Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
File: 0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa (raw, json)
Hash identifier: ywStErZ4vVSZj30LYR1YE0sHrLRUPGuPXR/z60C3rqI=
Subject key identifier: E7:38:38:DC:CD:C9:9F:84:22:D2:FC:50:26:D2:91:FD:40:60:76:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1CAB0B3F24433A749F0B278AAB4D51C362257139
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
Signing time: Mon 01 Sep 2025 21:21:10 +0000
ROA not before: Mon 01 Sep 2025 21:21:10 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:ab:0b:3f:24:43:3a:74:9f:0b:27:8a:ab:4d:51:c3:62:25:71:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:21:10 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=ac6d1cdb381fad5f7dc96355b774b78a05a75597b20456e742934f3c2d6cf143, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:18:38:4b:36:63:ae:37:93:4c:d1:13:5d:df:
60:fa:d3:1d:c2:9a:c5:91:96:eb:2e:d4:c8:33:88:
a6:2e:96:c0:23:a2:e0:e5:ee:71:be:41:d0:ea:0b:
76:ca:2a:04:7f:de:79:d4:fc:c7:22:b5:18:a6:49:
54:74:be:63:7d:3d:f9:45:dd:d4:31:68:5a:01:39:
82:ac:46:04:a6:fa:f9:8c:79:40:c4:6a:30:96:fa:
2e:1f:cf:2a:8f:ae:8a:3f:fa:42:ee:7d:22:58:31:
39:6c:c3:16:fb:39:c6:2d:cc:be:6f:e3:49:d9:bb:
d9:52:13:f4:93:55:0a:de:07:00:b4:d9:ad:7c:72:
15:b2:ab:e6:dc:09:e7:54:e5:a8:34:c8:e6:85:2f:
0d:19:4e:be:93:1e:d5:3d:7c:71:25:a4:68:9a:f2:
80:4b:72:e0:f2:0d:89:ed:a4:2b:23:3f:0e:3a:74:
b6:45:e5:11:b9:4d:bf:a7:c6:0d:5a:db:fc:d5:9a:
4c:cf:8a:81:bf:bc:c6:da:41:bb:5c:72:53:34:a6:
ff:c5:6f:03:95:b6:fc:5a:e4:d3:8c:a7:78:6f:d2:
43:dc:b3:98:85:cd:b6:a7:72:ec:59:1d:c1:67:28:
a9:da:18:ed:38:dc:23:c9:84:7e:c0:d2:8d:8f:20:
9e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:38:38:DC:CD:C9:9F:84:22:D2:FC:50:26:D2:91:FD:40:60:76:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:1000::/36
Signature Algorithm: sha256WithRSAEncryption
1a:28:a5:eb:e3:dd:6d:35:1a:07:30:2d:5d:2b:1d:dc:5c:05:
1a:a0:bc:3f:e7:c7:4d:42:ea:32:7c:33:b4:53:e9:5b:63:40:
9e:d0:40:93:f9:85:71:dd:1c:44:23:cf:ab:21:ce:0a:94:34:
76:8d:73:ec:a5:7a:55:fe:a5:72:24:3d:0f:85:44:57:6b:7f:
2f:1d:47:92:84:d0:42:b6:00:a7:3f:57:4e:40:a0:21:36:c0:
2d:03:28:8a:4c:09:03:90:36:e7:96:14:5d:e3:a8:0f:0a:1e:
80:e1:38:b8:f5:72:29:65:20:54:b5:b5:cf:4c:db:e9:a7:86:
2a:c0:70:50:d7:99:70:d4:18:fc:41:aa:06:a3:e5:de:a5:f1:
f5:26:c4:1e:c2:cd:da:33:ac:f4:2c:96:68:32:68:23:54:12:
47:c6:2a:6d:18:40:00:64:92:0a:4d:b9:c8:20:72:b2:0a:95:
11:df:d7:29:a9:d5:b0:a3:5e:67:6f:92:86:86:2a:c8:f4:d6:
60:32:64:6a:30:9c:75:b7:2e:db:48:f3:31:e0:26:f8:0f:26:
8f:d3:1f:bc:08:62:c0:9d:2b:1d:f9:73:4c:f3:8d:30:6b:ae:
01:3e:ba:5a:f1:bd:f5:54:d0:76:a3:d7:9e:ce:b3:19:3f:54:
eb:24:a7:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHKsLPyRDOnSfCyeKq01Rw2IlcTkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIxMTBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjNmQxY2RiMzgxZmFkNWY3ZGM5NjM1NWI3NzRiNzhhMDVhNzU1OTdiMjA0
NTZlNzQyOTM0ZjNjMmQ2Y2YxNDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcYOEs2Y643k0zRE13fYPrTHcKaxZGW6y7UyDOIpi6WwCOi4OXucb5B0OoL
dsoqBH/eedT8xyK1GKZJVHS+Y309+UXd1DFoWgE5gqxGBKb6+Yx5QMRqMJb6Lh/P
Ko+uij/6Qu59IlgxOWzDFvs5xi3Mvm/jSdm72VIT9JNVCt4HALTZrXxyFbKr5twJ
51TlqDTI5oUvDRlOvpMe1T18cSWkaJrygEty4PINie2kKyM/Djp0tkXlEblNv6fG
DVrb/NWaTM+Kgb+8xtpBu1xyUzSm/8VvA5W2/Frk04yneG/SQ9yzmIXNtqdy7Fkd
wWcoqdoY7TjcI8mEfsDSjY8gnicCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTnODjc
zcmfhCLS/FAm0pH9QGB29TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGJmNmNlZjgtOGM2MC00YTBlLTg5MzItY2ZkYTY0OGQyNzcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAaKKXr491tNRoHMC1dKx3cXAUaoLw/58dNQuoy
fDO0U+lbY0Ce0ECT+YVx3RxEI8+rIc4KlDR2jXPspXpV/qVyJD0PhURXa38vHUeS
hNBCtgCnP1dOQKAhNsAtAyiKTAkDkDbnlhRd46gPCh6A4Ti49XIpZSBUtbXPTNvp
p4YqwHBQ15lw1Bj8QaoGo+XepfH1JsQews3aM6z0LJZoMmgjVBJHxiptGEAAZJIK
TbnIIHKyCpUR39cpqdWwo15nb5KGhirI9NZgMmRqMJx1ty7bSPMx4Cb4DyaP0x+8
CGLAnSsd+XNM840wa64BPrpa8b31VNB2o9eezrMZP1TrJKdQ
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:42 2025 by rpki-client