Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
File: 0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa (raw, json)
Hash identifier: QQZgvWAm1H/oft/xRGrnqp7VEKg70ylhfKaY5TpB+ns=
Subject key identifier: CE:FC:BD:D2:DF:93:E8:46:B7:7E:C3:FE:5F:AF:83:9D:38:52:B2:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37BBB8F8D3B7B4C3E3191FA649AFEEF218DAFF7A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
Signing time: Tue 02 Sep 2025 00:40:31 +0000
ROA not before: Tue 02 Sep 2025 00:40:31 +0000
ROA not after: Tue 07 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:bb:b8:f8:d3:b7:b4:c3:e3:19:1f:a6:49:af:ee:f2:18:da:ff:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 2 00:40:31 2025 GMT
Not After : Oct 7 23:59:59 2025 GMT
Subject: serialNumber=9b56e6ee230997bb364d8c9867d7e53b92e7a9d59c5507255f074c0bcc130cf9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0a:bb:dc:fc:90:24:54:6a:9d:b4:26:18:2e:
c6:cd:4e:13:66:0f:a8:99:90:69:5a:23:59:26:50:
e3:50:a3:67:2d:7d:77:dd:65:a0:ba:af:15:b4:07:
ba:7d:49:69:87:6b:ba:6a:9a:05:21:fe:b7:e4:25:
65:04:60:25:95:5b:7f:90:6f:3a:13:0c:cd:db:dc:
f0:96:b8:96:9d:54:47:53:05:5f:c5:6f:5d:cd:21:
e1:bf:11:af:1a:da:40:2b:51:15:a5:d0:89:42:b9:
1a:d7:a7:42:bd:3f:1a:a9:47:c3:72:26:d6:6e:fb:
fb:05:64:c1:c6:33:92:51:cb:8c:d2:34:90:2c:87:
c3:16:ee:72:33:25:3d:5e:55:2e:55:d1:ee:6f:e9:
04:3f:95:97:c5:11:a9:98:9c:54:e3:44:68:99:61:
35:4e:68:4c:45:c5:08:04:c2:7d:10:25:c6:e1:db:
69:20:09:54:7a:e9:04:03:c8:e5:c2:c2:e1:55:84:
30:30:4d:71:6e:56:2a:bf:74:22:60:ac:79:c0:e2:
9f:eb:06:2b:fd:8e:24:b1:c8:67:eb:f4:a9:54:f0:
62:c4:4e:b5:3f:9f:cc:a6:10:fd:c0:3e:b2:4c:d4:
b7:30:53:a7:74:1c:59:63:1d:bd:a8:12:54:d2:80:
c3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:FC:BD:D2:DF:93:E8:46:B7:7E:C3:FE:5F:AF:83:9D:38:52:B2:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1400::/38
Signature Algorithm: sha256WithRSAEncryption
b0:53:22:3c:0e:ed:10:91:e9:a5:c4:60:3c:64:38:49:7b:01:
b9:85:3d:19:d9:f3:8f:11:8d:ca:41:d7:14:14:e6:c0:94:fc:
d2:0e:22:6c:01:fb:9b:32:98:4d:dd:e1:0b:25:1f:1a:ed:8f:
16:56:7f:a6:18:26:c4:e4:ee:ba:34:38:43:cd:86:fd:41:7a:
de:fb:13:d9:cc:6c:79:08:e0:c8:28:2a:aa:3f:58:c3:3c:21:
ad:f6:8e:b5:bb:3d:7e:16:32:48:a6:e7:e0:cc:48:0d:5e:8e:
3e:2a:fe:7e:46:e8:f1:6f:de:43:2a:13:8e:18:63:13:f1:16:
90:8b:1d:32:94:f8:75:79:91:78:73:a5:12:d9:d2:3e:ed:ed:
d6:1f:79:e2:0c:1c:12:bd:cd:d0:2c:6e:ea:19:fc:f9:9e:b2:
6e:ff:84:50:ab:6a:23:69:99:86:bd:54:19:5e:36:48:cd:49:
80:f7:73:cd:5d:af:be:cf:03:81:a9:f1:fd:3b:30:bb:39:99:
ff:c5:73:dd:f9:22:24:71:50:5e:80:39:34:3e:f4:05:8f:d2:
42:fb:44:c2:21:4c:c2:4d:15:bd:46:30:e3:1a:1b:c4:14:97:
16:15:97:29:13:0c:52:f1:58:8c:4b:3b:df:06:d1:fb:19:9a:
a8:80:23:1c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN7u4+NO3tMPjGR+mSa/u8hja/3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDIwMDQwMzFaFw0yNTEwMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDliNTZlNmVlMjMwOTk3YmIzNjRkOGM5ODY3ZDdlNTNiOTJlN2E5ZDU5YzU1
MDcyNTVmMDc0YzBiY2MxMzBjZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEKu9z8kCRUap20Jhguxs1OE2YPqJmQaVojWSZQ41CjZy19d91loLqvFbQH
un1JaYdrumqaBSH+t+QlZQRgJZVbf5BvOhMMzdvc8Ja4lp1UR1MFX8VvXc0h4b8R
rxraQCtRFaXQiUK5GtenQr0/GqlHw3Im1m77+wVkwcYzklHLjNI0kCyHwxbucjMl
PV5VLlXR7m/pBD+Vl8URqZicVONEaJlhNU5oTEXFCATCfRAlxuHbaSAJVHrpBAPI
5cLC4VWEMDBNcW5WKr90ImCsecDin+sGK/2OJLHIZ+v0qVTwYsROtT+fzKYQ/cA+
skzUtzBTp3QcWWMdvagSVNKAw0MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTO/L3S
35PoRrd+w/5fr4OdOFKybzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGZlMjc5Y2YtYjU1Zi00ZDk2LTk5NTgtZWMzZWNkNjRiMGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQU
MA0GCSqGSIb3DQEBCwUAA4IBAQCwUyI8Du0QkemlxGA8ZDhJewG5hT0Z2fOPEY3K
QdcUFObAlPzSDiJsAfubMphN3eELJR8a7Y8WVn+mGCbE5O66NDhDzYb9QXre+xPZ
zGx5CODIKCqqP1jDPCGt9o61uz1+FjJIpufgzEgNXo4+Kv5+Rujxb95DKhOOGGMT
8RaQix0ylPh1eZF4c6US2dI+7e3WH3niDBwSvc3QLG7qGfz5nrJu/4RQq2ojaZmG
vVQZXjZIzUmA93PNXa++zwOBqfH9OzC7OZn/xXPd+SIkcVBegDk0PvQFj9JC+0TC
IUzCTRW9RjDjGhvEFJcWFZcpEwxS8ViMSzvfBtH7GZqogCMc
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:35 2025 by rpki-client