Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
File: 4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa (raw, json)
Hash identifier: 7ntaklbw5JYGsuSg/xW2EXxQNQYy173enrc4pWboR0s=
Subject key identifier: 30:CC:39:FE:BE:E6:91:B6:AA:AB:B1:EB:60:BF:21:5B:F2:00:DA:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 487E12CCB40286547AB48E1CA67EA31D939EC808
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
Signing time: Mon 01 Sep 2025 20:30:52 +0000
ROA not before: Mon 01 Sep 2025 20:30:52 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:7e:12:cc:b4:02:86:54:7a:b4:8e:1c:a6:7e:a3:1d:93:9e:c8:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:52 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=0509de90b9a0203239258215a4ba4690636ef1fa88a02f7c88ad0132208c2ffb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:72:4e:6c:bc:65:7f:57:cd:1c:5a:af:93:27:
cf:47:ba:d6:42:f9:87:8f:d3:cb:4f:b1:80:aa:68:
66:4a:b6:a7:c0:46:e1:c6:03:68:af:7d:6e:5d:e4:
bd:cf:30:f5:ae:bb:14:49:46:cb:8a:54:bc:7c:42:
67:e1:64:69:af:59:d8:a6:b3:8f:c1:ff:b7:89:c3:
d3:f6:6f:f5:c5:b5:40:a2:c9:4e:e6:01:5a:16:0b:
47:74:b3:7b:90:3d:2a:90:e8:76:06:f0:90:21:11:
73:ca:17:a8:e2:b0:a2:9e:f0:06:63:03:bf:26:90:
1a:1c:06:39:6e:ab:9f:46:4d:52:88:86:65:f1:3b:
3e:f7:1e:f9:10:e2:59:8b:11:bd:16:67:77:07:30:
97:20:08:00:5b:c5:b4:20:7a:5c:04:ba:c4:05:9a:
79:2e:b3:9b:67:99:63:a1:2a:51:d9:07:29:24:2a:
e5:aa:a6:9d:51:ba:cc:08:bd:aa:b0:f0:36:8d:15:
70:c4:41:94:e7:7c:78:af:2c:88:c4:f1:7a:b7:bf:
18:f3:a3:56:bd:fb:f9:56:f1:20:6c:41:31:62:69:
84:07:65:cd:8c:a0:f0:e1:59:35:b9:89:e1:0a:2a:
b3:bc:bc:fa:cf:1a:1d:e1:bc:d9:a0:ee:e1:9d:86:
1a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:CC:39:FE:BE:E6:91:B6:AA:AB:B1:EB:60:BF:21:5B:F2:00:DA:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:e000::/40
Signature Algorithm: sha256WithRSAEncryption
50:a4:61:c5:61:c9:23:6e:84:e4:c8:3a:49:a7:11:e6:f6:4a:
46:93:8b:a1:9f:3a:b6:52:c5:63:a4:c0:86:2d:19:be:76:80:
33:bd:bb:10:b1:7b:fe:7e:1a:38:e8:d2:9f:b0:1a:bd:a0:9b:
a6:15:0f:16:d6:92:93:de:fc:ff:ef:b5:9a:62:91:d0:c9:f6:
e2:7a:66:6b:a6:93:98:d6:c3:fd:18:7f:53:f5:ee:83:0e:59:
dd:6d:42:59:09:f4:a9:c6:b9:7d:5f:dc:4f:bc:dd:61:5d:6b:
c9:90:f7:f3:7e:e4:1b:e7:6b:52:c0:0e:72:45:f2:c5:c6:70:
51:03:89:b1:ee:4b:80:7c:20:38:ce:01:c6:5d:73:c2:2b:c8:
b1:e0:42:e8:59:7d:4f:78:a7:e1:b4:3d:21:43:24:75:11:f1:
0c:2b:c9:8d:c1:80:6a:84:1c:94:03:ca:79:01:06:fa:88:58:
78:b2:f2:06:1d:20:19:5d:dd:20:3d:b5:7b:9a:3a:dc:09:92:
82:0b:74:23:5b:37:b7:a6:d8:d0:31:80:8b:8d:9a:fe:13:67:
cb:6e:3d:0b:78:79:a2:ca:70:18:71:2b:e6:69:4f:88:c4:88:
cc:78:2e:f5:59:6f:76:39:43:3c:a6:cd:73:dd:63:88:ba:11:
6c:6c:b3:fd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSH4SzLQChlR6tI4cpn6jHZOeyAgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwNTJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1MDlkZTkwYjlhMDIwMzIzOTI1ODIxNWE0YmE0NjkwNjM2ZWYxZmE4OGEw
MmY3Yzg4YWQwMTMyMjA4YzJmZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNyTmy8ZX9XzRxar5Mnz0e61kL5h4/Ty0+xgKpoZkq2p8BG4cYDaK99bl3k
vc8w9a67FElGy4pUvHxCZ+Fkaa9Z2Kazj8H/t4nD0/Zv9cW1QKLJTuYBWhYLR3Sz
e5A9KpDodgbwkCERc8oXqOKwop7wBmMDvyaQGhwGOW6rn0ZNUoiGZfE7Pvce+RDi
WYsRvRZndwcwlyAIAFvFtCB6XAS6xAWaeS6zm2eZY6EqUdkHKSQq5aqmnVG6zAi9
qrDwNo0VcMRBlOd8eK8siMTxere/GPOjVr37+VbxIGxBMWJphAdlzYyg8OFZNbmJ
4Qoqs7y8+s8aHeG82aDu4Z2GGhECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQwzDn+
vuaRtqqrsetgvyFb8gDa4jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI1MjBmMmYtN2ZjMC00MWFmLThjNTMtZWMwNjc1YWE4M2QwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G3g
MA0GCSqGSIb3DQEBCwUAA4IBAQBQpGHFYckjboTkyDpJpxHm9kpGk4uhnzq2UsVj
pMCGLRm+doAzvbsQsXv+fho46NKfsBq9oJumFQ8W1pKT3vz/77WaYpHQyfbiemZr
ppOY1sP9GH9T9e6DDlndbUJZCfSpxrl9X9xPvN1hXWvJkPfzfuQb52tSwA5yRfLF
xnBRA4mx7kuAfCA4zgHGXXPCK8ix4ELoWX1PeKfhtD0hQyR1EfEMK8mNwYBqhByU
A8p5AQb6iFh4svIGHSAZXd0gPbV7mjrcCZKCC3QjWze3ptjQMYCLjZr+E2fLbj0L
eHmiynAYcSvmaU+IxIjMeC71WW92OUM8ps1z3WOIuhFsbLP9
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:08 2025 by rpki-client