Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
File: 11f67075-d744-49be-809b-fca0d72c41e0.roa (raw, json)
Hash identifier: ly8wv5BXAl7dwJthv6FVoRvWA/idpB88oGL8AakUF/w=
Subject key identifier: AF:F7:AF:1F:7E:C2:26:BD:F3:75:8F:E7:40:5D:E6:D3:45:34:F7:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53DE079948B9649EA377CD61648A396A6B4431A2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
Signing time: Mon 01 Sep 2025 20:30:41 +0000
ROA not before: Mon 01 Sep 2025 20:30:41 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:de:07:99:48:b9:64:9e:a3:77:cd:61:64:8a:39:6a:6b:44:31:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:41 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=4e44c4b3350a834a737431027286c43288a1517d714ae919ecdcf1d421e87c8d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2b:ec:b4:5a:a3:3e:bd:89:6b:8f:59:e2:c8:
9d:6f:43:d0:63:39:67:fe:1b:e2:d2:52:90:27:75:
07:77:1c:9e:41:da:ac:45:1d:4c:ed:29:ab:2e:0f:
b5:a4:51:98:4a:3a:b8:d3:28:33:30:67:e7:1d:9c:
85:c4:6b:89:8e:aa:22:5f:be:2c:e9:9a:84:2b:12:
ae:7b:01:59:15:ca:ad:c4:d0:fc:a3:9d:34:7d:71:
93:3d:0a:33:43:90:7b:97:fe:51:e9:e5:19:2b:d3:
e5:b4:31:08:94:e4:85:a3:4f:8f:51:99:37:ee:10:
37:43:ad:3f:2f:cb:8f:0d:46:6f:9f:55:b2:3f:1c:
ae:9b:45:f7:10:91:97:c2:96:9d:f0:ea:c8:b9:cd:
a0:aa:50:26:69:3e:e0:46:6e:62:1a:b0:ad:38:27:
e1:39:51:d3:d4:ff:fe:d6:b3:e5:b5:ff:c6:e5:8a:
ef:08:98:ff:4b:34:5a:66:1b:e1:12:ad:a6:4e:28:
c3:50:c8:ce:82:47:29:8a:f7:47:c6:ea:ca:ea:20:
b0:24:5e:cf:1e:f9:12:29:21:86:e9:9d:4a:7c:ea:
9d:aa:b5:d7:1e:8c:19:cf:34:49:42:0e:c8:37:13:
19:b6:98:5f:77:e6:bd:aa:98:3d:61:12:b3:1e:07:
44:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:F7:AF:1F:7E:C2:26:BD:F3:75:8F:E7:40:5D:E6:D3:45:34:F7:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11f67075-d744-49be-809b-fca0d72c41e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:2000::/40
Signature Algorithm: sha256WithRSAEncryption
0a:ec:e0:0c:4c:9f:48:cb:f9:23:62:51:28:f9:c7:31:10:67:
bd:ef:0d:4d:b7:f5:8b:19:66:82:25:4e:93:1c:6f:ce:a0:11:
05:b3:56:c7:dc:a8:45:a3:b9:4d:7a:a5:bf:12:95:f0:57:6c:
b7:53:3e:21:9f:2f:bd:ba:b9:0a:15:41:a8:7a:cd:72:76:e8:
b9:f0:25:d0:f0:85:13:61:fd:50:ea:88:8c:eb:a5:5f:8d:5f:
d2:fb:66:4f:b9:8a:10:dc:24:a6:e8:11:18:df:04:b5:42:ce:
21:1b:2c:f6:e5:01:d1:24:ae:8f:eb:f6:c8:61:57:2f:a7:93:
e5:81:ba:dc:23:7a:0e:ef:f1:6f:19:f1:9f:47:fc:2b:72:a4:
c7:53:67:89:e0:b5:17:91:9d:ba:75:81:e2:66:91:1d:b6:22:
a2:ed:d5:a8:06:79:1d:62:11:fa:7b:ac:90:9e:83:34:eb:93:
3d:c4:d8:20:a4:6c:2b:d1:c4:a1:cb:c8:b2:28:04:6e:0b:94:
03:7e:04:7c:68:1d:86:11:01:1b:98:63:ad:d3:5d:de:b6:56:
34:5f:ed:fd:66:ea:04:c9:30:64:84:90:e7:de:96:be:2a:a1:
90:5b:c3:30:4c:cc:87:89:90:6a:f6:c4:42:5e:e8:a5:45:59:
d6:d5:b8:57
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUU94HmUi5ZJ6jd81hZIo5amtEMaIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwNDFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlNDRjNGIzMzUwYTgzNGE3Mzc0MzEwMjcyODZjNDMyODhhMTUxN2Q3MTRh
ZTkxOWVjZGNmMWQ0MjFlODdjOGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAr7LRaoz69iWuPWeLInW9D0GM5Z/4b4tJSkCd1B3ccnkHarEUdTO0pqy4P
taRRmEo6uNMoMzBn5x2chcRriY6qIl++LOmahCsSrnsBWRXKrcTQ/KOdNH1xkz0K
M0OQe5f+UenlGSvT5bQxCJTkhaNPj1GZN+4QN0OtPy/Ljw1Gb59Vsj8crptF9xCR
l8KWnfDqyLnNoKpQJmk+4EZuYhqwrTgn4TlR09T//taz5bX/xuWK7wiY/0s0WmYb
4RKtpk4ow1DIzoJHKYr3R8bqyuogsCRezx75EikhhumdSnzqnaq11x6MGc80SUIO
yDcTGbaYX3fmvaqYPWESsx4HRDECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSv968f
fsImvfN1j+dAXebTRTT3rDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFmNjcwNzUtZDc0NC00OWJlLTgwOWItZmNhMGQ3MmM0MWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hgg
MA0GCSqGSIb3DQEBCwUAA4IBAQAK7OAMTJ9Iy/kjYlEo+ccxEGe97w1Nt/WLGWaC
JU6THG/OoBEFs1bH3KhFo7lNeqW/EpXwV2y3Uz4hny+9urkKFUGoes1ydui58CXQ
8IUTYf1Q6oiM66VfjV/S+2ZPuYoQ3CSm6BEY3wS1Qs4hGyz25QHRJK6P6/bIYVcv
p5PlgbrcI3oO7/FvGfGfR/wrcqTHU2eJ4LUXkZ26dYHiZpEdtiKi7dWoBnkdYhH6
e6yQnoM065M9xNggpGwr0cShy8iyKARuC5QDfgR8aB2GEQEbmGOt013etlY0X+39
ZuoEyTBkhJDn3pa+KqGQW8MwTMyHiZBq9sRCXuilRVnW1bhX
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:28 2025 by rpki-client