Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2331f846-3447-4dea-ac7a-63323853ebb9.roa
File: 2331f846-3447-4dea-ac7a-63323853ebb9.roa (raw, json)
Hash identifier: C4fTjtUYATU7UxnTtL5/OsUD2UGoY8FVeSEUqHn0kZE=
Subject key identifier: 86:52:32:71:D4:C3:E7:1A:B7:8F:76:62:09:AF:13:FC:E7:E7:7D:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 459B106C6395C702F5FEDE57ED27FE97D9882927
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2331f846-3447-4dea-ac7a-63323853ebb9.roa
Signing time: Mon 01 Sep 2025 21:00:53 +0000
ROA not before: Mon 01 Sep 2025 21:00:53 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:9b:10:6c:63:95:c7:02:f5:fe:de:57:ed:27:fe:97:d9:88:29:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:00:53 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=a7c59bb30a78c06f5f88cd5002a2d59d9849e075b6eb1b2546aca38633a0547b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5e:a7:5e:3f:f1:17:44:40:7f:4f:a9:11:4b:
cb:69:ca:d1:cb:88:e3:94:57:77:a7:fe:d1:7b:4d:
63:a5:ba:be:44:4d:18:31:89:20:00:e3:1b:3a:db:
f8:35:b1:10:52:c2:eb:09:ad:9a:ab:c4:61:8b:d3:
8c:e8:f2:b7:29:77:67:90:de:9f:73:15:3b:18:e8:
a5:a0:dc:26:c5:c7:58:98:62:18:a5:1b:b9:92:2f:
b8:af:b9:06:5b:5a:ab:18:8c:08:81:0a:5b:ca:01:
b7:1d:a9:46:8f:7b:bc:1c:01:b8:2e:78:ee:63:49:
44:25:2b:6f:70:c2:bf:c5:52:c6:db:ea:43:fd:d8:
cd:4f:a1:41:12:cd:ae:0e:70:ce:dc:40:03:ab:a4:
0f:50:a9:0e:8d:b4:a0:2e:9b:59:d5:96:ca:21:05:
2e:eb:8d:6d:28:1b:a8:60:6e:07:a8:a1:80:f4:07:
78:e9:02:7b:f3:59:20:74:32:be:3c:7f:7c:1f:99:
07:d6:ea:6e:ee:46:02:b2:77:5d:42:6f:d4:72:cc:
ef:7b:8d:04:65:ae:bf:9f:49:b3:02:72:3b:d7:16:
29:b1:51:c9:62:a2:71:2d:66:06:f1:ca:1b:47:c5:
c3:be:4a:33:ed:7a:37:ee:be:62:12:b9:c0:eb:85:
a0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:52:32:71:D4:C3:E7:1A:B7:8F:76:62:09:AF:13:FC:E7:E7:7D:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2331f846-3447-4dea-ac7a-63323853ebb9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:2000::/40
Signature Algorithm: sha256WithRSAEncryption
ab:f8:b0:52:84:2a:b4:26:bf:c2:f0:8a:79:fa:70:d1:2a:47:
75:23:59:c1:18:47:c0:4d:b0:dc:60:7c:aa:65:c5:36:6c:cb:
c6:21:31:d3:8c:e8:29:bf:67:48:d9:88:53:05:54:e1:45:80:
73:f1:6d:bd:c4:c4:b6:27:07:68:b2:1f:4b:6a:41:ca:60:19:
06:d4:7c:ac:2d:ce:d0:15:a4:fb:99:e0:9c:38:1d:64:cc:d0:
4a:52:88:58:f5:9a:10:a3:88:7b:e3:13:1c:ab:71:5f:ae:fe:
ac:f7:2e:21:61:7f:53:9e:0d:95:44:9d:e7:32:ec:d3:10:81:
9a:f3:b5:7b:98:42:02:d3:25:72:a0:d4:31:74:8f:67:ca:44:
f3:5e:d9:c4:3e:33:91:5b:10:77:f6:6b:04:50:74:3c:09:66:
9f:76:94:e1:f6:13:34:1b:74:67:ad:f8:52:ea:3c:17:cf:31:
e4:56:8b:1e:cf:9a:b4:e0:17:34:d3:c6:4b:ef:db:5b:04:ba:
eb:05:70:b5:2c:04:58:c5:fa:2e:b9:1c:f1:bc:a0:e8:a8:99:
28:be:32:cc:ab:76:6a:6c:6e:d8:f2:d8:48:a1:85:bd:d7:6a:
92:c8:ce:64:55:0a:0b:8b:5f:c3:7a:a5:b9:b0:aa:5f:29:93:
f1:7c:38:fc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURZsQbGOVxwL1/t5X7Sf+l9mIKScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAwNTNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3YzU5YmIzMGE3OGMwNmY1Zjg4Y2Q1MDAyYTJkNTlkOTg0OWUwNzViNmVi
MWIyNTQ2YWNhMzg2MzNhMDU0N2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlep14/8RdEQH9PqRFLy2nK0cuI45RXd6f+0XtNY6W6vkRNGDGJIADjGzrb
+DWxEFLC6wmtmqvEYYvTjOjytyl3Z5Den3MVOxjopaDcJsXHWJhiGKUbuZIvuK+5
BltaqxiMCIEKW8oBtx2pRo97vBwBuC547mNJRCUrb3DCv8VSxtvqQ/3YzU+hQRLN
rg5wztxAA6ukD1CpDo20oC6bWdWWyiEFLuuNbSgbqGBuB6ihgPQHeOkCe/NZIHQy
vjx/fB+ZB9bqbu5GArJ3XUJv1HLM73uNBGWuv59JswJyO9cWKbFRyWKicS1mBvHK
G0fFw75KM+16N+6+YhK5wOuFoJECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSGUjJx
1MPnGrePdmIJrxP85+d9HTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjMzMWY4NDYtMzQ0Ny00ZGVhLWFjN2EtNjMzMjM4NTNlYmI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8g
MA0GCSqGSIb3DQEBCwUAA4IBAQCr+LBShCq0Jr/C8Ip5+nDRKkd1I1nBGEfATbDc
YHyqZcU2bMvGITHTjOgpv2dI2YhTBVThRYBz8W29xMS2Jwdosh9LakHKYBkG1Hys
Lc7QFaT7meCcOB1kzNBKUohY9ZoQo4h74xMcq3Ffrv6s9y4hYX9Tng2VRJ3nMuzT
EIGa87V7mEIC0yVyoNQxdI9nykTzXtnEPjORWxB39msEUHQ8CWafdpTh9hM0G3Rn
rfhS6jwXzzHkVosez5q04Bc008ZL79tbBLrrBXC1LARYxfouuRzxvKDoqJkovjLM
q3ZqbG7Y8thIoYW912qSyM5kVQoLi1/DeqW5sKpfKZPxfDj8
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:47 2025 by rpki-client