Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
File: 2cee858e-c572-427b-8123-23b2e05abc40.roa (raw, json)
Hash identifier: 3YD9Kb0ioZU1XoWgrVlWGu95NQ7/U3KpxyIPr+xoL9E=
Subject key identifier: 4A:6E:52:4E:89:BD:D9:A5:2A:11:5D:17:B0:2E:D8:9A:5B:EA:B7:C9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 477FCE6131D7C4FB90F2DCB885071C26A67BD4D6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
Signing time: Mon 01 Sep 2025 19:40:36 +0000
ROA not before: Mon 01 Sep 2025 19:40:36 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:7f:ce:61:31:d7:c4:fb:90:f2:dc:b8:85:07:1c:26:a6:7b:d4:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:40:36 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=1550e70684c2092ba1b4ae2e4a5daa51b75ec42e09a84bfda617454153abfd85, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7f:bd:6c:45:e3:6f:35:c2:74:48:55:cb:37:
2a:c5:28:63:7b:d8:b0:08:a3:3c:5d:22:38:da:2e:
97:21:08:8d:98:c2:66:c9:4d:2f:13:7c:b2:48:84:
32:0d:0e:43:37:0f:24:b2:4b:9a:f3:4f:b9:5a:25:
75:12:a1:cc:4c:43:f3:11:ba:31:cf:22:ce:15:7a:
4b:30:79:03:cb:6e:1d:f5:2b:e0:ba:bd:5a:3a:7e:
c6:7b:83:13:91:f2:5c:ff:82:42:48:cc:4d:80:44:
82:db:1c:5e:cc:27:47:f5:95:c9:41:8c:a9:d1:3b:
2e:91:25:3e:92:0b:56:30:14:99:42:9d:60:90:ad:
05:33:44:03:45:d1:7b:2d:cf:83:db:b2:9d:7f:32:
75:02:6d:bd:84:57:71:58:38:ba:eb:72:20:42:6f:
4b:f4:18:87:8b:ec:9a:f4:be:17:21:94:79:c8:f6:
84:14:41:2e:ed:67:a8:e8:91:99:df:cf:ab:01:13:
0f:00:63:ca:59:c8:43:1b:f8:b7:d1:bc:a7:49:0b:
b5:56:4f:5f:ef:0c:41:2a:80:4d:20:b3:e7:54:68:
9f:3b:15:89:f5:0b:3d:4d:64:4f:ab:66:25:d7:f1:
76:b5:03:fc:c2:3e:f2:3c:f9:50:7a:00:27:99:b5:
36:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:6E:52:4E:89:BD:D9:A5:2A:11:5D:17:B0:2E:D8:9A:5B:EA:B7:C9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c080::/48
Signature Algorithm: sha256WithRSAEncryption
89:28:f7:68:5a:fb:55:ee:59:74:30:59:42:1e:8a:65:90:d2:
58:9c:d7:42:65:db:bf:e7:f8:83:82:4a:31:7e:8e:86:bf:f5:
2e:f0:38:33:a7:31:22:14:fc:03:82:4b:7c:c5:3e:3d:41:10:
92:64:18:4d:05:f5:62:89:a0:ad:c8:23:9e:92:6d:f8:9d:72:
ac:2b:65:d4:3c:a8:ed:28:c5:0d:04:ec:a9:6f:0a:63:cb:a9:
bc:3d:8d:a7:ef:c5:16:35:df:93:cd:90:ca:70:e7:cb:cf:b0:
5a:b6:86:34:af:14:31:f4:9c:9e:dd:87:a6:95:09:6d:41:e1:
03:8b:35:3c:1a:a2:ac:f2:19:65:d2:99:d0:29:77:f2:77:05:
da:f5:67:7c:25:ca:57:3c:f2:e1:ae:3f:0b:96:4a:c9:66:3e:
25:66:6b:98:4c:c8:53:08:3b:13:a3:90:5d:7f:44:38:45:08:
f2:e6:99:a4:34:fd:44:c3:b8:9f:fa:a0:6c:55:0d:5e:64:e5:
aa:79:21:79:7a:52:30:62:e7:cd:95:8b:73:51:1e:77:cf:f3:
56:78:da:f6:a8:f0:bd:b8:13:f3:fd:62:4c:ab:e1:a5:53:ef:
97:a5:78:bd:6f:be:65:8d:13:32:de:78:92:ff:e8:88:6b:2b:
f4:e8:4e:c4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUR3/OYTHXxPuQ8ty4hQccJqZ71NYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTQwMzZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1NTBlNzA2ODRjMjA5MmJhMWI0YWUyZTRhNWRhYTUxYjc1ZWM0MmUwOWE4
NGJmZGE2MTc0NTQxNTNhYmZkODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKp/vWxF4281wnRIVcs3KsUoY3vYsAijPF0iONoulyEIjZjCZslNLxN8skiE
Mg0OQzcPJLJLmvNPuVoldRKhzExD8xG6Mc8izhV6SzB5A8tuHfUr4Lq9Wjp+xnuD
E5HyXP+CQkjMTYBEgtscXswnR/WVyUGMqdE7LpElPpILVjAUmUKdYJCtBTNEA0XR
ey3Pg9uynX8ydQJtvYRXcVg4uutyIEJvS/QYh4vsmvS+FyGUecj2hBRBLu1nqOiR
md/PqwETDwBjylnIQxv4t9G8p0kLtVZPX+8MQSqATSCz51RonzsVifULPU1kT6tm
JdfxdrUD/MI+8jz5UHoAJ5m1NoECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRKblJO
ib3ZpSoRXRewLtiaW+q3yTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmNlZTg1OGUtYzU3Mi00MjdiLTgxMjMtMjNiMmUwNWFiYzQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
gDANBgkqhkiG9w0BAQsFAAOCAQEAiSj3aFr7Ve5ZdDBZQh6KZZDSWJzXQmXbv+f4
g4JKMX6Ohr/1LvA4M6cxIhT8A4JLfMU+PUEQkmQYTQX1YomgrcgjnpJt+J1yrCtl
1Dyo7SjFDQTsqW8KY8upvD2Np+/FFjXfk82QynDny8+wWraGNK8UMfScnt2HppUJ
bUHhA4s1PBqirPIZZdKZ0Cl38ncF2vVnfCXKVzzy4a4/C5ZKyWY+JWZrmEzIUwg7
E6OQXX9EOEUI8uaZpDT9RMO4n/qgbFUNXmTlqnkheXpSMGLnzZWLc1Eed8/zVnja
9qjwvbgT8/1iTKvhpVPvl6V4vW++ZY0TMt54kv/oiGsr9OhOxA==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:21 2025 by rpki-client