Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4d03f6d9-094a-4f2a-aa7c-73e66047c2a1.roa
File: 4d03f6d9-094a-4f2a-aa7c-73e66047c2a1.roa (raw, json)
Hash identifier: s+3+WsswSHO98IbTD0CK+xGsK93omn3nyYr7I9+STKk=
Subject key identifier: 0C:4B:2D:2D:79:46:14:C3:19:30:A0:20:2D:10:11:8E:5B:48:52:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 07352B0D9D8F9162940FC60BCA275A14360FC92E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4d03f6d9-094a-4f2a-aa7c-73e66047c2a1.roa
Signing time: Fri 15 Aug 2025 15:50:43 +0000
ROA not before: Fri 15 Aug 2025 15:50:43 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:10c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:35:2b:0d:9d:8f:91:62:94:0f:c6:0b:ca:27:5a:14:36:0f:c9:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:50:43 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=e3b741239db80c14657039c0f1af2be0a683135d95995f31465a6088d99bd6e7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:1d:20:2a:db:06:d6:4a:40:0c:07:da:a0:ad:
17:46:9e:2c:b9:97:7a:02:23:9a:c1:82:41:5e:25:
59:34:58:e8:8c:f4:6b:88:b7:9d:96:1e:91:fa:74:
3c:54:02:e1:f8:11:75:b6:58:95:d6:db:df:75:33:
08:f5:51:73:68:16:3f:9c:21:a0:a6:71:64:e8:d9:
23:08:00:d3:80:85:2f:27:14:4c:4e:e4:94:b5:72:
17:18:0e:c8:62:e1:49:e9:7f:86:cb:9b:24:8f:33:
15:fb:3e:5c:16:04:83:c1:56:39:a9:e1:ab:bf:db:
35:5a:3c:33:a3:1b:31:bd:5e:97:67:5c:4c:10:69:
6c:b6:31:c5:0c:0a:85:95:70:37:30:38:37:28:df:
c7:4c:13:7e:1c:e4:c9:98:aa:6e:2a:06:c0:d1:87:
5e:6c:ef:06:d7:57:e4:8f:cd:bd:23:4c:2a:65:64:
c9:2b:7b:05:a3:aa:35:c0:5d:2e:bb:e8:07:db:df:
84:30:17:ea:68:13:6f:33:20:37:b6:0f:bd:e0:ae:
f8:40:a9:65:d3:61:21:7c:89:ef:ac:ee:d1:d2:ae:
af:cf:c4:82:d4:db:16:62:e6:e1:09:8f:50:03:bd:
d5:03:f6:aa:7a:c1:76:58:dd:7a:90:18:eb:6f:ec:
0a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:4B:2D:2D:79:46:14:C3:19:30:A0:20:2D:10:11:8E:5B:48:52:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4d03f6d9-094a-4f2a-aa7c-73e66047c2a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:10c0::/46
Signature Algorithm: sha256WithRSAEncryption
62:eb:a9:e3:92:91:ef:06:5c:e7:65:ca:e2:07:06:03:88:02:
1c:f4:2b:20:8f:1c:07:31:6d:68:00:e7:4f:67:74:51:a2:ea:
ca:bf:86:bb:50:d8:b4:66:91:90:c5:50:c0:ec:ba:f8:11:e7:
9d:98:2c:58:31:0b:b3:28:ab:d8:7f:17:38:4a:7c:0c:5a:a3:
fa:30:7c:06:ca:36:6f:0c:7d:4a:33:18:4c:eb:d2:c1:5e:da:
d5:76:3e:c0:0b:3c:5e:69:91:16:8b:ec:48:4d:51:23:94:91:
b7:d7:b2:02:5e:a3:e8:8a:eb:2a:e6:b2:37:a0:5f:52:21:5f:
b5:e6:e8:cb:27:22:2b:1f:85:27:41:61:74:17:4c:b3:8e:d0:
72:94:57:e3:8a:ad:b4:ec:7b:8d:8f:fc:2e:a3:dc:db:5c:52:
e6:29:20:e0:37:d3:d6:71:8e:63:88:cf:af:3e:19:4f:9b:81:
7c:ea:57:0b:39:44:b1:e0:d7:e8:20:63:b5:55:56:0c:17:39:
28:2a:d4:2b:80:2a:c0:c0:47:56:f9:15:e5:ce:b2:a6:0e:bd:
ed:28:cb:91:55:00:d2:76:84:21:fb:c1:7e:43:7a:15:89:ea:
88:ed:be:b0:f3:83:77:26:59:5b:68:6f:7c:3f:07:c2:bb:27:
bc:bb:7f:03
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBzUrDZ2PkWKUD8YLyidaFDYPyS4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTUwNDNaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzYjc0MTIzOWRiODBjMTQ2NTcwMzljMGYxYWYyYmUwYTY4MzEzNWQ5NTk5
NWYzMTQ2NWE2MDg4ZDk5YmQ2ZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPEdICrbBtZKQAwH2qCtF0aeLLmXegIjmsGCQV4lWTRY6Iz0a4i3nZYekfp0
PFQC4fgRdbZYldbb33UzCPVRc2gWP5whoKZxZOjZIwgA04CFLycUTE7klLVyFxgO
yGLhSel/hsubJI8zFfs+XBYEg8FWOanhq7/bNVo8M6MbMb1el2dcTBBpbLYxxQwK
hZVwNzA4Nyjfx0wTfhzkyZiqbioGwNGHXmzvBtdX5I/NvSNMKmVkySt7BaOqNcBd
LrvoB9vfhDAX6mgTbzMgN7YPveCu+ECpZdNhIXyJ76zu0dKur8/EgtTbFmLm4QmP
UAO91QP2qnrBdljdepAY62/sCsUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQMSy0t
eUYUwxkwoCAtEBGOW0hS+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGQwM2Y2ZDktMDk0YS00ZjJhLWFhN2MtNzNlNjYwNDdjMmExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAYuup45KR7wZc52XK4gcGA4gCHPQrII8cBzFt
aADnT2d0UaLqyr+Gu1DYtGaRkMVQwOy6+BHnnZgsWDELsyir2H8XOEp8DFqj+jB8
Bso2bwx9SjMYTOvSwV7a1XY+wAs8XmmRFovsSE1RI5SRt9eyAl6j6IrrKuayN6Bf
UiFfteboyyciKx+FJ0FhdBdMs47QcpRX44qttOx7jY/8LqPc21xS5ikg4DfT1nGO
Y4jPrz4ZT5uBfOpXCzlEseDX6CBjtVVWDBc5KCrUK4AqwMBHVvkV5c6ypg697SjL
kVUA0naEIfvBfkN6FYnqiO2+sPODdyZZW2hvfD8HwrsnvLt/Aw==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:41 2025 by rpki-client