Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa
File: 2d9f3120-fab9-43aa-973f-4142925b1416.roa (raw, json)
Hash identifier: I9LT5P0l6bv6ffZ/AhhjGtjVguNtobr3cui8MWFl5GM=
Subject key identifier: EA:FE:B0:06:09:DB:1B:99:65:29:D5:61:12:01:51:B3:CA:9E:4F:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6FE77E94D16756EC7460FC16CF2FEC185252B86D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa
Signing time: Mon 01 Sep 2025 20:20:13 +0000
ROA not before: Mon 01 Sep 2025 20:20:13 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:e7:7e:94:d1:67:56:ec:74:60:fc:16:cf:2f:ec:18:52:52:b8:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:20:13 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=a642ae9bcb624f81f17594f9be6688f76355f65a24af723d33b0fe826bd128f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:69:76:76:b7:2b:98:82:34:ec:56:be:54:0f:
5b:4a:16:69:47:76:3f:73:c8:44:74:7b:5b:8a:1b:
3a:3b:47:96:03:94:66:da:87:ca:db:6e:89:44:35:
02:13:99:06:4d:55:fd:e7:95:ec:a2:29:95:80:36:
15:11:06:36:0d:f4:8b:21:4d:90:93:c6:cd:92:ff:
2c:a9:f1:d6:69:ec:be:18:07:51:49:88:e8:20:c0:
1b:f2:3f:50:cc:be:af:b8:98:24:b3:f9:c2:42:23:
b1:94:d8:1a:44:aa:c7:4d:13:86:09:ca:e2:d8:02:
8c:f5:ba:08:fd:47:58:bf:fc:8b:2a:54:81:b0:39:
19:cd:e4:b6:62:dc:16:01:74:9a:52:38:ae:b4:21:
55:e4:b7:27:45:e2:e0:71:f7:f1:5b:f2:82:84:88:
d6:90:76:74:29:3f:70:bb:3b:29:99:e8:6b:f1:ec:
29:aa:e7:c4:fa:65:59:65:39:72:29:e1:df:ec:bc:
45:ba:ca:aa:6e:23:3c:21:a3:38:52:e5:f6:a8:3e:
a9:17:4c:4c:d7:5b:db:33:bd:56:a1:b2:86:7e:e7:
08:37:75:2b:62:dc:13:5b:d7:97:0c:21:0f:dc:02:
2e:78:72:44:95:c1:24:31:1e:51:b8:da:77:98:e9:
25:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:FE:B0:06:09:DB:1B:99:65:29:D5:61:12:01:51:B3:CA:9E:4F:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2d9f3120-fab9-43aa-973f-4142925b1416.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
0c:9d:db:48:c6:fd:71:d2:6a:cf:d5:51:22:50:88:d6:48:ac:
49:eb:c7:90:10:41:ca:95:ee:d6:6d:69:f0:6e:7a:ca:26:8c:
b6:62:80:16:a0:0a:1b:41:ac:87:ed:70:61:9e:9e:19:f9:81:
a7:0b:e0:e6:9b:5c:89:c9:b2:1a:17:73:d0:89:18:55:4f:e4:
ca:f8:07:5a:a3:d0:8b:9f:0d:bd:fd:f8:00:03:e2:8a:8b:3a:
f6:e9:ca:28:89:04:46:0e:8a:49:44:a5:39:57:a7:f4:56:ec:
d2:64:47:23:c0:5c:e3:d9:5e:97:12:dd:0b:a1:a6:cb:6f:fa:
d3:b0:5d:91:8d:e8:1e:a0:b1:51:0d:77:1e:6b:60:f8:e6:69:
a0:16:fe:c7:5d:46:af:e7:a8:df:13:05:9d:5d:73:9c:7c:cc:
93:94:a5:e8:59:14:a5:7e:b6:9a:ef:98:f9:f3:25:46:db:02:
5f:c2:01:c7:ec:82:d7:59:6f:8d:89:fc:80:b2:bd:5f:18:b3:
19:22:38:fe:49:7c:41:65:c0:9b:2d:6f:63:18:ec:55:d5:70:
57:5a:0c:24:e9:29:28:72:dd:89:98:20:da:21:6a:ba:ba:93:
aa:21:20:f4:e6:be:56:81:56:72:ad:50:6b:55:80:fe:9d:e3:
79:b1:ab:d1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUb+d+lNFnVux0YPwWzy/sGFJSuG0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIwMTNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2NDJhZTliY2I2MjRmODFmMTc1OTRmOWJlNjY4OGY3NjM1NWY2NWEyNGFm
NzIzZDMzYjBmZTgyNmJkMTI4ZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIppdna3K5iCNOxWvlQPW0oWaUd2P3PIRHR7W4obOjtHlgOUZtqHyttuiUQ1
AhOZBk1V/eeV7KIplYA2FREGNg30iyFNkJPGzZL/LKnx1mnsvhgHUUmI6CDAG/I/
UMy+r7iYJLP5wkIjsZTYGkSqx00ThgnK4tgCjPW6CP1HWL/8iypUgbA5Gc3ktmLc
FgF0mlI4rrQhVeS3J0Xi4HH38VvygoSI1pB2dCk/cLs7KZnoa/HsKarnxPplWWU5
cinh3+y8RbrKqm4jPCGjOFLl9qg+qRdMTNdb2zO9VqGyhn7nCDd1K2LcE1vXlwwh
D9wCLnhyRJXBJDEeUbjad5jpJYUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTq/rAG
CdsbmWUp1WESAVGzyp5P2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmQ5ZjMxMjAtZmFiOS00M2FhLTk3M2YtNDE0MjkyNWIxNDE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAQ
wDANBgkqhkiG9w0BAQsFAAOCAQEADJ3bSMb9cdJqz9VRIlCI1kisSevHkBBBypXu
1m1p8G56yiaMtmKAFqAKG0Gsh+1wYZ6eGfmBpwvg5ptcicmyGhdz0IkYVU/kyvgH
WqPQi58Nvf34AAPiios69unKKIkERg6KSUSlOVen9Fbs0mRHI8Bc49lelxLdC6Gm
y2/607BdkY3oHqCxUQ13Hmtg+OZpoBb+x11Gr+eo3xMFnV1znHzMk5Sl6FkUpX62
mu+Y+fMlRtsCX8IBx+yC11lvjYn8gLK9XxizGSI4/kl8QWXAmy1vYxjsVdVwV1oM
JOkpKHLdiZgg2iFqurqTqiEg9Oa+VoFWcq1Qa1WA/p3jebGr0Q==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:31 2025 by rpki-client