Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
File: 09a66d07-54a4-4c26-8a49-e43710070e4d.roa (raw, json)
Hash identifier: JHOXAsRxVoJueoCVO5qLs1ze/gWTOQDve5b6rGhxeDQ=
Subject key identifier: 21:05:C1:62:2B:6B:DA:19:60:3B:DE:80:AF:98:A2:0E:71:E9:80:B2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2975F905B2CB70B0AEB4529ADA1AF351CE51E534
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
Signing time: Mon 01 Sep 2025 20:10:55 +0000
ROA not before: Mon 01 Sep 2025 20:10:55 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:75:f9:05:b2:cb:70:b0:ae:b4:52:9a:da:1a:f3:51:ce:51:e5:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:10:55 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=229fd380e710540ae812748204953eb0c669c7258cdb7951f2e5076518fe6fc5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:21:55:1e:ae:5c:59:f4:b4:8f:df:60:34:4d:
38:41:f3:4d:56:5d:7a:6f:3d:0b:fa:d7:1d:1f:89:
e6:59:12:f6:1f:6e:57:f1:ab:03:29:d2:01:83:b5:
ec:b9:7f:ad:e4:a4:8f:71:ab:db:21:9f:f7:25:b6:
91:b7:7f:4f:e1:ab:17:56:66:59:80:86:69:c2:48:
5a:fc:cf:1d:ac:c1:be:3e:47:3c:00:3b:34:4e:9d:
ea:86:c6:cc:92:dc:b1:a9:77:8d:7d:9a:fd:17:aa:
f0:5f:1c:3e:7e:59:96:79:fd:f7:84:cd:cf:fa:c4:
e4:12:aa:7b:12:e2:77:61:08:ac:77:05:88:3c:1d:
cd:3b:14:5f:45:44:c8:08:35:b6:15:0b:ec:fb:c5:
08:9d:6a:69:ee:c0:46:84:16:3e:9b:fe:61:6f:b6:
cd:6b:56:7b:3b:4a:72:59:61:fc:98:85:97:c4:a5:
49:fc:13:27:c1:8a:34:63:ad:21:1a:89:2c:ef:17:
68:8b:d1:da:1b:2a:0b:81:fd:5a:e8:76:3b:bc:f7:
04:8b:a6:65:99:ae:f3:d9:1e:bc:05:cb:1b:4c:a9:
d2:ae:54:d7:ac:5a:92:73:7a:aa:48:66:e1:9f:a8:
ad:82:cf:0d:eb:34:51:4a:fb:47:3f:27:ba:70:40:
97:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:05:C1:62:2B:6B:DA:19:60:3B:DE:80:AF:98:A2:0E:71:E9:80:B2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09a66d07-54a4-4c26-8a49-e43710070e4d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1080::/48
Signature Algorithm: sha256WithRSAEncryption
2e:c6:40:61:27:c9:9b:b7:ee:07:46:16:18:b2:00:24:09:04:
4b:04:5e:3a:cf:9b:43:c7:33:72:f6:e9:6a:ce:55:48:1c:5d:
79:93:15:19:11:2a:0d:f8:22:97:a3:15:f5:6a:28:86:39:6a:
08:0e:db:f2:6e:64:63:6b:d5:08:2c:d4:00:5f:f0:d3:0c:35:
68:db:40:44:27:33:25:16:2d:67:11:03:32:2b:3d:ee:4c:bc:
3c:40:12:24:d4:88:a6:81:b9:ba:a5:8e:00:0b:eb:2e:fa:f8:
d1:67:95:ac:3b:4c:36:d4:a5:05:61:64:f3:06:62:47:19:31:
48:0f:ec:22:75:33:24:ae:66:5e:a5:38:94:85:78:5c:18:6b:
f1:f2:a8:ac:c2:ef:8e:46:0c:0a:6d:04:81:86:7d:e0:16:c7:
87:15:d4:2b:1a:66:f5:da:af:25:0c:25:f1:74:b3:5f:46:e1:
dc:9b:c8:70:79:46:ec:b0:d3:4f:6f:c4:92:a9:45:8b:cc:e1:
0a:ca:5e:ef:97:12:59:0c:5b:12:80:7b:57:a9:57:3a:b7:43:
d3:5e:0b:dc:55:06:8b:66:6d:d4:c5:41:e6:28:85:6b:c9:ad:
98:00:76:74:66:eb:87:ae:eb:db:9c:d7:e6:0e:99:86:0d:24:
6f:2e:07:cd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKXX5BbLLcLCutFKa2hrzUc5R5TQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDEwNTVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyOWZkMzgwZTcxMDU0MGFlODEyNzQ4MjA0OTUzZWIwYzY2OWM3MjU4Y2Ri
Nzk1MWYyZTUwNzY1MThmZTZmYzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPkhVR6uXFn0tI/fYDRNOEHzTVZdem89C/rXHR+J5lkS9h9uV/GrAynSAYO1
7Ll/reSkj3Gr2yGf9yW2kbd/T+GrF1ZmWYCGacJIWvzPHazBvj5HPAA7NE6d6obG
zJLcsal3jX2a/Req8F8cPn5Zlnn994TNz/rE5BKqexLid2EIrHcFiDwdzTsUX0VE
yAg1thUL7PvFCJ1qae7ARoQWPpv+YW+2zWtWeztKcllh/JiFl8SlSfwTJ8GKNGOt
IRqJLO8XaIvR2hsqC4H9Wuh2O7z3BIumZZmu89kevAXLG0yp0q5U16xaknN6qkhm
4Z+orYLPDes0UUr7Rz8nunBAl+kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQhBcFi
K2vaGWA73oCvmKIOcemAsjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDlhNjZkMDctNTRhNC00YzI2LThhNDktZTQzNzEwMDcwZTRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
gDANBgkqhkiG9w0BAQsFAAOCAQEALsZAYSfJm7fuB0YWGLIAJAkESwReOs+bQ8cz
cvbpas5VSBxdeZMVGREqDfgil6MV9WoohjlqCA7b8m5kY2vVCCzUAF/w0ww1aNtA
RCczJRYtZxEDMis97ky8PEASJNSIpoG5uqWOAAvrLvr40WeVrDtMNtSlBWFk8wZi
RxkxSA/sInUzJK5mXqU4lIV4XBhr8fKorMLvjkYMCm0EgYZ94BbHhxXUKxpm9dqv
JQwl8XSzX0bh3JvIcHlG7LDTT2/EkqlFi8zhCspe75cSWQxbEoB7V6lXOrdD014L
3FUGi2Zt1MVB5iiFa8mtmAB2dGbrh67r25zX5g6Zhg0kby4HzQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:05 2025 by rpki-client