Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
File: 16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa (raw, json)
Hash identifier: SW7uOvXtPo8ZiHcq8nQTzUeVZWLdSLOWPQ2XIcEPkj0=
Subject key identifier: B6:0D:3D:4E:D9:A6:27:70:A5:38:17:E1:B5:B8:52:DE:49:64:21:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 200E44DD86C4C5DAAC3684A00119A7C659EFDB8A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
Signing time: Mon 01 Sep 2025 20:50:52 +0000
ROA not before: Mon 01 Sep 2025 20:50:52 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:0e:44:dd:86:c4:c5:da:ac:36:84:a0:01:19:a7:c6:59:ef:db:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:50:52 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=cba25ab7329decc410b7eb9ac66edd3e3bb947e680b7457bbe7d111bc7d8ffa3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:46:0f:82:55:3e:e8:9d:eb:7c:f1:64:19:32:
aa:86:bc:10:ce:e5:a6:e4:b4:e0:0a:31:c5:81:d3:
7a:31:31:3b:55:71:6b:b1:20:34:8d:53:82:84:b4:
8a:92:16:5e:c4:44:88:41:45:10:86:dd:d7:cc:63:
f7:bb:44:76:4d:51:ff:f3:1d:fd:65:91:33:9d:0c:
29:fd:6e:be:50:9b:cc:81:5e:76:a0:91:37:8f:56:
4e:ec:83:9f:b1:85:a4:e1:4a:c7:7a:03:67:4f:08:
e9:8a:37:93:83:5d:23:a6:b1:7c:2f:e9:85:d1:f6:
cd:9d:14:06:f7:3e:af:68:c9:06:8f:30:5c:86:40:
04:b3:0c:72:dd:bd:7d:ae:11:71:25:ae:b2:b0:03:
43:79:86:a2:d5:9a:b4:ab:a7:65:57:66:1c:7d:1c:
d9:9b:da:c7:63:63:85:66:10:c4:73:af:85:5d:92:
75:6f:97:a6:fc:e4:4f:25:de:61:b8:3d:75:c1:99:
64:f6:36:8d:98:de:ad:89:6b:b7:f0:cc:70:d9:3b:
e5:a5:8a:2b:d3:94:2c:79:23:9d:e2:c2:8c:96:e7:
62:bc:a7:d7:5f:a5:10:d6:13:dc:19:9e:f7:3b:49:
51:8e:c4:46:7a:d6:45:bd:37:14:82:3f:da:07:60:
43:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:0D:3D:4E:D9:A6:27:70:A5:38:17:E1:B5:B8:52:DE:49:64:21:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16e83d89-9c29-4d70-9d1d-85e4dc7e3d6e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:b000::/40
Signature Algorithm: sha256WithRSAEncryption
71:63:66:d2:49:5d:74:f2:4b:e6:7f:7c:0c:c1:a7:3a:08:7f:
03:5d:79:40:3b:a5:3a:48:6d:f0:23:ac:06:ed:4e:60:7b:6c:
07:3c:81:e5:56:e6:34:68:fb:53:b2:65:cc:b6:d8:2b:bf:1a:
82:ce:08:43:48:49:8e:b2:1f:8f:e8:3c:a4:9f:07:d6:0c:81:
62:4f:a6:fc:ce:2a:db:08:82:9e:00:56:e4:04:7c:3d:af:b7:
a1:d3:34:4c:a4:28:3b:38:14:af:9f:67:a0:71:2f:da:5c:50:
4e:5a:4d:86:ca:0f:13:99:b3:14:f8:f2:22:86:a9:43:27:78:
b7:7d:ca:4b:56:70:59:78:db:63:3c:1e:fc:bd:d4:09:67:85:
50:21:68:c0:1b:73:e3:63:6b:9c:ab:34:87:b3:3c:25:81:82:
fe:35:10:e7:00:e5:f2:9a:8e:ee:38:00:96:e7:2f:89:46:15:
81:41:c0:2b:45:77:d2:3d:1c:71:c5:a3:05:3b:fb:05:b9:2e:
db:ed:4b:4c:97:aa:9a:e9:85:c1:fd:cd:b6:b9:a3:b6:6c:48:
8b:af:95:c6:80:d6:59:a1:d6:4a:65:4a:4e:e0:3b:ff:71:dd:
d7:13:95:82:e6:9a:8c:c9:bb:89:5b:53:06:24:59:30:76:97:
26:c9:44:08
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIA5E3YbExdqsNoSgARmnxlnv24owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUwNTJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiYTI1YWI3MzI5ZGVjYzQxMGI3ZWI5YWM2NmVkZDNlM2JiOTQ3ZTY4MGI3
NDU3YmJlN2QxMTFiYzdkOGZmYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJBGD4JVPuid63zxZBkyqoa8EM7lpuS04AoxxYHTejExO1Vxa7EgNI1TgoS0
ipIWXsREiEFFEIbd18xj97tEdk1R//Md/WWRM50MKf1uvlCbzIFedqCRN49WTuyD
n7GFpOFKx3oDZ08I6Yo3k4NdI6axfC/phdH2zZ0UBvc+r2jJBo8wXIZABLMMct29
fa4RcSWusrADQ3mGotWatKunZVdmHH0c2Zvax2NjhWYQxHOvhV2SdW+XpvzkTyXe
Ybg9dcGZZPY2jZjerYlrt/DMcNk75aWKK9OULHkjneLCjJbnYryn11+lENYT3Bme
9ztJUY7ERnrWRb03FII/2gdgQ9ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS2DT1O
2aYncKU4F+G1uFLeSWQhQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTZlODNkODktOWMyOS00ZDcwLTlkMWQtODVlNGRjN2UzZDZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hiw
MA0GCSqGSIb3DQEBCwUAA4IBAQBxY2bSSV108kvmf3wMwac6CH8DXXlAO6U6SG3w
I6wG7U5ge2wHPIHlVuY0aPtTsmXMttgrvxqCzghDSEmOsh+P6DyknwfWDIFiT6b8
zirbCIKeAFbkBHw9r7eh0zRMpCg7OBSvn2egcS/aXFBOWk2Gyg8TmbMU+PIihqlD
J3i3fcpLVnBZeNtjPB78vdQJZ4VQIWjAG3PjY2ucqzSHszwlgYL+NRDnAOXymo7u
OACW5y+JRhWBQcArRXfSPRxxxaMFO/sFuS7b7UtMl6qa6YXB/c22uaO2bEiLr5XG
gNZZodZKZUpO4Dv/cd3XE5WC5pqMybuJW1MGJFkwdpcmyUQI
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:41 2025 by rpki-client