Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
File: 1d9a8425-e89b-4598-a680-84c5b341edfd.roa (raw, json)
Hash identifier: 7GDMIpGsmvah8MlrkraR3rCS4GH3qQY3aMHqpJUTmSk=
Subject key identifier: D4:85:69:5D:11:D4:F7:16:05:6D:D3:C7:69:32:25:73:15:34:6B:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4531C0FD41996C5DC56A5D2914514E54EE542B02
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
Signing time: Mon 01 Sep 2025 20:30:47 +0000
ROA not before: Mon 01 Sep 2025 20:30:47 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 15:33:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:31:c0:fd:41:99:6c:5d:c5:6a:5d:29:14:51:4e:54:ee:54:2b:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:47 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=0619e934045d0adc15b8bf56a5c545d6369b148ab70b97830af9fa10b79f23bd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8a:2a:c1:16:7b:8b:1f:7f:78:3e:30:1e:82:
27:43:a9:fa:32:35:43:17:92:fb:fe:09:b5:c5:c2:
fd:7b:e3:5d:51:59:4c:f5:e0:16:b3:ac:b2:62:cc:
6c:af:ed:c0:a7:a4:29:f2:99:91:e6:27:22:2d:06:
ab:84:3b:05:94:ec:75:e9:e1:6b:69:5f:eb:5e:c5:
a6:94:4e:80:4f:04:1a:4e:db:3d:6e:7a:37:6e:c7:
c5:5d:96:67:8e:b4:44:9e:11:17:d4:1a:1c:88:76:
03:f6:76:82:8d:7c:ba:af:e1:b0:ef:76:2e:52:38:
31:fe:37:a0:ac:82:a7:00:e9:a0:0b:98:13:c4:a0:
a3:e1:ac:2f:1c:73:6b:3f:29:71:34:1f:45:fe:46:
5a:2d:e2:d8:96:37:04:dd:86:cf:65:5d:17:65:07:
05:cf:b3:87:51:df:ef:e9:b6:ee:ce:f2:30:06:f5:
f9:84:d4:bc:b6:c4:de:9c:47:20:01:16:fb:47:22:
81:2e:78:54:28:d5:cc:eb:6c:7b:d6:ae:6a:83:80:
23:1b:b8:7c:3f:80:9c:46:eb:1f:38:8e:a2:fa:b7:
d9:f3:4a:84:09:b3:cb:e3:d8:68:00:3f:53:65:c9:
c1:a3:d1:78:5d:6c:bc:35:cd:b1:7d:55:44:90:61:
98:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:85:69:5D:11:D4:F7:16:05:6D:D3:C7:69:32:25:73:15:34:6B:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d9a8425-e89b-4598-a680-84c5b341edfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:2000::/40
Signature Algorithm: sha256WithRSAEncryption
00:5b:36:54:bc:10:b9:49:be:8f:61:83:92:1a:eb:ce:75:32:
ad:ae:8d:7a:1f:c7:f7:af:07:b1:49:f7:f3:ea:f2:c9:f2:07:
85:74:4b:04:a2:50:c6:af:4a:d7:27:b7:87:30:79:1a:d2:5b:
d6:18:8e:92:b2:a3:f9:68:2c:35:66:d3:0b:bd:12:19:0f:dc:
4b:41:9e:0f:34:2b:65:ad:8c:41:01:39:c2:8c:36:b7:4f:f3:
00:7c:f0:3f:d1:bc:4f:3a:22:09:78:bb:d8:28:79:ef:76:2a:
48:75:2e:52:72:2c:3f:47:59:ea:bd:dd:54:f9:7a:b4:8e:f6:
1c:62:c0:25:51:7d:8c:ef:13:2d:94:62:b0:0a:2d:d8:78:8e:
9c:59:c2:33:d6:c9:24:b7:ff:46:5f:a6:cc:85:4f:7c:7c:1b:
ba:d5:96:1c:8a:d3:06:5d:86:fc:02:c5:89:cd:12:b7:f5:5f:
3d:6d:97:70:a5:a2:79:3a:3a:f6:db:40:d0:ca:e2:70:f1:a1:
10:4f:18:be:f3:04:e5:6f:0f:fd:e6:54:ef:7e:ff:a5:e8:87:
f1:da:0a:8a:10:24:fe:52:dc:e9:41:ea:3e:5e:92:ce:8a:6c:
81:66:a4:fa:fb:cf:42:44:8b:15:d8:8e:55:5d:46:7f:68:bd:
10:3f:a6:6a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURTHA/UGZbF3Fal0pFFFOVO5UKwIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwNDdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2MTllOTM0MDQ1ZDBhZGMxNWI4YmY1NmE1YzU0NWQ2MzY5YjE0OGFiNzBi
OTc4MzBhZjlmYTEwYjc5ZjIzYmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiKKsEWe4sff3g+MB6CJ0Op+jI1QxeS+/4JtcXC/XvjXVFZTPXgFrOssmLM
bK/twKekKfKZkeYnIi0Gq4Q7BZTsdenha2lf617FppROgE8EGk7bPW56N27HxV2W
Z460RJ4RF9QaHIh2A/Z2go18uq/hsO92LlI4Mf43oKyCpwDpoAuYE8Sgo+GsLxxz
az8pcTQfRf5GWi3i2JY3BN2Gz2VdF2UHBc+zh1Hf7+m27s7yMAb1+YTUvLbE3pxH
IAEW+0cigS54VCjVzOtse9auaoOAIxu4fD+AnEbrHziOovq32fNKhAmzy+PYaAA/
U2XJwaPReF1svDXNsX1VRJBhmB8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTUhWld
EdT3FgVt08dpMiVzFTRrWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQ5YTg0MjUtZTg5Yi00NTk4LWE2ODAtODRjNWIzNDFlZGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAg
MA0GCSqGSIb3DQEBCwUAA4IBAQAAWzZUvBC5Sb6PYYOSGuvOdTKtro16H8f3rwex
Sffz6vLJ8geFdEsEolDGr0rXJ7eHMHka0lvWGI6SsqP5aCw1ZtMLvRIZD9xLQZ4P
NCtlrYxBATnCjDa3T/MAfPA/0bxPOiIJeLvYKHnvdipIdS5Sciw/R1nqvd1U+Xq0
jvYcYsAlUX2M7xMtlGKwCi3YeI6cWcIz1skkt/9GX6bMhU98fBu61ZYcitMGXYb8
AsWJzRK39V89bZdwpaJ5Ojr220DQyuJw8aEQTxi+8wTlbw/95lTvfv+l6Ifx2gqK
ECT+UtzpQeo+XpLOimyBZqT6+89CRIsV2I5VXUZ/aL0QP6Zq
-----END CERTIFICATE-----
Generated at Wed Sep 17 18:24:13 2025 by rpki-client