Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa
File: 8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa (raw, json)
Hash identifier: RNHSxNkuWbxm9YIrb1BUR0g9a7JKxToCqJE50T+eEy8=
Subject key identifier: 30:77:45:04:E2:CD:19:FA:67:A2:BD:FC:7A:2D:E1:69:8F:3C:19:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4CD34D8387AB591122A1519442C5ACF8458D52EA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa
Signing time: Fri 15 Aug 2025 15:41:38 +0000
ROA not before: Fri 15 Aug 2025 15:41:38 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:9040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:d3:4d:83:87:ab:59:11:22:a1:51:94:42:c5:ac:f8:45:8d:52:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:41:38 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=434e0fb5eb62c8688dd945da8ed22b0a3f5be46824d8773954fdf12a44534476, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a5:91:23:19:ae:a8:78:ea:b8:f1:57:14:cb:
2b:19:2e:8f:09:2a:f0:a6:36:87:6f:c1:7e:8b:2f:
7f:ce:b6:12:8d:30:fc:5d:f1:90:85:21:2d:6c:19:
9c:60:4d:de:3c:4f:05:b6:12:83:e0:5f:56:aa:b4:
45:bc:cb:ec:f7:2d:7c:66:da:b1:5b:b2:c8:4d:f0:
7c:96:6a:a8:68:78:20:ad:d1:87:35:19:6a:5b:55:
cb:af:b7:f6:51:c1:a6:ed:bf:7b:0b:3c:c1:df:ce:
cc:3e:35:42:46:08:32:dd:95:76:f5:0a:76:75:f4:
e6:35:01:67:f8:ca:f0:50:51:1b:fb:33:97:c0:b4:
5c:3a:88:70:b7:49:61:1e:d6:1e:ac:51:96:ee:dc:
10:c1:44:8e:fc:96:a7:e2:c3:a0:51:6f:dc:8f:e3:
6b:61:58:6f:84:31:2a:be:61:c0:c0:d4:2e:66:94:
d9:f5:de:17:e8:57:6f:e3:7a:99:9d:e3:fa:1f:49:
92:67:5d:36:0e:0d:ef:22:e2:0f:98:7c:5d:c9:b5:
15:f2:f9:9f:1a:74:23:dc:91:42:93:1c:f1:13:b2:
20:a6:f3:bb:17:bf:87:fc:99:66:13:dd:36:52:1b:
45:bd:f5:7c:ae:fb:5b:fb:72:5d:7a:7b:58:0b:1d:
61:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:77:45:04:E2:CD:19:FA:67:A2:BD:FC:7A:2D:E1:69:8F:3C:19:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8518b81d-c700-4d3f-8ef4-5abe8d348d3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:9040::/46
Signature Algorithm: sha256WithRSAEncryption
b6:c4:36:db:b6:fe:b4:33:23:b9:d2:21:3f:6a:23:78:d6:c9:
85:6a:a6:14:69:2e:b1:43:e5:82:b0:28:47:0c:ad:22:98:15:
97:a7:5b:0c:ba:36:bf:fa:2c:03:c6:92:b6:3b:fc:05:dc:b3:
88:03:c5:1a:30:6a:be:d9:21:dd:b9:c5:7c:6c:2d:03:1b:8c:
be:3f:7d:db:31:4c:d7:80:dd:0d:bd:0b:b6:3f:fa:9c:ae:7d:
97:4e:64:07:a5:76:95:ee:14:ac:70:0a:1e:83:c5:50:5a:ca:
9c:d2:d1:ef:2e:77:8c:94:01:4d:f2:bd:36:89:76:8d:c6:41:
01:c3:bf:ef:03:60:d5:56:47:5f:c0:9f:cd:f8:08:5f:23:a5:
a3:e0:63:9c:7f:5a:16:e7:4a:d7:da:4a:66:7b:bc:8e:66:4f:
a0:84:69:75:9e:4c:f9:4a:57:2e:1e:fe:6a:de:0a:87:f1:4a:
ec:f1:45:40:34:44:4c:f1:1e:bb:60:ed:6c:25:72:c7:9c:fc:
f3:02:56:63:44:b5:6d:fe:a4:5f:94:bf:7b:fa:73:00:ad:3c:
97:7c:68:cd:e3:1f:98:f7:73:b0:dc:b8:46:d6:8e:2c:32:b6:
0f:ac:7c:03:f7:3c:ab:59:04:64:b0:2f:be:9c:45:5e:71:63:
51:98:34:26
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTNNNg4erWREioVGUQsWs+EWNUuowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTQxMzhaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzNGUwZmI1ZWI2MmM4Njg4ZGQ5NDVkYThlZDIyYjBhM2Y1YmU0NjgyNGQ4
NzczOTU0ZmRmMTJhNDQ1MzQ0NzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWlkSMZrqh46rjxVxTLKxkujwkq8KY2h2/Bfosvf862Eo0w/F3xkIUhLWwZ
nGBN3jxPBbYSg+BfVqq0RbzL7PctfGbasVuyyE3wfJZqqGh4IK3RhzUZaltVy6+3
9lHBpu2/ews8wd/OzD41QkYIMt2VdvUKdnX05jUBZ/jK8FBRG/szl8C0XDqIcLdJ
YR7WHqxRlu7cEMFEjvyWp+LDoFFv3I/ja2FYb4QxKr5hwMDULmaU2fXeF+hXb+N6
mZ3j+h9JkmddNg4N7yLiD5h8Xcm1FfL5nxp0I9yRQpMc8ROyIKbzuxe/h/yZZhPd
NlIbRb31fK77W/tyXXp7WAsdYVsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQwd0UE
4s0Z+meivfx6LeFpjzwZgzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODUxOGI4MWQtYzcwMC00ZDNmLThlZjQtNWFiZThkMzQ4ZDNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAtsQ227b+tDMjudIhP2ojeNbJhWqmFGkusUPl
grAoRwytIpgVl6dbDLo2v/osA8aStjv8BdyziAPFGjBqvtkh3bnFfGwtAxuMvj99
2zFM14DdDb0Ltj/6nK59l05kB6V2le4UrHAKHoPFUFrKnNLR7y53jJQBTfK9Nol2
jcZBAcO/7wNg1VZHX8CfzfgIXyOlo+BjnH9aFudK19pKZnu8jmZPoIRpdZ5M+UpX
Lh7+at4Kh/FK7PFFQDRETPEeu2DtbCVyx5z88wJWY0S1bf6kX5S/e/pzAK08l3xo
zeMfmPdzsNy4RtaOLDK2D6x8A/c8q1kEZLAvvpxFXnFjUZg0Jg==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:40 2025 by rpki-client