Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
File: 1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa (raw, json)
Hash identifier: ubYwfLoFImAUUESgUaQNZDRnwl4rN3vmFdqqkxLQ9Hw=
Subject key identifier: 6A:51:BF:0F:E5:D4:98:C5:A7:E6:81:A8:FA:34:68:7A:63:71:3D:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B964525345EEF308E48CB00E8E3D2B6947EADEB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
Signing time: Mon 01 Sep 2025 20:11:28 +0000
ROA not before: Mon 01 Sep 2025 20:11:28 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:96:45:25:34:5e:ef:30:8e:48:cb:00:e8:e3:d2:b6:94:7e:ad:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:11:28 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=f5932f06261620a7847edcbf763c81d47149b9f6ba22173b7f5eb568744d564e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d6:d2:74:e0:ad:d9:75:19:8d:8f:78:ae:73:
fa:48:a5:00:51:49:99:4c:99:80:62:d7:0f:b8:35:
43:c9:af:76:16:19:b2:1b:df:57:68:83:ff:b0:3c:
54:93:35:ce:8d:14:8a:fd:6b:96:7e:87:fa:d4:f8:
f8:40:b1:5c:db:af:90:ef:a0:74:4a:35:bd:1d:a9:
52:b8:6e:84:7f:0a:bb:c8:c6:67:47:c4:60:7f:7d:
f8:08:1a:13:97:b3:a3:28:45:c9:af:d6:d1:a9:b8:
03:46:83:d8:df:10:80:c9:84:31:85:6e:1f:0f:f8:
11:b9:f7:42:0c:2a:f2:5a:d5:af:a8:c0:f1:12:5d:
bc:a9:46:29:c0:f0:e6:55:7b:c9:3a:31:24:18:7e:
2e:33:12:db:60:ee:1d:5a:41:d6:76:c6:94:23:20:
25:cc:8a:6d:15:78:c1:ce:56:70:2e:51:b2:c7:89:
e4:cb:33:5d:1a:88:97:4b:97:9e:d2:7b:ea:fc:b5:
f2:93:bb:25:55:84:0a:53:9a:db:99:37:50:0c:44:
1b:d6:83:3b:6d:93:29:5c:9a:38:58:00:a7:f7:19:
9a:21:c6:a5:8a:30:04:23:70:0b:da:8a:9e:bc:15:
09:8e:63:8b:ef:ba:ad:c1:c2:89:14:f5:5c:4a:7e:
a2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:51:BF:0F:E5:D4:98:C5:A7:E6:81:A8:FA:34:68:7A:63:71:3D:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a040::/48
Signature Algorithm: sha256WithRSAEncryption
84:e2:40:66:bc:88:14:7e:51:8c:cc:74:a0:79:3d:87:35:c6:
fd:f2:b4:0d:fe:12:34:34:8d:f1:f4:40:b1:82:b3:21:8b:7d:
58:72:55:b5:6e:ff:15:59:f2:30:3b:3c:32:63:d3:7a:ae:0b:
c4:d4:54:1d:df:f7:ec:a6:47:75:fa:be:06:b1:d3:74:db:68:
16:b9:5d:b7:76:b6:20:8a:8b:6e:3c:b0:fd:3e:f4:63:91:bc:
76:91:f2:20:39:c5:1b:fc:1d:29:7f:d0:7a:6a:b1:9b:43:70:
27:8c:15:39:0b:c3:c2:01:94:03:d7:90:8b:6a:ea:a4:05:8c:
b5:21:f5:ee:38:5b:c7:e5:07:18:f0:57:e4:b7:a5:c1:b6:c5:
cb:4e:fe:16:24:ee:80:68:37:0b:49:20:fb:0c:07:9b:9f:73:
7d:3c:65:8a:5a:32:72:c9:40:53:8e:c9:d3:b6:6c:f2:31:84:
8f:52:a6:f7:b9:89:e4:c1:99:99:a7:84:a0:a6:85:ad:5f:78:
ff:28:47:8b:35:b5:64:24:c6:bd:7f:21:3c:78:fd:0f:84:3a:
73:36:2b:e2:16:9f:76:94:aa:f7:9b:a8:92:9c:9d:f8:b8:1d:
df:c7:96:94:cb:20:e7:a3:20:4a:28:89:0b:d8:00:95:24:d7:
28:fd:ba:78
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUO5ZFJTRe7zCOSMsA6OPStpR+reswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDExMjhaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1OTMyZjA2MjYxNjIwYTc4NDdlZGNiZjc2M2M4MWQ0NzE0OWI5ZjZiYTIy
MTczYjdmNWViNTY4NzQ0ZDU2NGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM3W0nTgrdl1GY2PeK5z+kilAFFJmUyZgGLXD7g1Q8mvdhYZshvfV2iD/7A8
VJM1zo0Uiv1rln6H+tT4+ECxXNuvkO+gdEo1vR2pUrhuhH8Ku8jGZ0fEYH99+Aga
E5ezoyhFya/W0am4A0aD2N8QgMmEMYVuHw/4Ebn3Qgwq8lrVr6jA8RJdvKlGKcDw
5lV7yToxJBh+LjMS22DuHVpB1nbGlCMgJcyKbRV4wc5WcC5RsseJ5MszXRqIl0uX
ntJ76vy18pO7JVWEClOa25k3UAxEG9aDO22TKVyaOFgAp/cZmiHGpYowBCNwC9qK
nrwVCY5ji++6rcHCiRT1XEp+om8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRqUb8P
5dSYxafmgaj6NGh6Y3E9vTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWM4MWFlODUtYTk3YS00MWM0LTk3ZjctMzMyN2NjZjBkYzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
QDANBgkqhkiG9w0BAQsFAAOCAQEAhOJAZryIFH5RjMx0oHk9hzXG/fK0Df4SNDSN
8fRAsYKzIYt9WHJVtW7/FVnyMDs8MmPTeq4LxNRUHd/37KZHdfq+BrHTdNtoFrld
t3a2IIqLbjyw/T70Y5G8dpHyIDnFG/wdKX/Qemqxm0NwJ4wVOQvDwgGUA9eQi2rq
pAWMtSH17jhbx+UHGPBX5LelwbbFy07+FiTugGg3C0kg+wwHm59zfTxliloycslA
U47J07Zs8jGEj1Km97mJ5MGZmaeEoKaFrV94/yhHizW1ZCTGvX8hPHj9D4Q6czYr
4hafdpSq95uokpyd+Lgd38eWlMsg56MgSiiJC9gAlSTXKP26eA==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:03 2025 by rpki-client