Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94da73c8-c1bb-4329-a141-1dcbab6b0213.roa
File: 94da73c8-c1bb-4329-a141-1dcbab6b0213.roa (raw, json)
Hash identifier: TPUCpg9kNqaBr+9nV9AfRMJKeznkILRp5FanQfkOja8=
Subject key identifier: EB:53:D7:92:92:0B:6A:7B:33:6E:9D:BB:8B:82:C5:B5:AA:AB:3B:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A67EF1AE48910BDCF9F19E275C17D3F6DC0DDC2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94da73c8-c1bb-4329-a141-1dcbab6b0213.roa
Signing time: Fri 15 Aug 2025 15:40:47 +0000
ROA not before: Fri 15 Aug 2025 15:40:47 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:67:ef:1a:e4:89:10:bd:cf:9f:19:e2:75:c1:7d:3f:6d:c0:dd:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:40:47 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=4fadb6a5f6dbb65ee9eadf5a37a6f6590e6d69bc70d641e3faafd2dad35dde02, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:22:66:0d:45:8e:d7:26:1d:6f:12:79:2e:6d:
d3:5e:78:35:32:28:d1:21:41:fc:3b:ca:57:04:06:
49:d4:0e:b6:f6:aa:4e:be:a6:28:47:c2:66:41:d9:
86:30:11:95:43:da:11:aa:b0:f1:2a:28:2d:fd:a4:
5e:85:cc:64:eb:45:91:a7:e2:e4:42:08:4c:bf:3c:
3b:75:f6:bc:d2:c0:e0:33:67:0c:d5:08:86:ee:c0:
05:66:a8:da:b2:eb:34:20:14:84:f4:f9:fc:50:6a:
d2:b2:da:30:fd:db:ea:4e:1d:e4:40:69:ac:66:51:
2d:d7:f8:e6:b9:8a:f0:5e:b2:82:7b:db:e4:a6:8a:
4a:8c:71:36:9c:33:90:0a:ed:65:8b:4e:f3:8b:f4:
de:72:18:13:e6:97:5b:88:3d:a3:eb:86:45:c0:a6:
ca:0c:b9:0a:ad:9a:9c:5d:26:7e:98:b1:95:90:57:
67:d7:04:29:8f:30:9c:5e:71:59:fc:0e:15:d6:8b:
56:8a:ec:02:48:15:fc:a9:79:e2:39:4a:0a:10:93:
98:00:1b:7f:3f:f3:0a:45:e9:6c:b4:ec:3e:78:2d:
47:4b:86:5d:3a:d9:1a:87:42:71:d9:fb:ab:3a:c4:
b3:dd:67:ca:91:28:2a:37:97:b0:af:d0:86:f6:bd:
45:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:53:D7:92:92:0B:6A:7B:33:6E:9D:BB:8B:82:C5:B5:AA:AB:3B:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94da73c8-c1bb-4329-a141-1dcbab6b0213.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:4020::/48
Signature Algorithm: sha256WithRSAEncryption
b5:df:e4:5a:43:c6:04:a5:de:82:f7:af:3e:a4:73:25:d8:92:
4d:60:9f:ae:c0:b6:5f:3a:6c:af:a9:8c:d4:90:07:17:f1:c0:
fa:1b:55:4e:00:e9:85:45:78:3e:f1:c2:6e:97:b8:ee:f1:bc:
bc:d8:8b:57:e1:9f:d2:76:6b:db:36:01:c5:61:0b:cd:cc:a3:
dd:13:75:63:72:4c:d5:a4:fe:51:35:a3:e0:2a:62:3a:60:a7:
4a:8c:ae:f1:62:76:c5:87:c4:98:c9:5a:9c:c5:8e:d8:d0:cd:
b7:23:d3:eb:8e:66:4a:14:e1:b3:67:4f:86:9e:e1:e7:02:af:
5c:13:f3:4a:0f:3e:90:a7:5b:70:da:14:6e:1d:04:8d:f1:1b:
ba:cc:34:65:9b:57:d8:03:d6:ac:32:58:08:4e:cf:0d:73:22:
9b:ee:5c:36:e2:bf:28:b1:d1:15:8c:e6:c3:9c:a6:50:37:bb:
4d:e0:26:1a:41:85:8d:65:13:af:e2:50:68:80:aa:66:c7:4d:
19:82:38:9c:29:85:2c:6c:f4:5e:53:4d:dd:30:cd:9a:45:9a:
ed:9e:c3:04:16:76:ee:af:16:bb:52:8b:b0:62:9b:57:ef:dc:
9b:4f:29:2c:1d:00:c3:7c:21:41:fa:24:4e:d1:a1:79:39:87:
db:8b:ab:56
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKmfvGuSJEL3PnxnidcF9P23A3cIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTQwNDdaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmYWRiNmE1ZjZkYmI2NWVlOWVhZGY1YTM3YTZmNjU5MGU2ZDY5YmM3MGQ2
NDFlM2ZhYWZkMmRhZDM1ZGRlMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMiZg1FjtcmHW8SeS5t0154NTIo0SFB/DvKVwQGSdQOtvaqTr6mKEfCZkHZ
hjARlUPaEaqw8SooLf2kXoXMZOtFkafi5EIITL88O3X2vNLA4DNnDNUIhu7ABWao
2rLrNCAUhPT5/FBq0rLaMP3b6k4d5EBprGZRLdf45rmK8F6ygnvb5KaKSoxxNpwz
kArtZYtO84v03nIYE+aXW4g9o+uGRcCmygy5Cq2anF0mfpixlZBXZ9cEKY8wnF5x
WfwOFdaLVorsAkgV/Kl54jlKChCTmAAbfz/zCkXpbLTsPngtR0uGXTrZGodCcdn7
qzrEs91nypEoKjeXsK/Qhva9RT8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTrU9eS
kgtqezNunbuLgsW1qqs7VTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRkYTczYzgtYzFiYi00MzI5LWExNDEtMWRjYmFiNmIwMjEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
IDANBgkqhkiG9w0BAQsFAAOCAQEAtd/kWkPGBKXegvevPqRzJdiSTWCfrsC2Xzps
r6mM1JAHF/HA+htVTgDphUV4PvHCbpe47vG8vNiLV+Gf0nZr2zYBxWELzcyj3RN1
Y3JM1aT+UTWj4CpiOmCnSoyu8WJ2xYfEmMlanMWO2NDNtyPT645mShThs2dPhp7h
5wKvXBPzSg8+kKdbcNoUbh0EjfEbusw0ZZtX2APWrDJYCE7PDXMim+5cNuK/KLHR
FYzmw5ymUDe7TeAmGkGFjWUTr+JQaICqZsdNGYI4nCmFLGz0XlNN3TDNmkWa7Z7D
BBZ27q8Wu1KLsGKbV+/cm08pLB0Aw3whQfokTtGheTmH24urVg==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:25 2025 by rpki-client