DTy3T3y5WCRJlnQzg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:07 2025 by rpki-client