Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
File: 21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa (raw, json)
Hash identifier: p8b8Fi/mN4QRvUO6RH7rAIHgRomb1OnibKS0HaIpVOA=
Subject key identifier: D1:4B:05:16:10:D7:0D:B2:95:68:AC:E1:9A:49:CE:01:BE:74:D1:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C0555F5A69468C3ECF6FEC591773062A0C452B2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
Signing time: Mon 01 Sep 2025 20:40:24 +0000
ROA not before: Mon 01 Sep 2025 20:40:24 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:05:55:f5:a6:94:68:c3:ec:f6:fe:c5:91:77:30:62:a0:c4:52:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:40:24 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=c6d3983b3788120d3caf6c1a12268100abccc3fdd01b23e5494321fd2ea7d08e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:90:24:f3:07:b5:71:e7:a7:29:fa:52:21:b5:
57:13:62:ab:e3:3b:92:32:3d:0d:7d:c4:b0:ce:e3:
94:d0:e7:d5:2a:63:88:da:b6:4b:1b:86:1e:65:b3:
44:69:26:69:37:91:5e:51:b8:4d:5c:6d:72:80:fa:
91:ce:cf:39:be:bb:5c:88:c0:e8:d0:15:0e:3f:62:
1f:47:a7:49:88:89:41:67:ea:47:46:ae:2e:d8:86:
64:8c:bd:e1:b7:34:ae:df:8f:6d:a8:68:2a:03:85:
4e:4d:47:f4:be:30:f7:70:48:90:fc:de:da:9b:c4:
47:a3:83:2b:59:79:72:11:a3:f4:f7:ae:f1:66:ed:
d9:35:9c:32:06:ec:5a:05:5e:ef:21:87:ee:22:61:
d1:ae:9d:31:bc:f3:41:9c:7f:35:a3:c7:4e:69:21:
78:f9:0c:58:5d:35:48:bf:b2:5a:a5:4f:33:d9:a5:
65:71:6a:fd:98:a0:f1:e8:af:e4:39:4f:8c:ee:fa:
b0:bb:2d:91:f7:7b:9b:f8:63:bb:54:bf:9a:ff:4e:
50:8b:e5:64:18:92:1c:73:4e:f4:d4:88:fb:1c:f5:
94:5b:ec:bf:98:b1:c3:b9:21:2b:a4:34:6e:73:1a:
a0:2f:de:f8:3f:0c:38:d5:e0:5f:55:24:38:c5:37:
a5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:4B:05:16:10:D7:0D:B2:95:68:AC:E1:9A:49:CE:01:BE:74:D1:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/21e2f5c8-e012-44d0-a6f2-c4a065b3b954.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:4000::/40
Signature Algorithm: sha256WithRSAEncryption
aa:e7:3a:dc:28:3c:bc:50:dc:29:ce:9c:57:36:02:07:57:a1:
99:f8:16:52:c2:10:a6:52:12:11:98:67:1f:ab:6b:57:a5:63:
f4:cd:60:1f:96:02:25:d6:ea:72:2f:7a:49:a3:6e:11:25:84:
15:00:ec:27:86:58:4e:a7:09:16:6c:a0:1b:4a:a4:2f:e9:d6:
f6:31:1c:81:da:2a:36:8f:bb:fc:71:ec:0f:13:4b:9e:71:d2:
6c:29:2f:2c:4c:ec:fb:bc:98:47:d8:ae:c7:12:f8:0a:cf:67:
ce:f1:50:70:70:43:94:15:87:bc:37:e4:f5:20:cd:87:7b:c6:
ec:a2:32:ff:71:bf:56:56:02:f7:14:d0:b1:72:e4:c1:e9:07:
e8:0e:68:90:58:ce:cd:8a:b2:2f:36:8d:22:a3:dd:8b:f8:20:
ce:68:37:54:51:cc:01:f2:58:fa:74:a6:d4:cd:53:46:18:10:
b3:3f:4a:95:dc:02:00:a4:96:a1:f7:9d:de:1a:28:43:96:c0:
b5:1a:61:7d:3d:db:c3:03:41:a4:14:0d:ce:89:0a:d0:18:79:
db:2a:da:8a:1f:cd:3b:02:4c:bb:dc:e5:b8:76:eb:89:84:d7:
14:00:79:76:29:a6:3a:51:22:61:92:fd:e5:8c:ee:ac:ff:05:
c3:c2:6c:ec
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDAVV9aaUaMPs9v7FkXcwYqDEUrIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQwMjRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2ZDM5ODNiMzc4ODEyMGQzY2FmNmMxYTEyMjY4MTAwYWJjY2MzZmRkMDFi
MjNlNTQ5NDMyMWZkMmVhN2QwOGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyQJPMHtXHnpyn6UiG1VxNiq+M7kjI9DX3EsM7jlNDn1SpjiNq2SxuGHmWz
RGkmaTeRXlG4TVxtcoD6kc7POb67XIjA6NAVDj9iH0enSYiJQWfqR0auLtiGZIy9
4bc0rt+PbahoKgOFTk1H9L4w93BIkPze2pvER6ODK1l5chGj9Peu8Wbt2TWcMgbs
WgVe7yGH7iJh0a6dMbzzQZx/NaPHTmkhePkMWF01SL+yWqVPM9mlZXFq/Zig8eiv
5DlPjO76sLstkfd7m/hju1S/mv9OUIvlZBiSHHNO9NSI+xz1lFvsv5ixw7khK6Q0
bnMaoC/e+D8MONXgX1UkOMU3pdcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTRSwUW
ENcNspVorOGaSc4BvnTRHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjFlMmY1YzgtZTAxMi00NGQwLWE2ZjItYzRhMDY1YjNiOTU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRA
MA0GCSqGSIb3DQEBCwUAA4IBAQCq5zrcKDy8UNwpzpxXNgIHV6GZ+BZSwhCmUhIR
mGcfq2tXpWP0zWAflgIl1upyL3pJo24RJYQVAOwnhlhOpwkWbKAbSqQv6db2MRyB
2io2j7v8cewPE0uecdJsKS8sTOz7vJhH2K7HEvgKz2fO8VBwcEOUFYe8N+T1IM2H
e8bsojL/cb9WVgL3FNCxcuTB6QfoDmiQWM7NirIvNo0io92L+CDOaDdUUcwB8lj6
dKbUzVNGGBCzP0qV3AIApJah953eGihDlsC1GmF9PdvDA0GkFA3OiQrQGHnbKtqK
H807Aky73OW4duuJhNcUAHl2KaY6USJhkv3ljO6s/wXDwmzs
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:03 2025 by rpki-client