Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
File: 1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa (raw, json)
Hash identifier: dRocHOVsJctubMVEBGhMbd918F/8r2LiGlQ3CgWGUKs=
Subject key identifier: 82:49:AF:5F:36:C1:43:2C:80:5A:39:FE:EE:B3:FD:5A:48:25:DC:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A959695BA53ADC036ECCBF8289F52271A55DD8F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
Signing time: Mon 01 Sep 2025 21:00:05 +0000
ROA not before: Mon 01 Sep 2025 21:00:05 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:95:96:95:ba:53:ad:c0:36:ec:cb:f8:28:9f:52:27:1a:55:dd:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:00:05 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=2635a6c260fe2ff5a53ea3cf45096e51a8a0d2c8187582647ccb73f741db1590, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:05:9f:9e:77:35:95:a6:71:82:82:34:3e:71:
f7:08:55:9e:1d:34:02:36:8a:b2:bf:e0:bc:98:ea:
c3:b3:f7:5c:35:90:15:00:b5:69:b0:55:09:f4:87:
58:20:11:54:7b:e7:ec:2b:b7:7c:7e:94:40:a7:b0:
33:45:76:80:be:5d:1c:d2:5c:55:22:28:c7:48:83:
bd:a6:d6:bf:ab:4c:6b:bb:b8:d1:14:94:60:99:19:
54:16:52:2d:70:30:4e:30:fa:53:59:2e:b8:61:8f:
85:53:cd:23:6a:aa:41:50:16:05:1c:19:55:f2:c4:
f5:c2:c7:92:51:d8:1b:75:57:6b:09:c1:43:8b:d6:
5e:2d:62:19:99:5c:0f:fc:47:11:90:db:09:ac:57:
d7:6a:12:fd:e7:a3:6c:04:1c:10:e4:a7:ed:d6:6e:
e3:f9:5e:c1:62:02:eb:f7:e3:51:5b:eb:82:46:6c:
4d:f7:df:78:68:f1:58:8a:8f:2f:ed:7f:11:54:4c:
ff:ed:1c:fb:f2:05:8d:41:fc:74:4e:9a:f3:7e:60:
c3:ce:e1:7e:62:2c:cc:73:b4:c1:11:88:55:09:3a:
01:9f:99:b7:bf:cb:e0:8d:cf:a1:2f:c8:0f:c9:cb:
9a:a0:b3:e4:94:88:e6:f9:3a:a8:75:32:94:cd:1b:
62:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:49:AF:5F:36:C1:43:2C:80:5A:39:FE:EE:B3:FD:5A:48:25:DC:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ba2d063-915b-4ef5-b1b8-00d73dc8a31a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6000::/40
Signature Algorithm: sha256WithRSAEncryption
87:e3:04:cc:26:13:a8:06:db:00:55:73:1e:e5:55:31:ea:f9:
98:f1:f1:41:0c:6a:09:ca:81:e7:61:2f:9a:07:80:cd:2c:24:
48:03:5b:ec:11:35:b8:79:77:57:66:35:6d:aa:79:df:5e:93:
c0:9a:a6:fb:93:b4:bf:2d:e9:1a:f8:c1:f7:63:e6:0b:b9:53:
91:59:13:3a:39:9e:ba:84:2b:3c:3b:da:4a:51:e2:1a:9c:de:
6f:4f:b1:d6:72:a8:98:76:b9:4a:8d:14:8b:a1:c2:64:a2:88:
45:4f:5e:bb:46:7e:93:5e:31:83:88:7e:b9:48:87:e0:4d:70:
d5:86:15:59:3d:a6:b6:97:4d:8a:8b:ef:99:ca:0a:01:13:58:
ef:d4:42:52:f5:a6:07:f6:9e:6d:3b:6a:81:09:87:9a:00:76:
fb:6b:02:da:76:8b:c4:01:a6:b8:49:60:b1:27:91:82:de:10:
d3:02:49:35:2b:92:54:e7:17:70:5a:a0:ad:8e:d6:db:b9:dc:
96:f4:e1:36:9b:c0:0c:18:45:2c:ef:99:38:f6:1b:27:6e:c7:
73:19:e7:c1:67:26:9f:2d:98:81:a3:1a:89:d9:3f:1b:04:17:
94:b8:08:0d:96:ed:d0:c1:bd:2b:f8:21:e5:64:33:a4:65:07:
cb:7c:73:dd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWpWWlbpTrcA27Mv4KJ9SJxpV3Y8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAwMDVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2MzVhNmMyNjBmZTJmZjVhNTNlYTNjZjQ1MDk2ZTUxYThhMGQyYzgxODc1
ODI2NDdjY2I3M2Y3NDFkYjE1OTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANUFn553NZWmcYKCND5x9whVnh00AjaKsr/gvJjqw7P3XDWQFQC1abBVCfSH
WCARVHvn7Cu3fH6UQKewM0V2gL5dHNJcVSIox0iDvabWv6tMa7u40RSUYJkZVBZS
LXAwTjD6U1kuuGGPhVPNI2qqQVAWBRwZVfLE9cLHklHYG3VXawnBQ4vWXi1iGZlc
D/xHEZDbCaxX12oS/eejbAQcEOSn7dZu4/lewWIC6/fjUVvrgkZsTfffeGjxWIqP
L+1/EVRM/+0c+/IFjUH8dE6a835gw87hfmIszHO0wRGIVQk6AZ+Zt7/L4I3PoS/I
D8nLmqCz5JSI5vk6qHUylM0bYqUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSCSa9f
NsFDLIBaOf7us/1aSCXcojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWJhMmQwNjMtOTE1Yi00ZWY1LWIxYjgtMDBkNzNkYzhhMzFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRg
MA0GCSqGSIb3DQEBCwUAA4IBAQCH4wTMJhOoBtsAVXMe5VUx6vmY8fFBDGoJyoHn
YS+aB4DNLCRIA1vsETW4eXdXZjVtqnnfXpPAmqb7k7S/Leka+MH3Y+YLuVORWRM6
OZ66hCs8O9pKUeIanN5vT7HWcqiYdrlKjRSLocJkoohFT167Rn6TXjGDiH65SIfg
TXDVhhVZPaa2l02Ki++ZygoBE1jv1EJS9aYH9p5tO2qBCYeaAHb7awLadovEAaa4
SWCxJ5GC3hDTAkk1K5JU5xdwWqCtjtbbudyW9OE2m8AMGEUs75k49hsnbsdzGefB
ZyafLZiBoxqJ2T8bBBeUuAgNlu3Qwb0r+CHlZDOkZQfLfHPd
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:45 2025 by rpki-client