Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
File: 27140a0d-612c-4da4-a60a-55c28faff6fe.roa (raw, json)
Hash identifier: JwRXVADmchtHrzGh6v1H/AMwvSZ2fPezXn8IL5J0hvY=
Subject key identifier: 16:7E:C8:FA:CC:15:97:FF:FE:C5:D8:EF:41:82:8C:71:FE:16:51:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A621E04CA951DA7AF7941BF03DB7B22717C1357
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
Signing time: Mon 01 Sep 2025 21:00:21 +0000
ROA not before: Mon 01 Sep 2025 21:00:21 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:62:1e:04:ca:95:1d:a7:af:79:41:bf:03:db:7b:22:71:7c:13:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:00:21 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=43e25be1515bbff1355e51223243989f0475ea37f9fbeb5f5d4fb5aed04e1965, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0f:50:dd:36:34:ff:fc:0c:ff:5e:f3:3b:9e:
0a:8e:91:72:37:8f:f6:9e:62:04:66:5c:eb:3a:1f:
4e:0f:b5:fb:13:93:e9:2b:59:d0:c2:15:95:5d:bd:
08:c0:ca:c7:cb:70:5b:84:15:e9:0d:12:ee:37:68:
6d:53:69:67:21:24:24:83:1f:ca:9d:0b:32:07:e8:
e6:f4:d0:23:64:d2:bb:9e:bc:84:41:b4:98:5d:3c:
1b:04:98:05:2d:2d:ac:67:f7:ce:8b:ae:89:cf:fa:
42:33:4a:6e:79:11:70:59:a3:1b:a3:f8:9d:5f:60:
13:ad:ca:ec:7a:9f:28:42:a6:78:9d:d0:c9:cf:a3:
93:45:c1:29:0a:a0:fa:4e:ac:eb:69:0a:41:6d:48:
67:8d:ab:76:f3:05:a2:8f:9a:20:f2:e8:12:cb:5c:
23:db:0c:7e:46:37:f9:ae:17:d7:34:34:88:ed:d3:
98:5e:d5:7d:de:c2:fb:d4:a2:3d:cb:ae:50:8b:78:
57:66:aa:6e:16:a8:e6:e7:62:89:15:42:6c:de:3b:
8f:bc:5a:b0:5a:31:38:95:ca:7a:d0:bb:da:0a:42:
47:17:3b:8a:f0:8b:65:d1:73:5e:44:26:03:a8:05:
17:c9:09:24:9d:92:35:74:b4:41:52:e6:95:64:67:
6b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:7E:C8:FA:CC:15:97:FF:FE:C5:D8:EF:41:82:8C:71:FE:16:51:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/27140a0d-612c-4da4-a60a-55c28faff6fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
78:49:2c:e6:45:de:41:7d:15:b6:39:d4:d5:c9:dc:83:ee:4e:
de:4e:b2:ed:01:08:0f:c2:ac:bd:35:e1:77:0f:20:e2:79:88:
66:d8:57:1e:17:10:22:4d:ec:0e:29:37:78:f6:06:05:7a:08:
cd:ae:f2:dc:ff:64:39:1b:5a:bb:c5:5e:c5:d3:a8:c8:66:ea:
74:f5:85:f0:39:72:0d:3e:21:4f:dd:5f:46:9a:e0:a7:1a:a2:
db:80:fd:92:92:cb:74:e3:96:63:24:29:4f:4b:c0:e9:f0:77:
49:57:d8:7d:59:ff:9b:53:c9:a9:43:f6:5e:d6:58:21:f5:dc:
61:46:9d:ff:4a:39:5d:cb:69:e4:da:17:cd:7b:b1:81:0a:58:
5b:27:f3:46:2f:9e:45:70:79:7a:47:fe:0b:81:76:40:a8:82:
22:e4:64:47:59:4a:a0:39:07:f2:09:99:22:87:79:e2:4f:69:
d7:e0:21:64:6d:c8:12:ca:5e:3f:a8:bb:b5:30:3c:fd:2e:e6:
a4:e2:d9:1c:1e:36:13:b5:66:4a:e5:76:63:ff:90:31:53:28:
bc:d7:65:b3:50:62:d0:93:8a:26:74:07:7f:ea:ee:2a:01:30:
19:7b:2c:16:09:bd:3c:1d:06:d5:0c:d5:5b:45:49:09:15:24:
4b:1c:38:9d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCmIeBMqVHaeveUG/A9t7InF8E1cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAwMjFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzZTI1YmUxNTE1YmJmZjEzNTVlNTEyMjMyNDM5ODlmMDQ3NWVhMzdmOWZi
ZWI1ZjVkNGZiNWFlZDA0ZTE5NjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJgPUN02NP/8DP9e8zueCo6RcjeP9p5iBGZc6zofTg+1+xOT6StZ0MIVlV29
CMDKx8twW4QV6Q0S7jdobVNpZyEkJIMfyp0LMgfo5vTQI2TSu568hEG0mF08GwSY
BS0trGf3zouuic/6QjNKbnkRcFmjG6P4nV9gE63K7HqfKEKmeJ3Qyc+jk0XBKQqg
+k6s62kKQW1IZ42rdvMFoo+aIPLoEstcI9sMfkY3+a4X1zQ0iO3TmF7Vfd7C+9Si
PcuuUIt4V2aqbhao5udiiRVCbN47j7xasFoxOJXKetC72gpCRxc7ivCLZdFzXkQm
A6gFF8kJJJ2SNXS0QVLmlWRna/8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWfsj6
zBWX//7F2O9Bgoxx/hZRzjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjcxNDBhMGQtNjEyYy00ZGE0LWE2MGEtNTVjMjhmYWZmNmZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQB4SSzmRd5BfRW2OdTVydyD7k7eTrLtAQgPwqy9
NeF3DyDieYhm2FceFxAiTewOKTd49gYFegjNrvLc/2Q5G1q7xV7F06jIZup09YXw
OXINPiFP3V9GmuCnGqLbgP2Skst045ZjJClPS8Dp8HdJV9h9Wf+bU8mpQ/Ze1lgh
9dxhRp3/Sjldy2nk2hfNe7GBClhbJ/NGL55FcHl6R/4LgXZAqIIi5GRHWUqgOQfy
CZkih3niT2nX4CFkbcgSyl4/qLu1MDz9Luak4tkcHjYTtWZK5XZj/5AxUyi812Wz
UGLQk4omdAd/6u4qATAZeywWCb08HQbVDNVbRUkJFSRLHDid
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:41 2025 by rpki-client