Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/007aa6ae-ee04-4168-a465-d2d3db70f19f.roa
File: 007aa6ae-ee04-4168-a465-d2d3db70f19f.roa (raw, json)
Hash identifier: 6EJVikLb1T5MRBesDX9nxEBM21i1pvK+u4jWSUSViV4=
Subject key identifier: 2B:21:8D:0C:F7:45:3B:E8:B0:5E:CA:8F:9E:1F:85:D0:A1:42:C7:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 48E7A4AF4BE1995C93C11148E2B1A7EFECF3C739
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/007aa6ae-ee04-4168-a465-d2d3db70f19f.roa
Signing time: Mon 01 Sep 2025 19:40:35 +0000
ROA not before: Mon 01 Sep 2025 19:40:35 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:e7:a4:af:4b:e1:99:5c:93:c1:11:48:e2:b1:a7:ef:ec:f3:c7:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:40:35 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=6ad7a81f28aebfa76f7bb632b25067abfc9855b1fdf4dfd2b5df07be508acb8a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bd:55:2a:be:3e:95:0d:73:6d:f2:10:28:b3:
90:ea:a7:d4:f9:11:0a:8a:17:99:42:3d:11:14:22:
ce:1f:a6:2e:0b:54:c3:25:17:f8:c3:eb:dc:fc:0a:
7e:80:56:d8:5e:61:cc:22:3f:48:9c:1a:c2:17:b3:
4a:08:bf:eb:75:76:ef:53:12:4c:10:d6:71:41:01:
62:f4:da:91:f0:79:8b:cd:96:c8:cd:f4:c0:f7:cb:
66:5d:52:f6:09:29:ff:b8:34:fd:82:f8:8e:75:84:
70:c9:f8:82:c3:aa:b9:e3:e4:9f:62:c4:1d:a5:cc:
db:d1:fe:9e:fc:68:42:bb:fc:b4:1f:68:35:57:74:
9f:9c:4d:2c:f7:8c:0b:c7:bb:bf:5f:ae:55:5c:3b:
7a:20:27:5e:2d:c8:cb:22:fc:5d:d9:dd:92:98:6f:
51:59:a8:69:88:16:16:32:fd:49:0f:45:24:72:ae:
6f:33:95:8e:9b:17:64:50:bf:7e:f0:3b:5f:53:fe:
34:59:09:ea:1a:0b:08:60:0a:87:3c:6d:9f:bf:23:
ef:72:32:96:90:be:5e:fa:5c:57:26:be:a6:fd:31:
59:6b:97:15:f6:74:eb:b0:b3:e5:a8:7f:05:fc:b9:
2d:2e:78:1e:94:f8:3b:52:ce:23:8f:88:f6:5c:b5:
6d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:21:8D:0C:F7:45:3B:E8:B0:5E:CA:8F:9E:1F:85:D0:A1:42:C7:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/007aa6ae-ee04-4168-a465-d2d3db70f19f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:1040::/48
Signature Algorithm: sha256WithRSAEncryption
58:11:ea:75:23:d5:eb:cb:54:ef:c5:6e:82:3d:de:b1:ff:8c:
cf:f7:b5:60:f6:cd:c8:7d:b0:34:38:93:ff:77:12:5c:78:d9:
d1:e1:c5:38:55:af:2a:b4:5d:85:52:4c:8b:aa:57:4d:50:fe:
ed:a7:d7:9e:c9:fe:58:78:6a:5e:8b:da:64:ca:c4:e4:11:e1:
d5:bb:05:8a:34:ce:10:49:d9:e9:54:2d:a5:ac:bf:b0:22:b4:
d9:79:85:67:be:03:ab:72:76:7f:e1:7a:0b:ee:13:c6:08:36:
53:55:4d:a3:34:c2:a3:44:54:2f:43:46:2a:6d:a0:4e:fb:44:
8b:ed:81:c8:03:a9:ff:df:d9:fb:1e:28:d1:50:13:bc:72:3e:
10:79:b9:da:4c:f4:41:3d:31:dd:db:e6:de:46:5d:c1:a2:e7:
f1:8a:a4:f4:ed:f5:bb:45:12:15:d3:8b:a2:fb:47:ee:15:13:
a4:8b:90:c2:8e:7a:43:96:67:d0:0d:25:82:55:1f:83:b4:12:
3f:41:b0:33:56:7d:06:b4:60:05:28:f9:f9:87:be:a4:62:ce:
65:62:17:49:70:32:61:f4:3e:1b:46:0a:9a:0e:48:c0:83:c7:
2f:cb:88:7d:94:3f:b3:24:94:70:08:c6:e2:51:9c:45:54:12:
39:85:f7:57
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSOekr0vhmVyTwRFI4rGn7+zzxzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTQwMzVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhZDdhODFmMjhhZWJmYTc2ZjdiYjYzMmIyNTA2N2FiZmM5ODU1YjFmZGY0
ZGZkMmI1ZGYwN2JlNTA4YWNiOGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMC9VSq+PpUNc23yECizkOqn1PkRCooXmUI9ERQizh+mLgtUwyUX+MPr3PwK
foBW2F5hzCI/SJwawhezSgi/63V271MSTBDWcUEBYvTakfB5i82WyM30wPfLZl1S
9gkp/7g0/YL4jnWEcMn4gsOquePkn2LEHaXM29H+nvxoQrv8tB9oNVd0n5xNLPeM
C8e7v1+uVVw7eiAnXi3IyyL8XdndkphvUVmoaYgWFjL9SQ9FJHKubzOVjpsXZFC/
fvA7X1P+NFkJ6hoLCGAKhzxtn78j73IylpC+XvpcVya+pv0xWWuXFfZ067Cz5ah/
Bfy5LS54HpT4O1LOI4+I9ly1bf8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQrIY0M
90U76LBeyo+eH4XQoULHajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDA3YWE2YWUtZWUwNC00MTY4LWE0NjUtZDJkM2RiNzBmMTlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAWBHqdSPV68tU78Vugj3esf+Mz/e1YPbNyH2w
NDiT/3cSXHjZ0eHFOFWvKrRdhVJMi6pXTVD+7afXnsn+WHhqXovaZMrE5BHh1bsF
ijTOEEnZ6VQtpay/sCK02XmFZ74Dq3J2f+F6C+4Txgg2U1VNozTCo0RUL0NGKm2g
TvtEi+2ByAOp/9/Z+x4o0VATvHI+EHm52kz0QT0x3dvm3kZdwaLn8Yqk9O31u0US
FdOLovtH7hUTpIuQwo56Q5Zn0A0lglUfg7QSP0GwM1Z9BrRgBSj5+Ye+pGLOZWIX
SXAyYfQ+G0YKmg5IwIPHL8uIfZQ/sySUcAjG4lGcRVQSOYX3Vw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:47 2025 by rpki-client