Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e49a1a2-dc4c-40c4-9c7e-f41c937ffb61.roa
File: 2e49a1a2-dc4c-40c4-9c7e-f41c937ffb61.roa (raw, json)
Hash identifier: Pn6W9UygjhblK2IhtSY3Rjg0+FwDyjexsS0KFvpra0s=
Subject key identifier: 22:37:9E:EE:F8:90:DC:D3:3D:13:4D:77:CA:3E:A6:F5:26:A4:D8:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20FE2F9CC2CED0FCAA36B8D94D7711550DFDAA77
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e49a1a2-dc4c-40c4-9c7e-f41c937ffb61.roa
Signing time: Thu 04 Sep 2025 19:52:08 +0000
ROA not before: Thu 04 Sep 2025 19:52:08 +0000
ROA not after: Thu 09 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06d:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:fe:2f:9c:c2:ce:d0:fc:aa:36:b8:d9:4d:77:11:55:0d:fd:aa:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 4 19:52:08 2025 GMT
Not After : Oct 9 23:59:59 2025 GMT
Subject: serialNumber=aec7c0e6717a3b909469d1cdedd927277734b927a4e9a8a167d036482eeeea77, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:7d:ba:af:26:8d:bd:2c:fd:a5:99:fc:a9:05:
29:7f:4a:a7:cd:57:1c:21:57:ef:87:57:7d:79:3b:
c2:9b:6d:a3:b3:7b:88:48:58:d5:69:12:12:05:06:
1c:64:27:7e:6f:62:16:f8:7a:da:ce:41:50:f7:dc:
83:4f:8e:78:05:be:9b:6e:f3:fc:c4:c2:3d:a6:42:
1b:6e:3a:e8:54:fa:06:81:3a:94:b2:ba:f7:0b:6e:
8e:47:ed:17:db:24:f2:1e:1f:47:b9:87:7c:e8:e5:
36:ac:87:2f:b9:72:cb:f8:26:f8:6a:11:71:fa:b3:
2a:08:3b:f6:5e:79:51:08:d1:a1:f2:e1:d2:e7:ca:
fe:42:3e:0e:5b:fa:47:50:80:f0:ff:9d:8b:6e:a6:
5f:58:88:88:55:b7:88:2e:6e:46:50:73:5d:6e:5d:
32:8d:97:5c:e5:e1:ce:2c:84:13:fc:62:58:cc:f1:
67:c4:48:e4:df:bc:b7:33:93:94:b2:83:0a:04:cc:
96:70:4f:94:a1:71:1d:40:d5:db:0d:ad:e1:75:be:
bb:d6:64:c1:be:6a:90:ad:43:5a:93:65:a8:63:00:
ed:fc:e0:8c:c1:fa:2c:82:01:fb:38:5f:ae:75:40:
32:9a:d6:14:17:4d:28:03:30:55:3e:3d:a0:ec:04:
f0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:37:9E:EE:F8:90:DC:D3:3D:13:4D:77:CA:3E:A6:F5:26:A4:D8:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e49a1a2-dc4c-40c4-9c7e-f41c937ffb61.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6040::/48
Signature Algorithm: sha256WithRSAEncryption
96:b8:5e:9d:fc:52:80:a9:a6:25:a3:d4:b0:7f:f0:64:e4:a1:
20:9b:a3:9a:dc:db:1c:92:98:d5:d6:ec:e2:f1:cc:37:0b:ba:
bd:d6:dd:84:f8:3a:60:e7:9e:fa:fd:8f:4a:63:46:bc:83:e6:
21:b8:4d:7b:dc:3f:7b:7a:1c:a7:d9:1b:88:4a:83:35:7a:cd:
e1:b1:16:ca:aa:93:29:1c:27:30:27:a7:35:35:5e:8b:cc:b0:
7d:1d:cf:80:9a:11:a2:37:f5:fa:a1:24:bb:76:ac:e0:e7:3d:
d7:fd:5a:67:1d:e3:c2:7f:50:9b:6d:5c:b9:a9:37:1f:a3:93:
bd:e8:c2:1e:7e:cd:8f:f9:c6:73:9a:31:93:6b:cf:fc:8f:86:
1f:e0:23:bf:8e:06:c7:34:7e:49:6f:13:b1:93:4c:17:9b:06:
8c:8e:9f:6d:10:5a:13:59:4b:e0:ca:01:6d:ae:73:bb:5b:9b:
c8:93:f1:33:a4:74:94:36:80:c0:d7:6e:7c:ed:fd:fc:e0:c3:
1d:b2:f9:40:d0:bf:05:eb:be:23:f5:b2:82:41:97:5c:d8:e8:
0e:74:07:e1:0a:65:67:27:b8:b5:e2:43:e0:00:9a:71:75:58:
c9:29:e6:fa:3d:9e:88:ad:cd:05:be:5a:d6:af:99:e9:99:0a:
88:99:87:a5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIP4vnMLO0PyqNrjZTXcRVQ39qncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDQxOTUyMDhaFw0yNTEwMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlYzdjMGU2NzE3YTNiOTA5NDY5ZDFjZGVkZDkyNzI3NzczNGI5MjdhNGU5
YThhMTY3ZDAzNjQ4MmVlZWVhNzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO59uq8mjb0s/aWZ/KkFKX9Kp81XHCFX74dXfXk7wptto7N7iEhY1WkSEgUG
HGQnfm9iFvh62s5BUPfcg0+OeAW+m27z/MTCPaZCG2466FT6BoE6lLK69wtujkft
F9sk8h4fR7mHfOjlNqyHL7lyy/gm+GoRcfqzKgg79l55UQjRofLh0ufK/kI+Dlv6
R1CA8P+di26mX1iIiFW3iC5uRlBzXW5dMo2XXOXhziyEE/xiWMzxZ8RI5N+8tzOT
lLKDCgTMlnBPlKFxHUDV2w2t4XW+u9Zkwb5qkK1DWpNlqGMA7fzgjMH6LIIB+zhf
rnVAMprWFBdNKAMwVT49oOwE8M0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQiN57u
+JDc0z0TTXfKPqb1JqTYOTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmU0OWExYTItZGM0Yy00MGM0LTljN2UtZjQxYzkzN2ZmYjYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G1g
QDANBgkqhkiG9w0BAQsFAAOCAQEAlrhenfxSgKmmJaPUsH/wZOShIJujmtzbHJKY
1dbs4vHMNwu6vdbdhPg6YOee+v2PSmNGvIPmIbhNe9w/e3ocp9kbiEqDNXrN4bEW
yqqTKRwnMCenNTVei8ywfR3PgJoRojf1+qEku3as4Oc91/1aZx3jwn9Qm21cuak3
H6OTvejCHn7Nj/nGc5oxk2vP/I+GH+Ajv44GxzR+SW8TsZNMF5sGjI6fbRBaE1lL
4MoBba5zu1ubyJPxM6R0lDaAwNdufO39/ODDHbL5QNC/Beu+I/WygkGXXNjoDnQH
4QplZye4teJD4ACacXVYySnm+j2eiK3NBb5a1q+Z6ZkKiJmHpQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:06 2025 by rpki-client