Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
File: 17057de1-0841-47c5-9f52-f4f803d5e2d4.roa (raw, json)
Hash identifier: 0A8l5R3I8M+b9LMW6lPQYxE8wqdxOiw9r2bXGdaONH4=
Subject key identifier: A0:4C:D4:83:89:DA:9D:78:69:EF:6A:35:80:D7:99:B4:80:55:8F:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46B482462790C6C1DF9894AF8BA9ECC3C1965E0B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
Signing time: Mon 01 Sep 2025 20:41:11 +0000
ROA not before: Mon 01 Sep 2025 20:41:11 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:b4:82:46:27:90:c6:c1:df:98:94:af:8b:a9:ec:c3:c1:96:5e:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:41:11 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=9f15602e590f959e414d25eee01cf83c210e53640842114bda81ffd967a60768, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:69:77:f4:40:6f:32:b1:02:15:0f:37:fa:f0:
1d:79:86:35:d9:a1:28:8f:69:e1:75:cb:ee:fc:59:
88:c2:f8:75:3d:97:fe:3e:4c:aa:1e:0c:53:d7:15:
59:30:c0:85:c3:aa:39:b1:ba:67:84:e1:58:17:b5:
d4:78:64:a4:75:79:4e:9f:7b:98:7f:4a:75:75:aa:
ad:0d:ca:70:11:20:16:80:28:58:e5:60:5a:2f:3a:
c6:cf:99:74:df:c1:a3:6f:e8:cb:9a:fe:92:12:b7:
2f:f5:cf:35:60:ba:b5:3f:d8:da:29:f8:e1:ee:e4:
32:2d:70:6a:02:07:d3:7f:b7:5b:b0:da:e2:09:53:
35:1e:06:f2:1a:72:f7:13:00:6c:c1:57:59:a5:70:
a2:2d:e4:36:59:fd:c4:f4:a8:11:0e:2d:77:6e:3c:
ee:06:75:42:83:c9:ef:1d:58:55:40:5c:7c:22:6b:
2b:af:53:95:21:ee:49:02:08:f4:df:e9:80:db:02:
fe:f4:7d:e4:15:b2:88:7e:f2:1c:5a:d2:2b:d4:78:
04:4c:97:f3:14:af:7c:45:18:d5:3f:0a:c7:6a:99:
ec:b2:c5:ae:ef:c2:ab:0c:38:0b:f1:50:1d:71:11:
90:36:29:5b:23:c7:28:46:a6:88:90:d5:62:0e:82:
92:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:4C:D4:83:89:DA:9D:78:69:EF:6A:35:80:D7:99:B4:80:55:8F:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17057de1-0841-47c5-9f52-f4f803d5e2d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
77:eb:fc:e6:cd:f5:59:a8:34:7c:de:96:28:cd:93:67:b0:8e:
79:01:9d:8a:45:1c:6c:d2:2f:83:5a:93:b0:69:98:ef:ed:c6:
d6:92:dd:ca:1d:f0:d7:45:3d:01:cd:ee:8d:2d:e8:b8:e6:77:
e1:7d:f6:91:92:16:d9:12:3a:84:c1:12:f2:49:b5:9e:65:85:
23:54:8c:e6:c7:f8:61:5f:ce:fe:3b:47:e9:e7:a6:f9:19:af:
6c:a2:c1:df:0d:e6:05:f9:bf:fe:0b:c9:9a:e3:e2:bc:92:9f:
6b:e4:ad:83:f7:26:fd:89:e2:99:32:9a:03:90:e8:05:b1:f6:
41:91:00:9e:e2:1d:1f:ea:d4:f3:3f:ba:54:1a:f9:5d:25:28:
5f:f1:e3:d9:84:60:35:92:dc:50:4c:42:22:57:13:42:26:49:
7f:dd:34:e7:46:33:a1:46:13:e9:68:ba:58:4a:4c:e7:a0:14:
10:49:de:58:67:6e:45:8c:f4:79:f4:fc:88:f9:fb:45:5d:57:
0f:20:ad:86:c3:02:0d:d0:dc:54:b4:3b:41:46:21:40:f8:97:
14:46:ba:94:10:b9:ca:15:71:86:60:38:9e:e3:61:26:57:28:
31:22:39:8b:0c:49:8d:e0:70:e5:0b:47:90:54:ed:1a:fb:90:
f9:e1:68:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURrSCRieQxsHfmJSvi6nsw8GWXgswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQxMTFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmMTU2MDJlNTkwZjk1OWU0MTRkMjVlZWUwMWNmODNjMjEwZTUzNjQwODQy
MTE0YmRhODFmZmQ5NjdhNjA3NjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJpd/RAbzKxAhUPN/rwHXmGNdmhKI9p4XXL7vxZiML4dT2X/j5Mqh4MU9cV
WTDAhcOqObG6Z4ThWBe11HhkpHV5Tp97mH9KdXWqrQ3KcBEgFoAoWOVgWi86xs+Z
dN/Bo2/oy5r+khK3L/XPNWC6tT/Y2in44e7kMi1wagIH03+3W7Da4glTNR4G8hpy
9xMAbMFXWaVwoi3kNln9xPSoEQ4td2487gZ1QoPJ7x1YVUBcfCJrK69TlSHuSQII
9N/pgNsC/vR95BWyiH7yHFrSK9R4BEyX8xSvfEUY1T8Kx2qZ7LLFru/Cqww4C/FQ
HXERkDYpWyPHKEamiJDVYg6CkjsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgTNSD
idqdeGnvajWA15m0gFWP/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTcwNTdkZTEtMDg0MS00N2M1LTlmNTItZjRmODAzZDVlMmQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dpg
MA0GCSqGSIb3DQEBCwUAA4IBAQB36/zmzfVZqDR83pYozZNnsI55AZ2KRRxs0i+D
WpOwaZjv7cbWkt3KHfDXRT0Bze6NLei45nfhffaRkhbZEjqEwRLySbWeZYUjVIzm
x/hhX87+O0fp56b5Ga9sosHfDeYF+b/+C8ma4+K8kp9r5K2D9yb9ieKZMpoDkOgF
sfZBkQCe4h0f6tTzP7pUGvldJShf8ePZhGA1ktxQTEIiVxNCJkl/3TTnRjOhRhPp
aLpYSkznoBQQSd5YZ25FjPR59PyI+ftFXVcPIK2GwwIN0NxUtDtBRiFA+JcURrqU
ELnKFXGGYDie42EmVygxIjmLDEmN4HDlC0eQVO0a+5D54WgE
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:36 2025 by rpki-client