Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa
File: 22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa (raw, json)
Hash identifier: kWkdXfZuDpCcDqvObO2qxEOSfdQ/aVi6s5pcK997ypA=
Subject key identifier: F2:0F:CD:F9:1F:D2:30:60:FF:C9:37:2B:51:14:E3:8D:EF:E4:5A:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1658D9C6CC23A6EC940F20F734C0F839A23F5DF6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa
Signing time: Mon 01 Sep 2025 20:50:17 +0000
ROA not before: Mon 01 Sep 2025 20:50:17 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:58:d9:c6:cc:23:a6:ec:94:0f:20:f7:34:c0:f8:39:a2:3f:5d:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:50:17 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=a16a74f0162b15365adbd2d4b713f21575b3fca1f4491efabac028eb24238285, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:1c:62:c3:f1:6e:31:54:72:a7:47:e0:9c:a9:
cf:5d:da:0d:3b:cf:9e:7a:e8:41:e7:86:86:1c:56:
52:7c:65:e5:e2:2d:5f:c6:15:17:17:08:e3:60:f3:
16:14:ff:ca:e8:79:53:c2:21:60:03:22:45:2e:f3:
5a:ef:75:9f:7c:ca:6b:d7:80:2f:2c:1b:8a:76:ae:
27:13:da:f1:ff:bb:e5:48:8f:b7:68:91:5e:d7:af:
98:53:45:fd:69:f4:a3:f6:eb:64:3f:f8:41:e4:ce:
aa:72:62:61:ca:cd:45:5c:cb:b8:7e:51:53:84:5f:
87:2d:62:e5:7b:9d:d3:e0:78:40:a6:7b:64:bc:1f:
e0:4d:54:c2:30:09:47:08:fe:c8:ee:8a:cb:30:c6:
e4:63:1c:99:1a:a8:4d:e4:e3:41:61:59:e0:fe:02:
e1:e9:05:82:ff:67:07:14:a4:d9:3d:ba:10:99:c2:
c0:e1:c0:e5:10:4b:6a:9b:93:72:0f:49:ee:47:b3:
2e:e9:eb:98:55:f2:6e:6c:c6:67:bb:ed:b0:9c:45:
55:5e:b0:85:e9:19:ac:7b:c7:11:93:73:27:db:bd:
37:7d:6b:85:e4:b4:cc:15:94:2f:78:c4:f6:36:c3:
82:e2:a7:a6:89:4e:dd:20:b9:b6:7b:9c:cd:3b:c1:
2e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:0F:CD:F9:1F:D2:30:60:FF:C9:37:2B:51:14:E3:8D:EF:E4:5A:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/22cb20bc-8063-4169-9e4b-a3ad29aeedc7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:4000::/40
Signature Algorithm: sha256WithRSAEncryption
6e:35:eb:ce:3d:7b:5f:ca:8a:0b:7a:86:5c:f3:8b:ba:2a:87:
b5:90:eb:49:5a:97:b6:57:7f:e6:f3:cb:be:78:57:12:ec:1a:
17:ff:99:8a:a3:29:97:5b:bb:00:5b:b3:2a:fb:3a:dd:68:c3:
45:96:61:83:10:21:22:2c:5d:ee:47:27:e0:ae:d5:2c:ad:1f:
25:9f:5c:dc:0f:81:a8:a2:25:c9:f0:9a:98:8f:09:40:58:f6:
f9:67:2b:57:f5:3f:8e:15:77:fb:0b:87:cd:13:5d:a2:ea:fb:
6b:e4:6e:6b:79:62:6f:d4:35:f2:dc:19:03:9f:76:31:1c:a4:
0a:8d:a5:64:69:f6:0b:92:5e:e3:06:d3:2f:27:79:1f:75:57:
12:52:4b:b5:d0:f3:84:9d:5c:a3:af:e5:1d:82:11:19:1d:12:
db:0d:8f:63:56:ae:45:8c:d3:2d:a1:46:1f:9c:af:42:25:3b:
42:94:87:c7:12:ee:cc:0d:46:83:04:65:b8:d9:b0:26:51:60:
81:99:9d:a3:2a:62:bc:7c:d8:c0:bc:72:1d:26:b2:41:87:a8:
04:de:14:55:bc:a1:66:8b:30:06:64:fa:61:e5:00:be:f2:fd:
e1:e9:99:8a:d0:c3:f5:ca:18:43:11:a6:79:aa:71:f9:43:6c:
2d:c5:16:c7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFljZxswjpuyUDyD3NMD4OaI/XfYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUwMTdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGExNmE3NGYwMTYyYjE1MzY1YWRiZDJkNGI3MTNmMjE1NzViM2ZjYTFmNDQ5
MWVmYWJhYzAyOGViMjQyMzgyODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPMcYsPxbjFUcqdH4Jypz13aDTvPnnroQeeGhhxWUnxl5eItX8YVFxcI42Dz
FhT/yuh5U8IhYAMiRS7zWu91n3zKa9eALywbinauJxPa8f+75UiPt2iRXtevmFNF
/Wn0o/brZD/4QeTOqnJiYcrNRVzLuH5RU4Rfhy1i5Xud0+B4QKZ7ZLwf4E1UwjAJ
Rwj+yO6KyzDG5GMcmRqoTeTjQWFZ4P4C4ekFgv9nBxSk2T26EJnCwOHA5RBLapuT
cg9J7kezLunrmFXybmzGZ7vtsJxFVV6whekZrHvHEZNzJ9u9N31rheS0zBWUL3jE
9jbDguKnpolO3SC5tnuczTvBLvsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTyD835
H9IwYP/JNytRFOON7+RakjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjJjYjIwYmMtODA2My00MTY5LTllNGItYTNhZDI5YWVlZGM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FBA
MA0GCSqGSIb3DQEBCwUAA4IBAQBuNevOPXtfyooLeoZc84u6Koe1kOtJWpe2V3/m
88u+eFcS7BoX/5mKoymXW7sAW7Mq+zrdaMNFlmGDECEiLF3uRyfgrtUsrR8ln1zc
D4GooiXJ8JqYjwlAWPb5ZytX9T+OFXf7C4fNE12i6vtr5G5reWJv1DXy3BkDn3Yx
HKQKjaVkafYLkl7jBtMvJ3kfdVcSUku10POEnVyjr+UdghEZHRLbDY9jVq5FjNMt
oUYfnK9CJTtClIfHEu7MDUaDBGW42bAmUWCBmZ2jKmK8fNjAvHIdJrJBh6gE3hRV
vKFmizAGZPph5QC+8v3h6ZmK0MP1yhhDEaZ5qnH5Q2wtxRbH
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:26 2025 by rpki-client