Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
File: 05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa (raw, json)
Hash identifier: 4kKk22erttJKpFVkRakO4dyFh8eqGvxKd346I2V8TI4=
Subject key identifier: 82:11:26:99:AD:19:A7:9A:D5:E3:53:A2:D8:7A:82:00:36:24:1B:2F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24FE42B8F3B89B58C5863AEBDEAAD03D487FF346
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
Signing time: Mon 01 Sep 2025 20:21:24 +0000
ROA not before: Mon 01 Sep 2025 20:21:24 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8050::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:fe:42:b8:f3:b8:9b:58:c5:86:3a:eb:de:aa:d0:3d:48:7f:f3:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:21:24 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=30e0ae7d13ebae5695a14014b0e4ac6f79c137a7d184e619268a18fddf47a336, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6e:59:dd:32:a8:2d:ea:4e:72:68:d6:ae:45:
08:3b:4d:c0:71:ac:24:bd:0c:1c:c7:cb:97:58:03:
b1:09:7a:eb:c5:e8:b7:53:ac:6e:cd:6f:25:b5:92:
c0:34:18:70:55:82:fe:b3:e0:18:fe:c6:46:77:03:
f6:13:ea:a2:7d:be:dc:81:9d:b1:5d:0d:e8:c3:97:
f1:3c:35:ff:08:ef:83:23:71:de:f8:f9:1c:57:99:
ad:52:cc:a1:ed:20:f5:9f:21:9c:2c:91:ce:f6:c0:
24:8f:39:a1:33:a6:60:b0:bf:91:d3:5e:e0:9c:ed:
69:4a:83:c8:4b:dd:99:5c:6f:7c:12:37:57:a8:c0:
b8:3c:3c:4d:bc:16:ec:69:ba:23:fb:d4:54:14:32:
39:ae:10:c6:48:56:7c:b7:92:4c:7f:58:e7:f7:44:
26:3f:b6:f7:0b:a5:11:9f:5e:fc:2c:4a:7b:39:78:
c7:93:0c:fd:cc:24:4f:a6:2d:cf:b7:eb:75:37:57:
85:26:0f:cf:47:42:83:97:43:ea:bb:99:dd:98:74:
1b:4e:42:fa:41:b8:ca:ed:42:3c:3d:85:65:ef:c1:
11:f2:37:6b:f3:97:93:81:8c:90:43:72:7a:f7:f0:
0c:63:85:99:51:da:c8:81:73:74:41:45:09:82:0e:
53:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:11:26:99:AD:19:A7:9A:D5:E3:53:A2:D8:7A:82:00:36:24:1B:2F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05f7ab3f-cb73-49a6-aada-440bf4dbf3b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8050::/48
Signature Algorithm: sha256WithRSAEncryption
45:d1:6c:56:bb:50:5e:94:45:26:33:2d:38:38:f0:0c:ed:33:
58:2f:2d:76:e4:b7:7c:fa:f0:65:10:0b:64:2d:0e:86:f6:71:
a3:3b:97:1a:fe:fd:16:f1:7b:c9:41:9a:3e:75:8a:24:ca:b8:
4f:6d:f6:20:76:05:3a:32:d3:db:60:7d:e6:75:94:e7:a5:a1:
c2:ae:e0:9d:a4:71:f8:6f:61:cc:b2:b2:d6:5a:14:51:a1:eb:
26:c6:60:7e:cd:f4:fe:97:a1:1c:5f:63:47:2a:ff:3f:08:9a:
01:46:54:19:94:9d:3a:e0:aa:0f:31:fa:98:3c:d2:1e:fb:c8:
59:1b:8a:d6:8e:fb:ba:99:35:bc:3a:53:db:a9:ab:c4:12:4d:
9b:5b:bc:f2:4a:cc:32:52:3e:d9:45:e8:2a:e3:02:be:8c:2e:
df:9d:42:53:2b:ea:43:05:8e:29:c5:37:5d:e9:a7:79:42:1f:
44:7e:ee:1d:53:6e:1c:6b:bb:35:2f:99:43:69:f0:e9:66:d1:
0a:98:a9:0b:1b:46:d5:1a:c6:69:cf:e7:a6:70:fc:44:7d:a8:
3a:70:d8:45:68:1a:4f:d8:fd:ed:02:5b:7a:7f:66:9b:21:7c:
59:b3:a3:ee:c0:82:c2:7b:27:63:75:b7:9d:db:cc:20:1c:70:
7b:8f:a0:a0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJP5CuPO4m1jFhjrr3qrQPUh/80YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIxMjRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwZTBhZTdkMTNlYmFlNTY5NWExNDAxNGIwZTRhYzZmNzljMTM3YTdkMTg0
ZTYxOTI2OGExOGZkZGY0N2EzMzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5uWd0yqC3qTnJo1q5FCDtNwHGsJL0MHMfLl1gDsQl668Xot1Osbs1vJbWS
wDQYcFWC/rPgGP7GRncD9hPqon2+3IGdsV0N6MOX8Tw1/wjvgyNx3vj5HFeZrVLM
oe0g9Z8hnCyRzvbAJI85oTOmYLC/kdNe4JztaUqDyEvdmVxvfBI3V6jAuDw8TbwW
7Gm6I/vUVBQyOa4QxkhWfLeSTH9Y5/dEJj+29wulEZ9e/CxKezl4x5MM/cwkT6Yt
z7frdTdXhSYPz0dCg5dD6ruZ3Zh0G05C+kG4yu1CPD2FZe/BEfI3a/OXk4GMkENy
evfwDGOFmVHayIFzdEFFCYIOU4ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSCESaZ
rRmnmtXjU6LYeoIANiQbLzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDVmN2FiM2YtY2I3My00OWE2LWFhZGEtNDQwYmY0ZGJmM2I1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
UDANBgkqhkiG9w0BAQsFAAOCAQEARdFsVrtQXpRFJjMtODjwDO0zWC8tduS3fPrw
ZRALZC0OhvZxozuXGv79FvF7yUGaPnWKJMq4T232IHYFOjLT22B95nWU56Whwq7g
naRx+G9hzLKy1loUUaHrJsZgfs30/pehHF9jRyr/PwiaAUZUGZSdOuCqDzH6mDzS
HvvIWRuK1o77upk1vDpT26mrxBJNm1u88krMMlI+2UXoKuMCvowu351CUyvqQwWO
KcU3XemneUIfRH7uHVNuHGu7NS+ZQ2nw6WbRCpipCxtG1RrGac/npnD8RH2oOnDY
RWgaT9j97QJben9mmyF8WbOj7sCCwnsnY3W3ndvMIBxwe4+goA==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:02 2025 by rpki-client