Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa
File: 1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa (raw, json)
Hash identifier: fq+oO0dtkwhz10fBY0E5ghWbb7nQwqum2hRxNkQqbt0=
Subject key identifier: 08:D8:8B:4A:1D:2F:11:5E:89:F3:42:3A:B1:0F:BA:B8:1C:EE:19:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 132C04712173DF7E02092441789F22955007E3FE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa
Signing time: Mon 01 Sep 2025 21:00:10 +0000
ROA not before: Mon 01 Sep 2025 21:00:10 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:2c:04:71:21:73:df:7e:02:09:24:41:78:9f:22:95:50:07:e3:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:00:10 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=6eab01c7b00847cea9750ab7dc64a6222efbf7171714b75cb49cb12006cb7596, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c7:1c:6e:c5:93:ec:da:65:d2:69:3e:08:8d:
e1:eb:2a:4b:40:b0:b5:fa:38:10:71:f9:48:76:79:
88:fa:8d:7c:5b:b7:cf:1c:26:77:d4:6f:62:74:8c:
cb:0a:4d:de:d8:7d:a4:06:62:1c:4a:98:45:e0:2c:
77:cf:66:fa:66:7c:fa:eb:7b:60:f4:a7:23:5b:cc:
6d:47:f6:0c:10:22:f5:2d:3d:d8:f9:b8:5a:56:da:
22:49:d7:ba:70:20:b2:b4:9a:c9:db:67:22:28:db:
ac:68:71:f4:2c:3e:fc:83:1e:de:94:d1:21:c4:c3:
64:38:e7:39:06:09:a0:3d:b5:2c:32:a0:fa:0f:90:
66:61:1f:52:8a:c8:b3:5e:ea:e3:22:d2:71:c8:65:
72:39:31:c7:20:60:0b:f6:21:67:65:f1:ca:9c:f8:
6f:ee:b6:35:b0:6e:01:24:69:de:01:b1:a9:ee:27:
4a:47:a7:a7:91:e8:a9:40:b6:02:93:82:13:87:a1:
5c:b1:12:dd:4c:6f:c0:78:82:f4:b4:c3:ab:cd:ae:
3e:03:5c:56:0b:b8:4d:b1:c2:28:7d:ab:dd:ef:4d:
cd:e0:22:52:ef:04:23:6a:0d:90:49:6e:6f:82:40:
a3:28:86:65:af:0a:30:ff:14:50:c6:36:f8:fd:9b:
ef:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D8:8B:4A:1D:2F:11:5E:89:F3:42:3A:B1:0F:BA:B8:1C:EE:19:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:e000::/40
Signature Algorithm: sha256WithRSAEncryption
95:8e:42:ba:32:f2:69:08:38:7d:fd:07:ce:1b:25:aa:7e:ff:
7f:64:5a:87:d4:28:ae:85:b7:63:8f:4e:38:41:5e:72:36:a5:
e1:d3:f9:53:96:19:72:85:22:2e:e0:07:f2:14:27:34:11:5c:
aa:55:4d:76:5a:87:89:dd:f8:a8:d4:08:0d:00:30:1a:49:73:
91:50:8f:f3:53:24:24:75:82:89:13:04:03:ae:29:bb:c7:80:
99:32:c5:02:1d:9f:97:39:6f:6b:eb:ce:6f:8a:9c:c8:d8:6d:
5d:62:8c:c2:69:64:8d:c2:0c:ad:04:ee:0e:03:4e:ca:19:bb:
f6:34:b1:4c:37:5f:d6:80:ee:ef:5c:0d:2e:da:83:45:a8:05:
6d:9d:ac:2c:b1:5a:11:be:f8:b4:e4:14:b7:d6:b6:3c:53:eb:
27:46:57:45:75:c2:2e:3e:fb:5a:f5:98:75:d1:5b:f5:6a:4f:
70:31:f3:db:00:a2:06:f1:d9:49:8d:7f:86:a6:05:3d:c3:6b:
24:74:d7:39:0b:fb:f0:c6:3b:ea:f2:ef:55:ab:1f:96:99:99:
bd:91:7c:d1:94:75:ab:b2:86:67:b6:01:68:45:de:30:f3:99:
ef:d2:94:80:90:fe:a6:7e:66:39:95:9b:5a:80:39:ba:69:b3:
5b:13:69:c9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEywEcSFz334CCSRBeJ8ilVAH4/4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAwMTBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlYWIwMWM3YjAwODQ3Y2VhOTc1MGFiN2RjNjRhNjIyMmVmYmY3MTcxNzE0
Yjc1Y2I0OWNiMTIwMDZjYjc1OTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzHHG7Fk+zaZdJpPgiN4esqS0Cwtfo4EHH5SHZ5iPqNfFu3zxwmd9RvYnSM
ywpN3th9pAZiHEqYReAsd89m+mZ8+ut7YPSnI1vMbUf2DBAi9S092Pm4WlbaIknX
unAgsrSaydtnIijbrGhx9Cw+/IMe3pTRIcTDZDjnOQYJoD21LDKg+g+QZmEfUorI
s17q4yLScchlcjkxxyBgC/YhZ2Xxypz4b+62NbBuASRp3gGxqe4nSkenp5HoqUC2
ApOCE4ehXLES3UxvwHiC9LTDq82uPgNcVgu4TbHCKH2r3e9NzeAiUu8EI2oNkElu
b4JAoyiGZa8KMP8UUMY2+P2b7yMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQI2ItK
HS8RXonzQjqxD7q4HO4ZhzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWNjZmEzNjQtMDdhYi00YTVlLTgxYTktOTlmOWQ2YjNhMDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/g
MA0GCSqGSIb3DQEBCwUAA4IBAQCVjkK6MvJpCDh9/QfOGyWqfv9/ZFqH1Ciuhbdj
j044QV5yNqXh0/lTlhlyhSIu4AfyFCc0EVyqVU12WoeJ3fio1AgNADAaSXORUI/z
UyQkdYKJEwQDrim7x4CZMsUCHZ+XOW9r685vipzI2G1dYozCaWSNwgytBO4OA07K
Gbv2NLFMN1/WgO7vXA0u2oNFqAVtnawssVoRvvi05BS31rY8U+snRldFdcIuPvta
9Zh10Vv1ak9wMfPbAKIG8dlJjX+GpgU9w2skdNc5C/vwxjvq8u9Vqx+WmZm9kXzR
lHWrsoZntgFoRd4w85nv0pSAkP6mfmY5lZtagDm6abNbE2nJ
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:00 2025 by rpki-client