Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa
File: 28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa (raw, json)
Hash identifier: x1GBZv7CvaUoQSuKTWoKXkIJ/UgTjdNFQEixGyUgzCY=
Subject key identifier: 52:48:C4:00:13:BB:48:4D:0C:EF:21:AF:8B:FD:B9:76:3C:77:85:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6422D996C55611555F8AF35B6E700AE4FE8C7CBE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa
Signing time: Mon 01 Sep 2025 20:20:09 +0000
ROA not before: Mon 01 Sep 2025 20:20:09 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:22:d9:96:c5:56:11:55:5f:8a:f3:5b:6e:70:0a:e4:fe:8c:7c:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:20:09 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=cba1007858bd9a9095ae04d33c22caaf519a6b7ad0ac33b1f2886c02a326864a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7d:21:f3:1a:d8:7d:5e:86:bb:6d:1f:90:e9:
88:be:a2:e9:b8:79:2c:cc:d7:19:ef:23:a2:d3:8e:
75:8f:cb:04:01:9b:0b:d3:ae:c8:85:98:68:19:4a:
49:de:8c:a8:66:cc:08:53:ed:ac:f0:cc:05:00:31:
27:47:d2:bc:94:73:94:e3:ab:5c:94:7b:97:33:03:
7a:5d:2d:28:b5:d0:3b:cf:c4:dc:9d:7c:d8:73:2b:
96:88:4e:0c:3b:a8:e3:64:f5:6c:0d:81:4a:06:85:
c7:3b:13:b5:64:6f:e3:ad:36:3c:cc:01:d1:5a:93:
60:62:89:9c:85:88:8d:b3:36:0b:65:29:6a:06:9d:
57:0b:b0:42:2f:de:c4:d9:c1:c6:4a:37:30:80:b5:
6e:e2:af:68:e7:f3:91:23:e6:dc:66:2c:c9:81:e0:
b0:b0:6c:4c:22:7d:4b:fe:e2:4c:1b:e1:1c:49:9f:
73:93:4a:d0:34:f5:ed:90:d3:97:71:a0:d0:fb:47:
d7:15:e1:7a:95:60:dc:25:b4:a3:b9:88:f1:df:9b:
9f:00:ab:3f:4a:d1:e8:cb:51:04:8f:de:9c:23:ea:
47:cb:03:d8:1e:44:60:ba:d1:6e:b3:ec:e5:e8:23:
c8:a2:29:50:a3:59:22:29:8b:8c:ef:5c:b2:67:6d:
1d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:48:C4:00:13:BB:48:4D:0C:EF:21:AF:8B:FD:B9:76:3C:77:85:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80e0::/48
Signature Algorithm: sha256WithRSAEncryption
11:c4:02:08:0b:4e:39:e4:b9:4f:44:96:62:92:8d:75:20:da:
08:61:80:eb:f0:2b:11:c4:aa:aa:0d:db:82:37:32:dc:d6:2f:
c2:95:60:b5:ab:32:50:1a:c4:5b:0b:f3:81:f3:2f:09:f5:50:
3e:03:24:f6:4e:ce:f6:63:dc:b3:82:6c:9a:5a:87:36:0c:e2:
7c:50:3d:df:98:12:1b:d4:cd:46:a3:ce:ac:a0:d6:86:17:47:
fa:fb:2b:c2:99:26:10:08:57:1c:6b:ce:01:8e:20:51:aa:86:
42:53:0c:3c:eb:97:fb:f5:14:92:76:94:09:36:75:5c:7d:d4:
0e:a1:6e:ee:5b:32:47:cf:3a:31:1b:ab:7c:36:de:e3:40:9b:
8b:89:74:68:77:fa:c5:c8:c6:57:56:a5:ca:cd:14:f2:c7:c1:
6b:35:79:f2:ef:d1:aa:f5:a6:4d:ec:26:62:82:42:9d:61:21:
b6:a5:ca:75:01:18:f7:42:99:29:fe:d7:5e:be:1d:8d:95:e3:
c3:50:ec:b5:67:2f:dd:e7:5a:4a:b5:de:bf:b3:93:0d:71:85:
f4:0e:21:81:e7:86:a5:eb:3f:ef:05:ee:27:bc:c1:38:55:f2:
fa:51:b4:2e:13:77:e4:72:75:74:34:d1:f4:d9:9a:bf:0c:d4:
57:89:51:e8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZCLZlsVWEVVfivNbbnAK5P6MfL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIwMDlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiYTEwMDc4NThiZDlhOTA5NWFlMDRkMzNjMjJjYWFmNTE5YTZiN2FkMGFj
MzNiMWYyODg2YzAyYTMyNjg2NGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIR9IfMa2H1ehrttH5DpiL6i6bh5LMzXGe8jotOOdY/LBAGbC9OuyIWYaBlK
Sd6MqGbMCFPtrPDMBQAxJ0fSvJRzlOOrXJR7lzMDel0tKLXQO8/E3J182HMrlohO
DDuo42T1bA2BSgaFxzsTtWRv4602PMwB0VqTYGKJnIWIjbM2C2UpagadVwuwQi/e
xNnBxko3MIC1buKvaOfzkSPm3GYsyYHgsLBsTCJ9S/7iTBvhHEmfc5NK0DT17ZDT
l3Gg0PtH1xXhepVg3CW0o7mI8d+bnwCrP0rR6MtRBI/enCPqR8sD2B5EYLrRbrPs
5egjyKIpUKNZIimLjO9csmdtHd8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRSSMQA
E7tITQzvIa+L/bl2PHeFlzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjhmYzQzYWQtMGMzYi00ZDc3LWFhMzItNWVmYzQzMWU2OWMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
4DANBgkqhkiG9w0BAQsFAAOCAQEAEcQCCAtOOeS5T0SWYpKNdSDaCGGA6/ArEcSq
qg3bgjcy3NYvwpVgtasyUBrEWwvzgfMvCfVQPgMk9k7O9mPcs4JsmlqHNgzifFA9
35gSG9TNRqPOrKDWhhdH+vsrwpkmEAhXHGvOAY4gUaqGQlMMPOuX+/UUknaUCTZ1
XH3UDqFu7lsyR886MRurfDbe40Cbi4l0aHf6xcjGV1alys0U8sfBazV58u/RqvWm
TewmYoJCnWEhtqXKdQEY90KZKf7XXr4djZXjw1DstWcv3edaSrXev7OTDXGF9A4h
geeGpes/7wXuJ7zBOFXy+lG0LhN35HJ1dDTR9NmavwzUV4lR6A==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:07 2025 by rpki-client