Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
File: 09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa (raw, json)
Hash identifier: eHj5s2IruynbbUJEktYWhTWn+XbTFW3McTmWShqwh3U=
Subject key identifier: 75:73:3A:8B:BF:91:8D:08:6A:CA:2F:F2:59:8C:F3:A1:49:45:07:C1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 222DDA0260A3B2397F48B06E72F28A321301390D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
Signing time: Mon 01 Sep 2025 20:00:12 +0000
ROA not before: Mon 01 Sep 2025 20:00:12 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:2d:da:02:60:a3:b2:39:7f:48:b0:6e:72:f2:8a:32:13:01:39:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:00:12 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=5d11a35c381588e62890359188ea4571ebee40eb9c5db970220d34d3babbf3db, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b7:b1:5e:36:19:52:43:f1:a9:80:6f:4e:c4:
99:96:4d:bd:5e:56:d8:15:84:e7:71:a8:d3:67:4a:
f8:8c:04:0f:27:9a:78:3c:fe:0a:18:b0:63:c3:ff:
50:18:d7:e1:de:71:7f:09:06:ef:f0:9a:3b:a9:cb:
c1:11:a1:79:76:f3:41:0d:d7:a1:c3:f8:23:48:46:
b6:5e:74:db:7f:40:76:37:9c:46:54:c8:95:0b:1b:
9f:20:95:d0:21:b0:82:ae:b6:5a:b7:84:2b:a4:c1:
82:67:21:2d:02:88:84:be:59:a5:1e:5c:e2:12:b1:
45:3d:68:a9:eb:5e:e3:b1:94:dc:bc:f4:fe:d4:bb:
30:be:27:14:25:9a:38:42:cf:2e:63:33:b1:5a:fd:
31:4f:73:20:69:1d:31:76:88:78:9a:59:67:23:c9:
8b:73:05:a9:c0:fa:0c:04:ed:f9:90:21:6d:e5:d0:
88:fe:33:95:10:7f:6b:08:6b:fc:a4:dd:2f:76:00:
30:db:22:8e:19:03:64:c0:a9:fe:c0:9a:e1:65:d4:
d6:26:d1:0f:e8:a6:15:b4:23:2f:5e:4d:32:ac:59:
56:08:7a:b5:56:f5:d1:8d:fd:9f:16:f6:64:24:9d:
93:eb:26:59:f0:7c:6b:0e:1c:81:86:32:19:e2:42:
19:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:73:3A:8B:BF:91:8D:08:6A:CA:2F:F2:59:8C:F3:A1:49:45:07:C1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8020::/48
Signature Algorithm: sha256WithRSAEncryption
c4:4c:68:3d:d9:ee:96:c8:ad:65:ee:20:91:5b:30:11:d4:20:
4e:bf:ec:16:4a:15:12:8a:ab:48:91:6f:a6:f8:33:bd:81:d7:
09:75:11:70:7a:e0:1b:9a:9b:38:66:7d:6f:fd:58:a1:b5:04:
49:bf:5f:21:a3:87:6e:70:99:f1:97:3c:68:0d:e3:f4:80:d0:
39:4b:37:92:68:66:65:cb:b8:fd:b8:44:65:ed:70:ec:9e:31:
74:43:60:8f:be:c3:0d:12:af:0f:7e:d8:92:eb:27:a0:b3:c2:
c0:e7:eb:e2:b3:76:eb:91:7d:b4:e9:7c:56:c1:03:6a:17:57:
8d:9a:19:79:46:5d:70:45:c9:25:2b:ee:77:50:1e:c8:42:3c:
fe:11:6a:cd:c6:64:12:3b:2c:77:7f:d1:dc:55:e5:a3:e8:42:
05:fa:d0:55:f1:98:27:13:39:e9:2b:db:22:a9:7a:95:9c:30:
36:dd:fd:5e:50:03:15:6a:81:7f:c5:38:08:7b:52:1c:57:3f:
de:87:5d:a7:e4:c8:93:2f:a0:e1:96:22:45:d9:cb:2d:b7:a0:
9f:4c:60:b2:23:cc:2e:36:66:73:8c:3d:1c:2f:ca:70:e3:76:
b0:e0:70:ee:3d:5c:3a:f1:3a:22:06:86:41:b8:0b:64:75:7d:
18:23:8e:f0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIi3aAmCjsjl/SLBucvKKMhMBOQ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDAwMTJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkMTFhMzVjMzgxNTg4ZTYyODkwMzU5MTg4ZWE0NTcxZWJlZTQwZWI5YzVk
Yjk3MDIyMGQzNGQzYmFiYmYzZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM23sV42GVJD8amAb07EmZZNvV5W2BWE53Go02dK+IwEDyeaeDz+ChiwY8P/
UBjX4d5xfwkG7/CaO6nLwRGheXbzQQ3XocP4I0hGtl50239AdjecRlTIlQsbnyCV
0CGwgq62WreEK6TBgmchLQKIhL5ZpR5c4hKxRT1oqete47GU3Lz0/tS7ML4nFCWa
OELPLmMzsVr9MU9zIGkdMXaIeJpZZyPJi3MFqcD6DATt+ZAhbeXQiP4zlRB/awhr
/KTdL3YAMNsijhkDZMCp/sCa4WXU1ibRD+imFbQjL15NMqxZVgh6tVb10Y39nxb2
ZCSdk+smWfB8aw4cgYYyGeJCGRECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR1czqL
v5GNCGrKL/JZjPOhSUUHwTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDlmNjRlZGEtMmI5Yy00Yzg5LThlYjQtN2NmYjA4YjJiYTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
IDANBgkqhkiG9w0BAQsFAAOCAQEAxExoPdnulsitZe4gkVswEdQgTr/sFkoVEoqr
SJFvpvgzvYHXCXURcHrgG5qbOGZ9b/1YobUESb9fIaOHbnCZ8Zc8aA3j9IDQOUs3
kmhmZcu4/bhEZe1w7J4xdENgj77DDRKvD37YkusnoLPCwOfr4rN265F9tOl8VsED
ahdXjZoZeUZdcEXJJSvud1AeyEI8/hFqzcZkEjssd3/R3FXlo+hCBfrQVfGYJxM5
6SvbIql6lZwwNt39XlADFWqBf8U4CHtSHFc/3oddp+TIky+g4ZYiRdnLLbegn0xg
siPMLjZmc4w9HC/KcON2sOBw7j1cOvE6IgaGQbgLZHV9GCOO8A==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:44 2025 by rpki-client