Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa
File: 290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa (raw, json)
Hash identifier: PV5N+r0hgEg0bsT1SsEWgWLw4RdZUa1oH37EME5fuFQ=
Subject key identifier: 8F:CF:16:7B:A7:29:48:AF:3A:45:FE:6F:77:4B:D8:68:BA:63:04:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5DEF45D0D7D8D3A19AD92EF87AE94E03CBAB0C90
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa
Signing time: Mon 01 Sep 2025 21:21:09 +0000
ROA not before: Mon 01 Sep 2025 21:21:09 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02b::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:ef:45:d0:d7:d8:d3:a1:9a:d9:2e:f8:7a:e9:4e:03:cb:ab:0c:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:21:09 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=32712ac4982cd7618a733e04842fb0bae5b4764299f74393814662e2b039a6bc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a5:ef:e8:2b:cb:1a:c4:15:73:0c:1c:de:ed:
79:a5:22:5c:b6:f9:a1:c2:a1:8c:f1:d8:9e:a6:47:
9e:77:fa:0b:f7:84:90:49:48:74:96:69:8b:37:4e:
5e:09:77:fd:e7:0c:6b:7c:fb:9d:11:2c:f4:53:4a:
3e:0f:a8:64:4f:73:2a:a6:f7:67:ae:f2:10:18:3c:
fe:4a:42:c7:06:6f:db:a1:7a:cd:c5:50:2a:cc:3c:
f3:b2:a6:1f:99:bd:23:93:56:0c:bd:58:24:d5:83:
b1:d2:73:91:ba:3f:bd:e4:b4:37:63:39:bf:12:45:
03:b4:77:a7:a0:13:bb:57:ed:3b:7b:f6:18:f2:4d:
7c:6e:f9:cd:b0:75:f5:29:fc:73:4a:c2:ff:56:72:
97:aa:4f:02:5a:8d:a4:0f:c6:ec:81:67:4a:1e:bd:
fa:ac:db:29:8c:92:77:72:65:b3:41:c8:7d:af:50:
6c:c6:d0:04:4a:ae:ab:e5:16:12:86:fc:48:8b:94:
0b:91:f8:1b:1f:99:02:6b:ba:dc:d9:69:45:ff:8e:
0a:5c:e3:d2:d1:15:5a:7b:52:54:e7:c8:ed:b1:bc:
99:e8:a6:38:b3:dc:11:dc:81:17:14:cb:94:76:7b:
ba:1e:6a:af:6b:ae:ea:19:dc:66:84:57:58:c6:7e:
3c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:CF:16:7B:A7:29:48:AF:3A:45:FE:6F:77:4B:D8:68:BA:63:04:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/290e67c7-7b75-4b9d-abc6-0c3ec34c1527.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02b::/36
Signature Algorithm: sha256WithRSAEncryption
80:3e:01:b0:d3:40:ac:28:6c:55:04:cf:8f:68:0f:9c:e4:bf:
9c:76:55:b6:41:4c:5a:a5:f5:20:53:5b:43:99:5d:9f:4e:24:
ab:9e:cb:cf:e8:e5:64:12:44:eb:d4:ff:73:5a:04:03:13:dd:
dd:1a:70:6f:e0:3a:c3:53:fd:6a:21:14:d8:ca:de:40:84:55:
8f:13:4a:21:65:82:de:39:0b:13:ec:3e:19:32:4d:f7:25:90:
be:a7:68:de:e0:57:82:21:e3:88:63:e5:9e:8a:18:0d:2a:5b:
93:7a:f4:3d:63:9e:74:e1:e7:80:45:a3:fa:41:6e:b7:ce:3c:
2d:c0:32:ad:19:65:7f:66:bc:ed:fa:27:87:1b:eb:79:30:51:
25:43:36:c0:2f:5c:73:6b:c7:d4:68:da:da:fd:24:1c:c0:4a:
e0:3f:c6:7b:62:71:03:2d:63:e3:1b:6a:2e:d1:2e:42:35:b8:
54:e1:b9:01:72:fb:32:bb:8f:c9:64:80:a7:0c:59:f9:bc:7d:
9f:d2:f2:33:1c:a3:72:aa:11:2c:7c:1c:13:cc:45:40:48:3f:
9f:e5:05:a5:8c:ee:a2:86:6c:18:6f:93:bd:bc:38:ec:19:ee:
a2:83:5c:01:9d:e1:07:cd:7b:12:81:68:fa:cd:30:f2:8f:0b:
80:93:d4:c3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXe9F0NfY06Ga2S74eulOA8urDJAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIxMDlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyNzEyYWM0OTgyY2Q3NjE4YTczM2UwNDg0MmZiMGJhZTViNDc2NDI5OWY3
NDM5MzgxNDY2MmUyYjAzOWE2YmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI6l7+gryxrEFXMMHN7teaUiXLb5ocKhjPHYnqZHnnf6C/eEkElIdJZpizdO
Xgl3/ecMa3z7nREs9FNKPg+oZE9zKqb3Z67yEBg8/kpCxwZv26F6zcVQKsw887Km
H5m9I5NWDL1YJNWDsdJzkbo/veS0N2M5vxJFA7R3p6ATu1ftO3v2GPJNfG75zbB1
9Sn8c0rC/1Zyl6pPAlqNpA/G7IFnSh69+qzbKYySd3Jls0HIfa9QbMbQBEquq+UW
Eob8SIuUC5H4Gx+ZAmu63NlpRf+OClzj0tEVWntSVOfI7bG8meimOLPcEdyBFxTL
lHZ7uh5qr2uu6hncZoRXWMZ+PAUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSPzxZ7
pylIrzpF/m93S9houmMEjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjkwZTY3YzctN2I3NS00YjlkLWFiYzYtMGMzZWMzNGMxNTI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CsA
MA0GCSqGSIb3DQEBCwUAA4IBAQCAPgGw00CsKGxVBM+PaA+c5L+cdlW2QUxapfUg
U1tDmV2fTiSrnsvP6OVkEkTr1P9zWgQDE93dGnBv4DrDU/1qIRTYyt5AhFWPE0oh
ZYLeOQsT7D4ZMk33JZC+p2je4FeCIeOIY+WeihgNKluTevQ9Y5504eeARaP6QW63
zjwtwDKtGWV/Zrzt+ieHG+t5MFElQzbAL1xza8fUaNra/SQcwErgP8Z7YnEDLWPj
G2ou0S5CNbhU4bkBcvsyu4/JZICnDFn5vH2f0vIzHKNyqhEsfBwTzEVASD+f5QWl
jO6ihmwYb5O9vDjsGe6ig1wBneEHzXsSgWj6zTDyjwuAk9TD
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:07 2025 by rpki-client