Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/adb1351f-3dd5-4e4f-8955-1514f42e48e2.roa
File: adb1351f-3dd5-4e4f-8955-1514f42e48e2.roa (raw, json)
Hash identifier: ZvpEwVNtr7q+meAlC8wTUuFyozlBllsgFMYBfGwRFco=
Subject key identifier: AB:A2:83:0F:9A:53:7B:FD:74:B1:D3:C7:29:B1:16:6D:55:32:64:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4A76F1872CF856BD4B111F0A94EEFD05ABB23BC6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/adb1351f-3dd5-4e4f-8955-1514f42e48e2.roa
Signing time: Fri 15 Aug 2025 15:41:30 +0000
ROA not before: Fri 15 Aug 2025 15:41:30 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:1080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:76:f1:87:2c:f8:56:bd:4b:11:1f:0a:94:ee:fd:05:ab:b2:3b:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:41:30 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=58525fe74e4ed60a755c62a1e5cd1eba4235dffef2408b29cfb92d460ed42290, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ab:87:90:f3:3c:06:67:5f:ff:b2:44:16:11:
e1:b6:b2:9e:25:34:a9:e0:09:f6:75:c4:6d:c1:a8:
85:23:08:ac:89:df:a3:28:0f:ae:79:8b:f4:7f:ce:
79:06:b2:1e:51:72:c8:43:14:b1:f7:69:34:69:a2:
51:52:a9:e7:55:c8:ea:0d:2f:d2:b1:ae:00:54:56:
a7:70:5f:5a:93:e2:1c:7a:87:83:b6:45:db:ee:e8:
5f:01:c1:1e:e9:5f:10:e4:5c:5e:c6:7f:ff:82:08:
89:32:a2:1a:cb:f6:a6:a5:99:5e:f2:51:47:7d:88:
83:4d:8e:c1:44:6e:7d:50:9f:fb:10:7a:f1:f2:0d:
df:12:ac:55:96:ec:df:89:36:a5:f0:0d:96:c0:ef:
79:07:91:7b:65:20:0f:64:0e:78:ca:da:5d:57:34:
61:25:d0:82:2f:1e:92:72:4b:b7:11:fb:5b:10:db:
13:82:73:72:17:0f:df:74:f2:14:cb:f4:c9:3e:8c:
01:b5:2c:83:d2:28:46:2d:87:8b:0f:4e:c7:a7:b0:
b2:63:33:37:19:66:6e:17:7c:d3:6c:0a:d3:bb:65:
85:7c:c3:94:58:76:e1:93:20:72:95:54:e6:7a:35:
8b:fc:2d:eb:3a:18:16:e6:d6:9f:8f:a6:12:f0:fb:
8b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A2:83:0F:9A:53:7B:FD:74:B1:D3:C7:29:B1:16:6D:55:32:64:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/adb1351f-3dd5-4e4f-8955-1514f42e48e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:1080::/46
Signature Algorithm: sha256WithRSAEncryption
59:0e:54:57:bc:eb:6a:f8:87:ae:60:00:01:41:6f:f3:1a:65:
2e:68:c2:5f:2f:a9:09:af:95:6d:19:34:ed:7d:58:32:a6:3a:
38:3e:81:21:a1:bf:54:c9:07:cb:9e:a7:7e:34:81:48:03:1c:
7b:4b:f2:82:94:d3:54:91:b8:0e:e5:3d:45:05:6c:b9:7a:39:
0f:38:d3:83:5c:42:d5:3a:ea:df:98:46:39:01:8a:51:b7:b0:
5c:d0:85:b8:85:1f:40:6a:75:3e:9c:4c:ee:ac:19:c9:20:35:
25:8d:c3:a4:8a:69:8b:4f:11:bd:f1:1b:45:5f:20:8e:16:7b:
76:09:e6:56:0a:59:2f:04:77:fd:62:3b:95:c3:d5:89:7a:a4:
86:df:9a:4b:d6:08:70:4d:0a:79:b5:dd:e7:ee:95:3f:50:1c:
30:50:0f:68:7e:cd:8d:71:5a:5f:d6:b8:3b:23:01:8b:60:92:
9f:12:f5:ce:49:90:08:61:d3:b3:de:1e:b0:5a:c4:c5:df:df:
bf:a2:30:6d:b3:17:ca:4f:6f:92:f0:3d:b2:70:ab:84:ef:e7:
9f:86:45:00:22:3d:93:b5:1b:ec:06:6a:e7:9f:6e:5a:f9:53:
85:03:6e:14:f0:12:08:02:f9:c5:fd:53:38:fb:b3:a9:b8:e9:
09:0f:37:16
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSnbxhyz4Vr1LER8KlO79BauyO8YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTQxMzBaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4NTI1ZmU3NGU0ZWQ2MGE3NTVjNjJhMWU1Y2QxZWJhNDIzNWRmZmVmMjQw
OGIyOWNmYjkyZDQ2MGVkNDIyOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+rh5DzPAZnX/+yRBYR4bayniU0qeAJ9nXEbcGohSMIrInfoygPrnmL9H/O
eQayHlFyyEMUsfdpNGmiUVKp51XI6g0v0rGuAFRWp3BfWpPiHHqHg7ZF2+7oXwHB
HulfEORcXsZ//4IIiTKiGsv2pqWZXvJRR32Ig02OwURufVCf+xB68fIN3xKsVZbs
34k2pfANlsDveQeRe2UgD2QOeMraXVc0YSXQgi8eknJLtxH7WxDbE4JzchcP33Ty
FMv0yT6MAbUsg9IoRi2Hiw9Ox6ewsmMzNxlmbhd802wK07tlhXzDlFh24ZMgcpVU
5no1i/wt6zoYFubWn4+mEvD7i+MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSrooMP
mlN7/XSx08cpsRZtVTJkYDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWRiMTM1MWYtM2RkNS00ZTRmLTg5NTUtMTUxNGY0MmU0OGUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAWQ5UV7zraviHrmAAAUFv8xplLmjCXy+pCa+V
bRk07X1YMqY6OD6BIaG/VMkHy56nfjSBSAMce0vygpTTVJG4DuU9RQVsuXo5DzjT
g1xC1Trq35hGOQGKUbewXNCFuIUfQGp1PpxM7qwZySA1JY3DpIppi08RvfEbRV8g
jhZ7dgnmVgpZLwR3/WI7lcPViXqkht+aS9YIcE0KebXd5+6VP1AcMFAPaH7NjXFa
X9a4OyMBi2CSnxL1zkmQCGHTs94esFrExd/fv6IwbbMXyk9vkvA9snCrhO/nn4ZF
ACI9k7Ub7AZq559uWvlThQNuFPASCAL5xf1TOPuzqbjpCQ83Fg==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:39 2025 by rpki-client