Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
File: 2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa (raw, json)
Hash identifier: xlim9/c0N/QgKwJJ8v7tGyyg9iDh4Su/uOTSZCJRV0k=
Subject key identifier: 16:EB:03:02:87:51:1C:EF:23:64:9E:1A:B6:AD:51:56:BE:70:F6:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50BA1E444E821EE8B31E3671C2112169302E02DC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
Signing time: Mon 01 Sep 2025 20:30:52 +0000
ROA not before: Mon 01 Sep 2025 20:30:52 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:ba:1e:44:4e:82:1e:e8:b3:1e:36:71:c2:11:21:69:30:2e:02:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:52 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=02b8eecafff053ce2606f6bb16dbd884862f587ff921ee1372f2938fa943e69a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:42:64:c6:86:01:7c:06:4d:89:47:32:2c:46:
9e:f2:0d:b4:f0:6a:26:f5:d8:3a:64:d9:40:00:33:
09:18:70:67:c9:76:78:12:b2:e3:68:d0:8b:a6:83:
04:9d:2d:a2:c6:81:3a:28:3e:83:5d:7c:31:e8:ee:
bc:dd:ec:12:63:4d:ea:c1:da:fe:f7:f6:d7:00:1f:
d0:d7:cf:57:45:bd:8a:8c:90:6b:15:82:ab:61:b7:
9c:e8:20:5a:e8:49:ac:e3:81:9e:cf:fb:53:66:c5:
99:49:0c:1a:e2:bb:b8:52:80:70:f0:43:01:54:4c:
0a:76:29:e7:ca:23:1e:f0:8b:e2:65:8d:e9:58:4e:
93:d0:d3:55:51:92:47:92:9f:62:0b:ff:42:ca:6f:
59:0c:37:9f:02:d4:94:57:6b:f0:c2:7e:69:e3:f1:
91:82:e1:33:fc:50:4d:b9:a5:21:c3:57:98:19:a2:
2a:5b:3e:60:05:9c:8a:c8:b7:4a:fc:2a:68:d8:aa:
77:0c:cf:15:0e:fd:09:b6:eb:4d:12:c7:1c:ec:a7:
01:4b:f1:a7:85:b8:56:9e:54:58:ab:a7:61:a4:35:
53:55:80:7f:5b:31:52:e1:99:cb:a7:75:47:56:47:
df:f4:2d:66:d2:c9:73:cf:c5:cc:1d:19:0e:ae:94:
e3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:EB:03:02:87:51:1C:EF:23:64:9E:1A:B6:AD:51:56:BE:70:F6:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:a000::/40
Signature Algorithm: sha256WithRSAEncryption
15:d0:10:b0:23:42:c2:3f:6a:7e:67:a7:bd:84:6c:c0:40:0d:
e7:82:1b:8c:ce:b8:c9:eb:d2:70:6b:a5:36:72:14:32:7d:43:
40:bd:82:40:2b:b8:19:03:19:14:fc:80:ad:de:4f:a7:a8:17:
19:d3:6b:32:44:5c:df:89:41:b5:fd:ed:4a:9e:29:f5:10:54:
ba:7b:29:43:d0:82:99:2b:89:d9:cc:2a:4d:5a:03:76:ec:02:
3e:25:c5:47:b2:92:d0:8f:52:15:77:49:5c:af:26:76:d5:1c:
ee:74:24:da:1b:78:49:f1:43:00:4c:36:9a:9a:60:36:a2:bb:
fa:db:29:47:cd:c2:bd:9b:52:21:c5:98:7c:38:d0:9b:69:be:
ce:66:cb:80:a6:0e:52:55:e9:75:e3:80:eb:94:e8:f9:2d:27:
5d:e8:1c:8e:9d:94:55:05:e2:48:1a:ed:51:9f:eb:71:1f:ab:
12:5f:98:3a:22:e9:85:c0:13:34:fe:1c:44:8c:eb:79:bc:5f:
ad:e1:8a:e3:53:41:16:6b:fd:ac:88:83:fb:5e:61:d3:ae:2d:
b2:f5:f5:73:05:38:f6:e5:6c:78:fa:b8:3d:1b:2d:0d:04:de:
7f:88:21:88:30:fc:98:d8:be:aa:5e:68:51:b9:77:44:38:1c:
6c:a6:5f:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUULoeRE6CHuizHjZxwhEhaTAuAtwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwNTJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyYjhlZWNhZmZmMDUzY2UyNjA2ZjZiYjE2ZGJkODg0ODYyZjU4N2ZmOTIx
ZWUxMzcyZjI5MzhmYTk0M2U2OWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVCZMaGAXwGTYlHMixGnvINtPBqJvXYOmTZQAAzCRhwZ8l2eBKy42jQi6aD
BJ0tosaBOig+g118MejuvN3sEmNN6sHa/vf21wAf0NfPV0W9ioyQaxWCq2G3nOgg
WuhJrOOBns/7U2bFmUkMGuK7uFKAcPBDAVRMCnYp58ojHvCL4mWN6VhOk9DTVVGS
R5KfYgv/QspvWQw3nwLUlFdr8MJ+aePxkYLhM/xQTbmlIcNXmBmiKls+YAWcisi3
SvwqaNiqdwzPFQ79CbbrTRLHHOynAUvxp4W4Vp5UWKunYaQ1U1WAf1sxUuGZy6d1
R1ZH3/QtZtLJc8/FzB0ZDq6U4xcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQW6wMC
h1Ec7yNknhq2rVFWvnD2YzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRjN2I1NjQtYzNlMS00OWVmLWE3OGMtZjM2ZjQxMzliNDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hig
MA0GCSqGSIb3DQEBCwUAA4IBAQAV0BCwI0LCP2p+Z6e9hGzAQA3nghuMzrjJ69Jw
a6U2chQyfUNAvYJAK7gZAxkU/ICt3k+nqBcZ02syRFzfiUG1/e1Knin1EFS6eylD
0IKZK4nZzCpNWgN27AI+JcVHspLQj1IVd0lcryZ21RzudCTaG3hJ8UMATDaammA2
orv62ylHzcK9m1IhxZh8ONCbab7OZsuApg5SVel144DrlOj5LSdd6ByOnZRVBeJI
Gu1Rn+txH6sSX5g6IumFwBM0/hxEjOt5vF+t4YrjU0EWa/2siIP7XmHTri2y9fVz
BTj25Wx4+rg9Gy0NBN5/iCGIMPyY2L6qXmhRuXdEOBxspl+s
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:09 2025 by rpki-client