Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
File: 190e1645-8146-4d32-be0a-feed324f8efa.roa (raw, json)
Hash identifier: Fah7UQNcNX4pFNYZKJ491BF9o6Vab9bU9ozadRKhyBo=
Subject key identifier: F0:AE:1A:6E:B2:79:AF:C4:1A:06:1A:C5:9E:8E:42:33:39:7C:96:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4A435C721A7B7E29D7C243E6584792325D4BB160
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
Signing time: Mon 01 Sep 2025 20:30:37 +0000
ROA not before: Mon 01 Sep 2025 20:30:37 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 15 Sep 2025 23:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:43:5c:72:1a:7b:7e:29:d7:c2:43:e6:58:47:92:32:5d:4b:b1:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:37 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=6c1acbffbbbad0f529cc20fbb99e0aaf6413f7ffdd48d18ad7a1f18274f5850a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:56:2c:56:03:a2:79:09:06:55:2d:3c:ef:4e:
e3:d0:ff:d3:6b:3a:92:ea:72:a8:8c:fe:57:7f:16:
33:c7:ef:d1:74:2d:29:53:58:44:f8:ff:35:fe:e6:
c3:74:65:26:0a:90:86:aa:a2:61:9e:81:32:c4:2e:
b4:ad:55:84:99:f2:d3:c1:1b:78:f8:20:87:fd:75:
46:5d:89:41:71:4d:30:1b:d2:e8:d9:0c:3e:95:98:
81:cb:c4:67:84:8b:80:11:ad:43:0f:a3:b1:3b:fd:
5c:69:f9:25:33:87:27:99:81:07:84:82:91:b7:4d:
43:c2:19:35:c2:e9:22:05:8d:eb:45:08:36:14:47:
8d:b3:7f:f2:55:a5:7d:de:63:f5:09:33:27:0b:ae:
56:5a:6d:a1:7a:8c:14:ce:61:b3:f4:9f:35:0a:ee:
bd:25:26:a4:39:d2:68:47:dc:d4:6f:63:0a:1a:c7:
7b:c2:83:a4:6d:2d:a0:22:0d:6c:21:34:35:cd:c7:
84:da:24:77:d2:b3:5f:a3:94:5f:0d:ec:b3:9e:57:
af:85:5b:29:b8:ec:b2:ef:08:df:ed:98:9c:f8:e0:
12:88:57:54:4a:4a:63:38:f2:2e:15:ca:22:bf:89:
7d:59:a9:0d:01:a0:bb:6e:53:d6:9e:31:f0:0c:d3:
64:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:AE:1A:6E:B2:79:AF:C4:1A:06:1A:C5:9E:8E:42:33:39:7C:96:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/190e1645-8146-4d32-be0a-feed324f8efa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:a000::/40
Signature Algorithm: sha256WithRSAEncryption
5c:e5:78:8d:a8:0b:30:74:3b:37:8c:12:a9:76:d8:82:89:73:
77:df:bc:f5:9e:9c:75:25:94:25:63:59:3c:fc:d0:78:69:c9:
b7:4b:2d:d5:ff:9f:e2:86:a2:d6:b1:27:41:5a:58:bb:fe:78:
ae:b0:7b:4a:93:52:cd:90:6c:17:90:90:88:34:04:09:c0:0d:
89:68:c3:ab:49:3a:8a:e5:39:3b:45:70:cd:da:bf:d5:83:e5:
4a:d5:99:cf:9b:e1:3c:cb:00:5f:aa:10:03:df:d6:9e:26:52:
e5:ae:5f:d8:b8:91:ea:3f:f2:6c:ae:24:f3:7f:dc:fe:e0:aa:
36:33:c2:54:88:00:29:0a:af:3f:6c:9f:65:3e:1b:6d:d7:8e:
75:1d:fa:2a:c5:f7:14:f3:d6:67:da:9b:d7:41:98:74:97:2c:
53:d8:69:81:29:37:92:e6:28:04:b8:dd:ab:25:8c:20:f7:bd:
5a:84:2f:d5:c7:64:1c:96:d3:28:67:48:a1:47:ae:f1:1b:3a:
a4:4a:a4:57:ec:a1:8b:97:87:d3:ac:23:f9:a9:97:3d:1e:8a:
90:20:b9:b7:a7:45:7e:d6:09:87:ac:9a:8c:0a:33:e0:4e:43:
73:bc:97:ae:31:94:b8:01:69:d8:48:ea:d0:d5:df:d6:98:32:
f2:5d:28:c7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSkNcchp7finXwkPmWEeSMl1LsWAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwMzdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjMWFjYmZmYmJiYWQwZjUyOWNjMjBmYmI5OWUwYWFmNjQxM2Y3ZmZkZDQ4
ZDE4YWQ3YTFmMTgyNzRmNTg1MGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMRWLFYDonkJBlUtPO9O49D/02s6kupyqIz+V38WM8fv0XQtKVNYRPj/Nf7m
w3RlJgqQhqqiYZ6BMsQutK1VhJny08EbePggh/11Rl2JQXFNMBvS6NkMPpWYgcvE
Z4SLgBGtQw+jsTv9XGn5JTOHJ5mBB4SCkbdNQ8IZNcLpIgWN60UINhRHjbN/8lWl
fd5j9QkzJwuuVlptoXqMFM5hs/SfNQruvSUmpDnSaEfc1G9jChrHe8KDpG0toCIN
bCE0Nc3HhNokd9KzX6OUXw3ss55Xr4VbKbjssu8I3+2YnPjgEohXVEpKYzjyLhXK
Ir+JfVmpDQGgu25T1p4x8AzTZMMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTwrhpu
snmvxBoGGsWejkIzOXyWCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTkwZTE2NDUtODE0Ni00ZDMyLWJlMGEtZmVlZDMyNGY4ZWZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSg
MA0GCSqGSIb3DQEBCwUAA4IBAQBc5XiNqAswdDs3jBKpdtiCiXN337z1npx1JZQl
Y1k8/NB4acm3Sy3V/5/ihqLWsSdBWli7/niusHtKk1LNkGwXkJCINAQJwA2JaMOr
STqK5Tk7RXDN2r/Vg+VK1ZnPm+E8ywBfqhAD39aeJlLlrl/YuJHqP/JsriTzf9z+
4Ko2M8JUiAApCq8/bJ9lPhtt1451HfoqxfcU89Zn2pvXQZh0lyxT2GmBKTeS5igE
uN2rJYwg971ahC/Vx2QcltMoZ0ihR67xGzqkSqRX7KGLl4fTrCP5qZc9HoqQILm3
p0V+1gmHrJqMCjPgTkNzvJeuMZS4AWnYSOrQ1d/WmDLyXSjH
-----END CERTIFICATE-----
Generated at Mon Sep 15 07:35:12 2025 by rpki-client