Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d8c280f-edb2-45fb-9207-8226dc900bb1.roa
File: 0d8c280f-edb2-45fb-9207-8226dc900bb1.roa (raw, json)
Hash identifier: PMtNfz6AdqwzaalU7EdWHlxWLwBmRlu5tzxtVeQOfIw=
Subject key identifier: 06:45:A5:AD:16:50:9F:FD:F6:F3:F0:D3:46:57:42:62:F8:90:39:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67004FE0F22EF2AA40207221070BC14BF7FFB2BE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d8c280f-edb2-45fb-9207-8226dc900bb1.roa
Signing time: Mon 01 Sep 2025 19:50:24 +0000
ROA not before: Mon 01 Sep 2025 19:50:24 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:5080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:00:4f:e0:f2:2e:f2:aa:40:20:72:21:07:0b:c1:4b:f7:ff:b2:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:50:24 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=f93b15dafd3098b2c9160edfef7fd85d9e11e101b96cdd789c286d5eb91c1de4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ca:0f:fb:db:dc:80:ac:02:1f:32:34:67:14:
46:7e:84:fd:de:dc:a1:e5:7a:34:44:9e:25:d9:15:
c9:5b:c7:b6:89:9e:c4:97:91:fa:84:04:47:10:54:
ec:1d:0c:9f:11:d7:31:24:fb:20:0e:0d:f3:1e:92:
c0:75:d7:6f:8b:65:f1:53:3f:2d:38:62:7a:43:31:
a9:4d:16:b5:17:b1:ee:34:6a:b7:f6:af:57:51:40:
59:1d:f6:64:8a:48:55:92:9d:f2:d3:e2:39:8b:ad:
7b:cd:6b:0d:d5:00:61:e5:52:b2:14:c2:74:44:76:
9f:9e:a6:14:f3:21:33:12:0b:df:a4:63:74:fb:6d:
99:a7:f4:ea:76:e5:5e:43:ed:f5:c9:e3:f0:13:d8:
53:83:71:8c:54:7d:22:17:20:4d:23:46:8c:f4:88:
30:56:2e:0f:1e:b9:ba:80:d5:b8:98:7e:d4:9a:f0:
96:a7:f6:f8:d1:99:dc:bd:2f:4c:22:30:08:5b:19:
53:ce:38:07:6e:d9:ab:68:cd:6a:85:af:b5:25:ef:
44:02:5a:9f:70:be:52:01:84:b1:09:c6:2c:b8:03:
d7:c5:ad:48:11:68:e3:fd:20:b1:ed:f6:49:cc:44:
34:a2:3a:52:ed:f8:c2:7e:50:03:59:3d:21:a9:b0:
24:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:45:A5:AD:16:50:9F:FD:F6:F3:F0:D3:46:57:42:62:F8:90:39:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0d8c280f-edb2-45fb-9207-8226dc900bb1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:5080::/48
Signature Algorithm: sha256WithRSAEncryption
ad:29:71:e8:5d:64:4f:90:4e:38:3d:8a:e0:8b:0f:9d:2a:26:
1c:e0:6f:40:a4:dc:5b:3f:a3:e9:ae:5d:3b:b0:1a:e9:24:e4:
93:05:b4:f1:fd:41:01:d0:45:01:0f:c0:ae:7d:a5:fd:a0:14:
49:97:91:e4:4f:a0:96:17:e8:de:e9:0d:9f:5f:2f:c1:d7:8d:
a0:b7:bc:22:b4:b0:b2:e7:89:5a:e5:1b:ce:ca:f0:2c:29:ca:
18:8e:9b:10:9c:9d:35:ff:32:48:ee:e9:1c:78:80:61:8a:65:
88:33:83:46:12:ac:cb:11:b0:8f:5d:56:94:97:81:81:24:50:
9e:66:97:af:91:48:4d:44:12:84:ed:66:c3:0c:8c:07:cf:91:
db:08:eb:77:d7:1d:54:01:6e:e9:ac:fb:18:41:3e:84:74:e9:
c7:b3:b0:fc:4b:d3:ff:7b:d9:6f:ab:03:a3:5a:48:3b:c0:93:
d7:3b:7b:a8:44:ca:1f:31:54:3d:9e:df:cb:52:67:00:9d:cc:
a9:5b:a1:33:c1:a2:a6:24:99:99:e8:5f:ee:cb:ea:d6:cd:8f:
38:81:3e:1c:6d:1e:73:df:40:87:86:f5:bc:f6:f2:6e:2f:80:
1f:ac:d1:be:2f:9a:5f:6b:b3:d8:29:92:ba:52:f7:43:7b:e1:
4d:c8:e6:fe
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZwBP4PIu8qpAIHIhBwvBS/f/sr4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTUwMjRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5M2IxNWRhZmQzMDk4YjJjOTE2MGVkZmVmN2ZkODVkOWUxMWUxMDFiOTZj
ZGQ3ODljMjg2ZDVlYjkxYzFkZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfKD/vb3ICsAh8yNGcURn6E/d7coeV6NESeJdkVyVvHtomexJeR+oQERxBU
7B0MnxHXMST7IA4N8x6SwHXXb4tl8VM/LThiekMxqU0WtRex7jRqt/avV1FAWR32
ZIpIVZKd8tPiOYute81rDdUAYeVSshTCdER2n56mFPMhMxIL36RjdPttmaf06nbl
XkPt9cnj8BPYU4NxjFR9IhcgTSNGjPSIMFYuDx65uoDVuJh+1Jrwlqf2+NGZ3L0v
TCIwCFsZU844B27Zq2jNaoWvtSXvRAJan3C+UgGEsQnGLLgD18WtSBFo4/0gse32
ScxENKI6Uu34wn5QA1k9IamwJAsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQGRaWt
FlCf/fbz8NNGV0Ji+JA5ejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGQ4YzI4MGYtZWRiMi00NWZiLTkyMDctODIyNmRjOTAwYmIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFQ
gDANBgkqhkiG9w0BAQsFAAOCAQEArSlx6F1kT5BOOD2K4IsPnSomHOBvQKTcWz+j
6a5dO7Aa6STkkwW08f1BAdBFAQ/Arn2l/aAUSZeR5E+glhfo3ukNn18vwdeNoLe8
IrSwsueJWuUbzsrwLCnKGI6bEJydNf8ySO7pHHiAYYpliDODRhKsyxGwj11WlJeB
gSRQnmaXr5FITUQShO1mwwyMB8+R2wjrd9cdVAFu6az7GEE+hHTpx7Ow/EvT/3vZ
b6sDo1pIO8CT1zt7qETKHzFUPZ7fy1JnAJ3MqVuhM8GipiSZmehf7svq1s2POIE+
HG0ec99Ah4b1vPbybi+AH6zRvi+aX2uz2CmSulL3Q3vhTcjm/g==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:00 2025 by rpki-client