Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa
File: 19a2984e-942a-4280-ac0b-904c9860af2f.roa (raw, json)
Hash identifier: wJ2Q69Dp1L5QaYBQ8NUkcyrhlAq2A/q7jIio+nZ5A5Y=
Subject key identifier: C3:8F:68:77:BC:94:2B:20:92:1B:2E:67:47:76:9F:B3:E2:B9:B0:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 08C4F28CAE9A2F0713628080FE032FA7EB62DF1C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa
Signing time: Mon 01 Sep 2025 20:01:00 +0000
ROA not before: Mon 01 Sep 2025 20:01:00 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:c4:f2:8c:ae:9a:2f:07:13:62:80:80:fe:03:2f:a7:eb:62:df:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:01:00 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=4406e15d984936dedb47b21f98ebe9dfc9e3ab72dc784a2a2245bcfc3872c7f5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1b:39:c7:49:25:85:7d:36:42:6d:8e:f3:49:
a8:cd:0f:8b:5c:b6:21:6e:6d:03:f5:12:d0:ab:73:
1f:a8:d2:df:e6:ae:08:3c:66:86:31:5d:bd:4c:d5:
1e:52:3a:4e:0c:62:fe:d7:7c:a9:bc:69:b2:46:85:
20:50:65:6a:d4:6b:c7:55:71:00:51:16:b5:d4:0b:
f3:76:a3:97:80:4b:f8:e5:41:b0:6e:f3:e7:eb:1c:
b3:87:61:e1:1f:62:35:27:82:c0:53:6f:90:8d:b0:
63:79:a1:8d:58:d1:16:24:02:14:8a:fa:bf:bb:84:
a5:cf:b8:17:8e:37:d1:a5:e9:d6:34:cc:af:e6:55:
00:e2:a5:c2:74:03:5b:f9:02:f0:c8:3d:fc:07:43:
54:62:6a:39:74:6c:4d:a3:7d:f3:d5:5d:35:c9:7e:
95:83:af:74:34:63:bb:7a:8f:d0:d9:81:62:7e:d8:
30:7b:41:61:b2:27:ee:b9:e8:66:13:5b:a1:79:ef:
f9:f1:ed:16:a8:fe:41:ce:65:75:9a:1f:99:e7:4b:
17:62:d8:42:77:75:70:6b:5a:1e:c2:30:ca:33:ce:
de:1b:81:18:b8:78:5e:fc:2a:62:30:d3:0b:40:16:
7b:8d:b6:49:46:16:6b:88:e8:51:82:d1:74:df:f1:
03:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:8F:68:77:BC:94:2B:20:92:1B:2E:67:47:76:9F:B3:E2:B9:B0:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8020::/48
Signature Algorithm: sha256WithRSAEncryption
0a:73:bc:8b:c4:ac:4c:23:b4:f7:c8:66:a9:b2:ab:77:5c:41:
bb:55:13:0d:7d:77:20:15:9f:ed:b2:54:96:b0:eb:e6:35:6c:
42:db:ff:c8:bb:cc:76:9b:d3:b9:97:05:48:87:45:f3:24:e5:
06:e3:56:64:0a:77:6b:b4:28:52:3f:47:aa:2c:22:40:75:3f:
a9:6b:ab:4f:f0:c7:56:b9:76:4b:31:a1:14:2b:ee:bc:16:52:
a6:ac:04:3a:5a:d5:e9:45:08:2e:13:34:fb:7f:dc:14:1a:79:
6b:50:20:b0:96:53:a9:32:00:7d:47:2c:43:6f:7b:0d:ca:dc:
3d:a4:7a:0b:95:be:c2:ee:88:d4:97:69:dc:50:55:33:cd:80:
3f:a5:5a:17:f6:1b:c2:f5:3c:69:b8:db:c1:26:da:ba:5a:78:
20:cc:4b:6c:cd:55:ae:29:7d:59:58:6b:59:7d:bc:f9:a5:a7:
92:95:00:b0:af:b9:20:bc:f8:f9:22:43:f3:74:d4:81:80:2e:
f3:0c:1d:bd:8a:83:b4:97:77:65:ff:66:da:cb:81:29:19:a1:
9d:fc:09:38:69:da:c2:06:65:11:30:1a:4f:11:27:e5:50:7a:
fc:8e:8b:42:ad:a6:50:67:a4:69:3b:70:a4:3d:0f:61:96:d0:
6e:3e:04:7f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCMTyjK6aLwcTYoCA/gMvp+ti3xwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDAxMDBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0MDZlMTVkOTg0OTM2ZGVkYjQ3YjIxZjk4ZWJlOWRmYzllM2FiNzJkYzc4
NGEyYTIyNDViY2ZjMzg3MmM3ZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUbOcdJJYV9NkJtjvNJqM0Pi1y2IW5tA/US0KtzH6jS3+auCDxmhjFdvUzV
HlI6Tgxi/td8qbxpskaFIFBlatRrx1VxAFEWtdQL83ajl4BL+OVBsG7z5+scs4dh
4R9iNSeCwFNvkI2wY3mhjVjRFiQCFIr6v7uEpc+4F4430aXp1jTMr+ZVAOKlwnQD
W/kC8Mg9/AdDVGJqOXRsTaN989VdNcl+lYOvdDRju3qP0NmBYn7YMHtBYbIn7rno
ZhNboXnv+fHtFqj+Qc5ldZofmedLF2LYQnd1cGtaHsIwyjPO3huBGLh4XvwqYjDT
C0AWe422SUYWa4joUYLRdN/xA50CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTDj2h3
vJQrIJIbLmdHdp+z4rmweDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTlhMjk4NGUtOTQyYS00MjgwLWFjMGItOTA0Yzk4NjBhZjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
IDANBgkqhkiG9w0BAQsFAAOCAQEACnO8i8SsTCO098hmqbKrd1xBu1UTDX13IBWf
7bJUlrDr5jVsQtv/yLvMdpvTuZcFSIdF8yTlBuNWZAp3a7QoUj9HqiwiQHU/qWur
T/DHVrl2SzGhFCvuvBZSpqwEOlrV6UUILhM0+3/cFBp5a1AgsJZTqTIAfUcsQ297
DcrcPaR6C5W+wu6I1Jdp3FBVM82AP6VaF/YbwvU8abjbwSbaulp4IMxLbM1Vril9
WVhrWX28+aWnkpUAsK+5ILz4+SJD83TUgYAu8wwdvYqDtJd3Zf9m2suBKRmhnfwJ
OGnawgZlETAaTxEn5VB6/I6LQq2mUGekaTtwpD0PYZbQbj4Efw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:15 2025 by rpki-client