Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
File: 04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa (raw, json)
Hash identifier: BR1zfAJyd7llv27t1WpQqL7xg26EZQicRsmhvn6Erik=
Subject key identifier: F4:CF:3F:06:93:78:32:34:44:F2:E2:2D:13:18:AA:65:06:0E:D7:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35BAF7D2D4B2CC6C174E2DE65DE04DDEA930C714
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
Signing time: Mon 01 Sep 2025 21:20:11 +0000
ROA not before: Mon 01 Sep 2025 21:20:11 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:ba:f7:d2:d4:b2:cc:6c:17:4e:2d:e6:5d:e0:4d:de:a9:30:c7:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:20:11 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=a420190cd9663d2ad85b0916f61ad6e0523ce60b85a44d61972b045ad075756a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:67:cb:ea:b9:fa:b5:17:79:95:db:9d:d4:e3:
03:c5:8a:a0:8a:97:1a:09:51:a0:48:d8:c6:d3:0c:
fc:e5:1f:5a:1a:c1:44:12:d5:ab:e4:92:d6:2e:cd:
5e:0b:e6:35:eb:fb:c9:86:b1:9a:7f:e8:ca:de:26:
56:12:6c:9f:12:37:90:08:49:38:e0:67:e5:2d:c3:
e4:20:77:9c:9b:af:74:34:84:05:ff:0d:61:98:8c:
65:14:87:85:a4:23:50:e2:0e:2b:47:6e:ff:03:09:
85:5d:22:3f:ac:b9:ae:25:80:13:ae:43:7e:5a:85:
45:b3:52:05:d7:d4:77:32:0f:38:2f:62:4b:6c:1c:
10:9a:ab:01:90:1b:6d:4d:b9:15:c0:93:a5:24:1a:
4b:07:a3:f0:24:d2:a7:b8:2a:10:51:d4:71:0d:00:
f7:f4:ae:77:f5:a6:89:8f:53:6f:ff:6a:87:8a:af:
67:46:fe:09:7b:69:d4:b2:13:68:ce:50:86:3f:6d:
9b:a7:ff:f9:60:fe:49:1d:80:a8:41:73:0b:c8:e1:
38:49:40:b8:fa:ef:39:f9:92:14:e9:57:37:15:96:
f7:61:8e:e1:69:b9:1b:a6:6f:6a:59:16:60:48:62:
f4:cc:5b:1f:d8:56:8f:5e:2c:ac:af:9f:a4:b1:05:
ea:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:CF:3F:06:93:78:32:34:44:F2:E2:2D:13:18:AA:65:06:0E:D7:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a464ff-7b9d-43f0-869d-7e7c66a7a5e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8800::/38
Signature Algorithm: sha256WithRSAEncryption
bd:2a:6d:47:c7:79:15:25:69:e3:41:79:a5:18:ff:f6:f4:b7:
97:2a:2f:b0:eb:ab:98:27:b9:5f:af:fd:c4:27:0b:dd:1e:1a:
9a:ff:2b:5a:7e:f7:83:4f:d6:ad:1f:de:d3:f1:d1:1e:db:85:
40:db:dd:ce:58:38:d9:cf:84:cd:b4:0e:5b:9a:5c:c2:08:cb:
8d:35:e7:56:cf:23:da:9e:c7:19:06:9a:92:ad:b4:7d:ed:d3:
08:bd:c8:78:12:75:7b:14:3a:43:fb:e8:3d:d0:ba:1f:8c:61:
0c:3c:18:f7:72:59:d5:9b:a5:ce:d6:13:fe:b1:c3:98:bc:35:
50:2e:fd:e7:a5:f9:3f:87:4e:aa:dc:44:0c:ab:45:1c:d4:22:
93:ea:ea:25:d7:d5:97:de:18:e7:e4:df:68:0a:19:e6:43:b7:
82:a8:db:59:09:26:59:e8:dc:f2:c4:a4:f3:8c:07:bb:5f:83:
7e:1a:71:79:3c:e1:0b:f3:26:2f:43:3d:66:f9:03:02:21:35:
ca:53:be:ef:fb:ef:be:34:e1:af:8a:6c:40:98:e2:12:ba:3c:
71:1e:dc:24:c0:7d:91:ca:66:54:d4:5a:9b:d4:8a:9d:6b:e9:
f2:95:c8:b4:d9:e7:8a:71:3e:3f:a4:95:67:4e:8c:a1:9d:8f:
80:47:f9:63
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNbr30tSyzGwXTi3mXeBN3qkwxxQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIwMTFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0MjAxOTBjZDk2NjNkMmFkODViMDkxNmY2MWFkNmUwNTIzY2U2MGI4NWE0
NGQ2MTk3MmIwNDVhZDA3NTc1NmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9ny+q5+rUXeZXbndTjA8WKoIqXGglRoEjYxtMM/OUfWhrBRBLVq+SS1i7N
XgvmNev7yYaxmn/oyt4mVhJsnxI3kAhJOOBn5S3D5CB3nJuvdDSEBf8NYZiMZRSH
haQjUOIOK0du/wMJhV0iP6y5riWAE65DflqFRbNSBdfUdzIPOC9iS2wcEJqrAZAb
bU25FcCTpSQaSwej8CTSp7gqEFHUcQ0A9/Sud/WmiY9Tb/9qh4qvZ0b+CXtp1LIT
aM5Qhj9tm6f/+WD+SR2AqEFzC8jhOElAuPrvOfmSFOlXNxWW92GO4Wm5G6ZvalkW
YEhi9MxbH9hWj14srK+fpLEF6jsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT0zz8G
k3gyNETy4i0TGKplBg7XyzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRhNDY0ZmYtN2I5ZC00M2YwLTg2OWQtN2U3YzY2YTdhNWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCI
MA0GCSqGSIb3DQEBCwUAA4IBAQC9Km1Hx3kVJWnjQXmlGP/29LeXKi+w66uYJ7lf
r/3EJwvdHhqa/ytafveDT9atH97T8dEe24VA293OWDjZz4TNtA5bmlzCCMuNNedW
zyPanscZBpqSrbR97dMIvch4EnV7FDpD++g90LofjGEMPBj3clnVm6XO1hP+scOY
vDVQLv3npfk/h06q3EQMq0Uc1CKT6uol19WX3hjn5N9oChnmQ7eCqNtZCSZZ6Nzy
xKTzjAe7X4N+GnF5POEL8yYvQz1m+QMCITXKU77v++++NOGvimxAmOISujxxHtwk
wH2RymZU1Fqb1Iqda+nylci02eeKcT4/pJVnToyhnY+AR/lj
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:06 2025 by rpki-client