Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
File: 0ca11d15-d37b-4319-9b90-152e667f85ef.roa (raw, json)
Hash identifier: PreZHmkge5g7hS/uLhV/C+5auvO3qz9+CRU/6zynpwQ=
Subject key identifier: CB:1D:53:9C:B3:E4:DC:E7:57:4D:F7:5A:B6:DC:EF:A5:50:AE:9D:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34FC1324C8B9CCB01B1D0C5ABB201FB26515AEB2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
Signing time: Mon 01 Sep 2025 20:30:42 +0000
ROA not before: Mon 01 Sep 2025 20:30:42 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:fc:13:24:c8:b9:cc:b0:1b:1d:0c:5a:bb:20:1f:b2:65:15:ae:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:42 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=89fd15dc96c122e84f67f9270ff0239d21ed85cc109cd2d6c32c6fa39619006d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:73:4c:a2:68:73:2e:f0:8a:8e:ab:94:bb:bd:
43:68:03:34:78:25:a9:ca:d6:a6:80:88:3e:80:7c:
fb:22:60:eb:a7:2b:af:76:d7:55:5b:2d:1e:3a:09:
05:04:35:5f:0d:bb:9e:ac:90:21:65:25:42:f6:b7:
61:87:ae:01:f3:7b:ff:c5:5b:dc:24:c3:7e:76:9a:
98:29:d1:9b:20:95:5a:9e:5a:0f:74:34:ec:70:d6:
e3:29:3a:13:0e:38:19:e4:12:8e:7f:fb:c8:e2:08:
d2:dd:5a:d6:89:e7:54:05:9f:51:96:db:8c:63:1a:
11:d5:06:30:df:ec:b6:fa:ad:4e:10:6d:81:7c:a3:
fc:06:35:a0:5f:32:ba:a1:7d:a3:5e:5b:58:f6:55:
b6:a0:1e:d0:18:04:1c:d9:63:90:fb:26:f4:e7:33:
87:57:e5:0f:62:17:5b:b0:ee:6e:20:74:cb:3e:e3:
9a:96:16:2d:9e:98:b0:3b:e5:fd:e5:1d:45:40:9d:
a5:98:22:f2:33:94:58:b9:0f:89:bc:30:a4:8f:62:
6f:8b:9e:ee:77:f5:15:0d:66:a7:66:76:a7:e1:97:
c1:d7:92:b8:25:9e:30:75:29:1c:66:de:f8:0e:86:
53:2c:8b:d3:07:c6:7c:a9:e2:53:e9:65:b6:2b:12:
16:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:1D:53:9C:B3:E4:DC:E7:57:4D:F7:5A:B6:DC:EF:A5:50:AE:9D:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ca11d15-d37b-4319-9b90-152e667f85ef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6000::/40
Signature Algorithm: sha256WithRSAEncryption
b5:bd:6b:04:5c:a1:5b:83:f4:b7:30:99:57:8b:90:7d:b3:3a:
e8:6f:9f:9c:8b:82:d3:ad:97:45:76:51:69:75:88:8d:c1:8f:
f8:f0:74:66:4f:31:b1:b0:66:d4:f4:c1:53:02:05:3a:95:57:
10:d2:ab:43:ac:a9:00:8d:5d:23:62:b7:ec:cd:fb:34:27:f7:
30:39:f7:30:13:3a:7f:06:cc:58:bc:67:f0:95:28:22:10:d9:
3c:b9:d7:7a:eb:2f:1f:6f:38:2d:8a:8b:01:a4:9b:ac:f5:8e:
52:a6:2b:25:2c:44:19:f1:f4:64:68:e0:60:af:5f:d9:5d:c8:
69:bb:11:a0:11:58:2a:82:bb:04:4c:a9:81:7d:ce:54:a0:33:
fd:e5:8f:e6:84:13:69:2b:03:31:59:15:e0:95:95:07:60:75:
97:b1:55:25:cd:9e:2b:e1:3f:5a:d5:2e:8f:ae:a8:d8:72:d8:
da:92:9a:ca:d0:bb:0b:d1:06:c4:22:9c:f0:e9:18:50:f9:3f:
05:b1:2c:67:60:8b:1e:0d:e9:00:06:d3:ab:53:17:b2:4d:f7:
83:3f:70:44:d5:1c:0d:29:81:bc:2b:0c:c7:95:82:03:b0:b1:
ba:57:54:06:49:21:ef:34:be:41:b0:63:ea:a0:07:07:58:a9:
d1:c4:52:3a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNPwTJMi5zLAbHQxauyAfsmUVrrIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwNDJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5ZmQxNWRjOTZjMTIyZTg0ZjY3ZjkyNzBmZjAyMzlkMjFlZDg1Y2MxMDlj
ZDJkNmMzMmM2ZmEzOTYxOTAwNmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPtzTKJocy7wio6rlLu9Q2gDNHglqcrWpoCIPoB8+yJg66crr3bXVVstHjoJ
BQQ1Xw27nqyQIWUlQva3YYeuAfN7/8Vb3CTDfnaamCnRmyCVWp5aD3Q07HDW4yk6
Ew44GeQSjn/7yOII0t1a1onnVAWfUZbbjGMaEdUGMN/stvqtThBtgXyj/AY1oF8y
uqF9o15bWPZVtqAe0BgEHNljkPsm9Oczh1flD2IXW7DubiB0yz7jmpYWLZ6YsDvl
/eUdRUCdpZgi8jOUWLkPibwwpI9ib4ue7nf1FQ1mp2Z2p+GXwdeSuCWeMHUpHGbe
+A6GUyyL0wfGfKniU+lltisSFkUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTLHVOc
s+Tc51dN91q23O+lUK6dLjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGNhMTFkMTUtZDM3Yi00MzE5LTliOTAtMTUyZTY2N2Y4NWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1g
MA0GCSqGSIb3DQEBCwUAA4IBAQC1vWsEXKFbg/S3MJlXi5B9szrob5+ci4LTrZdF
dlFpdYiNwY/48HRmTzGxsGbU9MFTAgU6lVcQ0qtDrKkAjV0jYrfszfs0J/cwOfcw
Ezp/BsxYvGfwlSgiENk8udd66y8fbzgtiosBpJus9Y5SpislLEQZ8fRkaOBgr1/Z
XchpuxGgEVgqgrsETKmBfc5UoDP95Y/mhBNpKwMxWRXglZUHYHWXsVUlzZ4r4T9a
1S6PrqjYctjakprK0LsL0QbEIpzw6RhQ+T8FsSxnYIseDekABtOrUxeyTfeDP3BE
1RwNKYG8KwzHlYIDsLG6V1QGSSHvNL5BsGPqoAcHWKnRxFI6
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:20 2025 by rpki-client