Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
File: 0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa (raw, json)
Hash identifier: 4RRbPvM6VXCznNC3zS6lY36U6mqPLgOnd3ZQ3yZbw9I=
Subject key identifier: B5:0F:5F:F8:B7:7C:ED:2C:FF:85:4A:2F:CB:AF:AC:73:F9:13:41:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3AD44C38EE3D4C3CBBB59A4F819CD0DB07AD112B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
Signing time: Mon 01 Sep 2025 21:00:05 +0000
ROA not before: Mon 01 Sep 2025 21:00:05 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:d4:4c:38:ee:3d:4c:3c:bb:b5:9a:4f:81:9c:d0:db:07:ad:11:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:00:05 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=effa1e1507bd3a7a5c880d5923b081757389ddbeb07bdcd0cddb9f411f25d9b0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:10:ec:f0:6a:a3:94:42:f0:de:56:6e:2b:ab:
c3:16:91:e9:8a:32:8e:71:7c:f8:53:ec:b0:8b:1c:
35:1f:ac:87:31:b4:d6:8b:a9:96:39:db:12:3b:5e:
f6:94:ec:bc:f9:23:06:92:83:a7:1b:ef:3a:e4:db:
69:48:70:10:1c:39:32:80:10:3e:6c:33:db:50:16:
2c:fc:f7:c8:8a:83:c3:34:7f:a3:63:aa:47:13:0c:
06:5a:93:df:0b:ee:42:93:53:48:89:a4:c8:0e:86:
3e:2b:a5:31:bb:cf:7a:b5:f7:82:c5:7e:b3:d5:1a:
8d:38:df:4e:a4:9c:1d:cf:90:c7:f9:44:4d:3d:be:
7a:4c:80:97:13:07:0e:46:3c:cb:f5:8e:d1:bf:fe:
54:dc:c3:39:c3:c0:b4:6e:9c:63:30:42:f4:1a:bb:
dd:8e:8e:67:3e:bb:5f:ba:21:82:ce:05:0e:65:91:
7c:68:40:27:c2:1e:64:e9:44:ab:9c:d5:ac:32:07:
3d:43:20:fb:c1:86:03:db:01:fb:fa:94:21:00:77:
bd:4d:9f:6c:a4:98:b6:4b:cd:b7:d6:f0:8f:9d:98:
a9:ef:b4:f7:2e:68:30:40:ae:45:07:ad:a7:6d:82:
b9:01:6c:53:bd:f7:37:46:fb:80:22:fb:d0:72:fd:
52:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:0F:5F:F8:B7:7C:ED:2C:FF:85:4A:2F:CB:AF:AC:73:F9:13:41:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
3a:9a:5b:3e:40:b7:df:94:de:6c:0d:fb:bf:a6:60:62:29:32:
08:0a:e1:d6:58:c0:1e:bb:4e:8a:7e:95:bd:a0:12:49:77:af:
71:9f:8a:d1:c4:10:37:87:37:c3:12:84:de:64:f6:30:4c:ff:
a1:26:8f:db:66:7c:c2:be:43:af:23:c4:c9:c2:31:0a:29:80:
0c:75:f3:8c:70:59:56:4e:0b:eb:06:d9:03:ec:c3:9d:f3:dd:
44:dc:55:25:d5:c9:c9:96:3e:e2:1e:66:48:74:0d:17:3b:fb:
ee:81:26:e9:5c:1d:b2:d6:98:6b:c8:36:d5:74:70:16:73:12:
7b:30:db:7c:2a:b2:17:08:70:c2:64:12:33:fc:d7:b9:82:f4:
55:75:48:8d:d5:ab:40:a7:f0:09:a9:f4:18:78:3d:b9:f6:22:
ed:60:f0:6a:71:6f:43:f6:e3:17:db:f0:15:ad:26:7d:49:5f:
92:8e:62:27:d8:84:fe:ae:a2:8c:68:76:86:24:08:bb:34:1a:
4c:b9:ea:49:23:39:84:d0:12:e0:ce:34:10:4b:0c:56:dd:a7:
72:57:43:96:3a:65:04:10:ee:64:4a:c2:3c:47:cf:03:3e:e8:
ad:b5:a6:09:2f:e1:b7:41:41:d4:ad:f7:61:f9:bf:b5:2f:24:
dc:e9:3c:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOtRMOO49TDy7tZpPgZzQ2wetESswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAwMDVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmZmExZTE1MDdiZDNhN2E1Yzg4MGQ1OTIzYjA4MTc1NzM4OWRkYmViMDdi
ZGNkMGNkZGI5ZjQxMWYyNWQ5YjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI4Q7PBqo5RC8N5WbiurwxaR6YoyjnF8+FPssIscNR+shzG01oupljnbEjte
9pTsvPkjBpKDpxvvOuTbaUhwEBw5MoAQPmwz21AWLPz3yIqDwzR/o2OqRxMMBlqT
3wvuQpNTSImkyA6GPiulMbvPerX3gsV+s9UajTjfTqScHc+Qx/lETT2+ekyAlxMH
DkY8y/WO0b/+VNzDOcPAtG6cYzBC9Bq73Y6OZz67X7ohgs4FDmWRfGhAJ8IeZOlE
q5zVrDIHPUMg+8GGA9sB+/qUIQB3vU2fbKSYtkvNt9bwj52Yqe+09y5oMECuRQet
p22CuQFsU733N0b7gCL70HL9UvsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS1D1/4
t3ztLP+FSi/Lr6xz+RNBaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGUwODI1MzctNmUzNi00NzRhLTlmZjgtYjdkM2JjYWFiYjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Drg
MA0GCSqGSIb3DQEBCwUAA4IBAQA6mls+QLfflN5sDfu/pmBiKTIICuHWWMAeu06K
fpW9oBJJd69xn4rRxBA3hzfDEoTeZPYwTP+hJo/bZnzCvkOvI8TJwjEKKYAMdfOM
cFlWTgvrBtkD7MOd891E3FUl1cnJlj7iHmZIdA0XO/vugSbpXB2y1phryDbVdHAW
cxJ7MNt8KrIXCHDCZBIz/Ne5gvRVdUiN1atAp/AJqfQYeD259iLtYPBqcW9D9uMX
2/AVrSZ9SV+SjmIn2IT+rqKMaHaGJAi7NBpMuepJIzmE0BLgzjQQSwxW3adyV0OW
OmUEEO5kSsI8R88DPuittaYJL+G3QUHUrfdh+b+1LyTc6Tyc
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:22 2025 by rpki-client