Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
File: cb352ba2-1c61-4993-802d-895dc73880c2.roa (raw, json)
Hash identifier: 1y2q7cPgbmdf1Uc2SVIDXoejAF5ME1gwCmqd3Kv2vmU=
Subject key identifier: 4D:12:EA:E3:74:F8:3F:E2:78:2B:7A:56:E6:56:E1:62:57:59:57:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D73DA4555801711DDCB6B04D024C5EEC877E277
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
Signing time: Tue 26 Aug 2025 17:11:27 +0000
ROA not before: Tue 26 Aug 2025 17:11:27 +0000
ROA not after: Tue 30 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:73:da:45:55:80:17:11:dd:cb:6b:04:d0:24:c5:ee:c8:77:e2:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 26 17:11:27 2025 GMT
Not After : Sep 30 23:59:59 2025 GMT
Subject: serialNumber=3f4af62673dbacef7e4efaf6b9f419d5a9db23ef53499353ffcfd35c719c0103, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:89:0c:b0:d2:4f:ae:e0:8f:1d:53:56:b7:8e:
cf:a9:50:d1:10:7d:54:8f:b7:7d:13:0c:f2:62:95:
70:dd:b0:93:8d:ac:3f:6a:35:8d:0e:8a:9a:9f:34:
dd:a0:61:17:b1:40:cd:9b:fa:d7:44:df:4b:16:cc:
ef:79:a6:94:b2:b9:ef:d6:0e:c1:7b:0d:14:5b:02:
d1:61:9b:69:19:f7:8b:ee:4d:dd:cf:1c:5b:7b:ee:
f8:88:63:e4:fe:e0:db:ef:6c:2a:16:08:03:89:a2:
e4:62:bb:89:ba:f9:9d:94:9a:d7:87:b1:df:fc:94:
64:4d:aa:8f:2c:fb:c0:28:95:f7:b9:c5:4f:da:12:
03:39:e3:f4:66:8a:7b:4d:e4:b3:ea:e8:1c:01:18:
8f:46:42:3d:e5:01:a9:ea:da:de:cf:39:35:4c:62:
b8:0a:9e:04:ac:68:b3:a9:9e:6c:5a:f4:56:8d:78:
0d:44:60:84:d4:f4:05:6e:42:f8:3f:ab:b8:3d:16:
b1:aa:2c:eb:0e:1f:02:cb:1e:be:5a:5e:17:61:71:
3d:d8:25:81:0b:4c:e9:31:96:80:69:aa:63:75:a6:
a7:1b:c8:9d:db:95:92:22:8e:62:e4:c1:a5:f7:1f:
26:83:11:8f:4f:9d:f0:52:1c:00:d4:ef:70:b1:56:
4a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:12:EA:E3:74:F8:3F:E2:78:2B:7A:56:E6:56:E1:62:57:59:57:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:800::/40
Signature Algorithm: sha256WithRSAEncryption
63:0f:b0:22:65:f7:1c:20:a8:3b:ec:af:fb:e0:8c:25:e0:09:
56:24:c6:d8:1f:e3:ab:08:40:99:d0:00:b3:85:8f:9e:c5:57:
70:62:01:bd:d0:9a:c9:89:b3:a3:0e:09:dc:0e:33:ba:13:0b:
a2:df:94:c1:fd:2e:f5:af:b4:94:c5:f8:dc:56:f7:5f:1b:bd:
5c:0d:29:28:04:e0:c9:e0:3c:42:b6:47:6c:c8:33:51:0b:c1:
42:02:79:2e:eb:c0:53:89:de:64:9e:89:e5:7e:b9:b3:66:97:
75:03:c0:03:5c:d4:26:10:da:a1:1c:ca:c5:65:28:98:0c:21:
1b:17:c8:62:08:c6:66:5e:84:ee:c4:a9:17:98:74:af:a1:e3:
75:6a:3f:05:a8:dc:7f:3e:e5:3e:bb:f6:64:04:09:92:97:97:
14:88:41:c2:8f:e2:9b:50:20:9c:06:8f:bd:51:a1:8c:37:cc:
29:26:25:e3:6d:d7:80:f2:4d:be:67:88:9d:43:54:2f:b4:98:
59:f1:29:4b:4b:99:eb:b0:11:b2:71:3b:84:26:74:0f:e3:a1:
ce:42:7d:a6:01:d4:83:5f:ce:54:2c:39:96:29:7c:38:45:a9:
f6:64:ce:50:07:b1:1e:37:f4:a2:59:8c:24:f8:cb:2a:fd:ee:
e5:20:cf:e5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTXPaRVWAFxHdy2sE0CTF7sh34ncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjYxNzExMjdaFw0yNTA5MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmNGFmNjI2NzNkYmFjZWY3ZTRlZmFmNmI5ZjQxOWQ1YTlkYjIzZWY1MzQ5
OTM1M2ZmY2ZkMzVjNzE5YzAxMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKeJDLDST67gjx1TVreOz6lQ0RB9VI+3fRMM8mKVcN2wk42sP2o1jQ6Kmp80
3aBhF7FAzZv610TfSxbM73mmlLK579YOwXsNFFsC0WGbaRn3i+5N3c8cW3vu+Ihj
5P7g2+9sKhYIA4mi5GK7ibr5nZSa14ex3/yUZE2qjyz7wCiV97nFT9oSAznj9GaK
e03ks+roHAEYj0ZCPeUBqera3s85NUxiuAqeBKxos6mebFr0Vo14DURghNT0BW5C
+D+ruD0Wsaos6w4fAssevlpeF2FxPdglgQtM6TGWgGmqY3WmpxvInduVkiKOYuTB
pfcfJoMRj0+d8FIcANTvcLFWStUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRNEurj
dPg/4ngrelbmVuFiV1lXrTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2IzNTJiYTItMWM2MS00OTkzLTgwMmQtODk1ZGM3Mzg4MGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYI
MA0GCSqGSIb3DQEBCwUAA4IBAQBjD7AiZfccIKg77K/74Iwl4AlWJMbYH+OrCECZ
0ACzhY+exVdwYgG90JrJibOjDgncDjO6Ewui35TB/S71r7SUxfjcVvdfG71cDSko
BODJ4DxCtkdsyDNRC8FCAnku68BTid5knonlfrmzZpd1A8ADXNQmENqhHMrFZSiY
DCEbF8hiCMZmXoTuxKkXmHSvoeN1aj8FqNx/PuU+u/ZkBAmSl5cUiEHCj+KbUCCc
Bo+9UaGMN8wpJiXjbdeA8k2+Z4idQ1QvtJhZ8SlLS5nrsBGycTuEJnQP46HOQn2m
AdSDX85ULDmWKXw4Ran2ZM5QB7EeN/SiWYwk+Msq/e7lIM/l
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:05 2025 by rpki-client