Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa
File: 04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa (raw, json)
Hash identifier: vi1D/LEJgbCiLvNrfu/lpHl+jMZvcfcAO+oeKpf0vbs=
Subject key identifier: 2A:2B:1F:28:13:49:14:FB:72:63:E2:E8:31:02:77:2B:42:0C:FF:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7CFA6EF8FF5C3AE08269406A492A596CD40BE7FA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa
Signing time: Mon 01 Sep 2025 20:21:32 +0000
ROA not before: Mon 01 Sep 2025 20:21:32 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:fa:6e:f8:ff:5c:3a:e0:82:69:40:6a:49:2a:59:6c:d4:0b:e7:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:21:32 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=98c3195f8206ac3daa4638d826a5c1745dc1a59badab2b32ad5a5ebc3af24cad, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f9:16:c0:17:99:c7:32:97:58:c7:f8:ac:13:
db:b1:d3:c5:d1:fe:f2:53:f0:16:1e:cd:b0:76:dc:
29:83:45:60:4a:2a:ee:90:11:9c:b9:77:58:22:a8:
b3:f4:dc:45:c4:e4:bf:3d:62:fa:6f:6f:95:58:9a:
4e:2c:3a:d8:af:e4:6e:6a:83:b0:c6:8d:e0:0a:90:
af:3d:c3:aa:e6:79:c6:3d:da:60:95:42:f3:82:10:
86:1c:84:4d:37:ad:c0:f9:08:55:d6:4f:08:1a:19:
c4:57:35:90:4d:7a:12:e3:8a:01:fa:3b:7d:9c:93:
fc:00:c2:be:c5:45:71:dc:6a:7b:e1:2c:cb:58:db:
9a:89:4d:ef:28:80:ee:a2:a5:31:02:6f:54:99:4d:
d0:ba:82:f8:25:42:ec:7c:ad:14:60:63:0b:b5:bd:
6b:92:2b:d1:8b:ce:3f:f6:ac:05:c2:43:35:2a:02:
35:6b:13:2b:87:39:7c:39:5e:b1:38:03:89:6d:bb:
7d:93:c1:17:bc:55:43:62:db:a2:60:17:8e:12:fb:
11:e1:6e:79:e7:7e:41:65:5f:83:b8:10:13:96:96:
43:28:c6:06:dc:c5:9d:bc:84:d6:a0:ed:f9:13:be:
46:cd:40:f3:46:7b:70:be:6e:b0:fd:ae:37:b1:e3:
b9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2B:1F:28:13:49:14:FB:72:63:E2:E8:31:02:77:2B:42:0C:FF:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c000::/40
Signature Algorithm: sha256WithRSAEncryption
b2:d6:0f:bd:c7:25:18:20:72:3d:33:f6:b6:3d:50:a3:d6:f1:
8f:da:0d:19:6a:85:40:35:74:7a:96:e0:e4:9b:22:53:33:c4:
ad:9b:76:16:88:42:23:3a:5f:26:bc:2f:b5:57:0a:b6:5f:73:
58:07:da:58:0d:f5:88:28:ab:4e:8a:52:12:e8:38:d7:ed:51:
84:f0:08:28:f1:46:df:71:fe:e7:2d:62:46:9e:bb:0b:65:9f:
61:fc:c7:7a:ca:9d:d9:19:c0:a8:f4:82:08:cc:c4:14:b1:e4:
e6:b6:18:d3:7b:03:16:c3:fd:de:01:dd:a5:6f:af:50:11:42:
56:67:29:64:6b:80:95:9f:2f:c2:38:59:bc:44:df:6d:42:35:
2f:b5:1e:22:fc:f3:b4:78:20:64:68:e0:de:b7:a5:1e:de:16:
e1:80:7b:94:d7:25:3b:9a:78:ce:95:60:24:ca:6a:cc:ef:53:
c6:af:8a:b9:ea:99:56:18:4c:1a:8f:15:fb:fd:49:94:94:36:
5f:59:b0:c8:30:27:0e:9a:5b:3e:b9:e3:79:67:9a:a0:86:45:
8c:8b:6a:e4:eb:0b:39:de:f8:0e:07:39:97:ae:30:10:46:ca:
b4:1d:13:60:72:e0:92:34:94:05:80:7b:21:5c:76:49:69:a5:
db:7d:40:ce
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfPpu+P9cOuCCaUBqSSpZbNQL5/owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIxMzJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4YzMxOTVmODIwNmFjM2RhYTQ2MzhkODI2YTVjMTc0NWRjMWE1OWJhZGFi
MmIzMmFkNWE1ZWJjM2FmMjRjYWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMD5FsAXmccyl1jH+KwT27HTxdH+8lPwFh7NsHbcKYNFYEoq7pARnLl3WCKo
s/TcRcTkvz1i+m9vlViaTiw62K/kbmqDsMaN4AqQrz3DquZ5xj3aYJVC84IQhhyE
TTetwPkIVdZPCBoZxFc1kE16EuOKAfo7fZyT/ADCvsVFcdxqe+Esy1jbmolN7yiA
7qKlMQJvVJlN0LqC+CVC7HytFGBjC7W9a5Ir0YvOP/asBcJDNSoCNWsTK4c5fDle
sTgDiW27fZPBF7xVQ2LbomAXjhL7EeFueed+QWVfg7gQE5aWQyjGBtzFnbyE1qDt
+RO+Rs1A80Z7cL5usP2uN7HjuQkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQqKx8o
E0kU+3Jj4ugxAncrQgz/TDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRjMzRlYTEtY2RkYi00NWFhLTk3OWYtYmZlMWZhMDk5NWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DHA
MA0GCSqGSIb3DQEBCwUAA4IBAQCy1g+9xyUYIHI9M/a2PVCj1vGP2g0ZaoVANXR6
luDkmyJTM8Stm3YWiEIjOl8mvC+1Vwq2X3NYB9pYDfWIKKtOilIS6DjX7VGE8Ago
8Ubfcf7nLWJGnrsLZZ9h/Md6yp3ZGcCo9IIIzMQUseTmthjTewMWw/3eAd2lb69Q
EUJWZylka4CVny/COFm8RN9tQjUvtR4i/PO0eCBkaODet6Ue3hbhgHuU1yU7mnjO
lWAkymrM71PGr4q56plWGEwajxX7/UmUlDZfWbDIMCcOmls+ueN5Z5qghkWMi2rk
6ws53vgOBzmXrjAQRsq0HRNgcuCSNJQFgHshXHZJaaXbfUDO
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:05 2025 by rpki-client