Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
File: 2f449809-abd8-4202-adc3-ce8dd1767b62.roa (raw, json)
Hash identifier: dM70DLZqM27hxI3oK6vJuVKhv15I7IeBIWXNvxAeBBc=
Subject key identifier: 7B:AB:91:AF:05:7C:81:6C:7D:EF:76:43:15:CD:5F:D4:F9:1E:3F:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35131624DF940439812EF139696F9C72F68CF1F4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
Signing time: Mon 01 Sep 2025 21:00:17 +0000
ROA not before: Mon 01 Sep 2025 21:00:17 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:13:16:24:df:94:04:39:81:2e:f1:39:69:6f:9c:72:f6:8c:f1:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:00:17 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=76a54a6bfe129ef22329311c657254779a034c76aa81fb86bf00ab4d1c0a0a2c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c0:a5:ba:7f:e5:60:48:47:65:7e:97:90:7a:
e1:97:8f:07:b6:5a:38:43:fd:51:1a:29:91:75:43:
f5:10:40:8d:41:0d:fb:41:6a:23:4e:9b:03:2a:eb:
fc:73:67:31:7e:94:7e:5c:f6:6d:e6:23:9f:65:54:
df:32:6e:bc:65:80:1e:e6:32:3b:0d:1e:40:41:94:
34:bc:c8:d4:9a:15:ab:26:d7:17:fe:95:5d:c2:23:
b1:0e:ae:e6:6a:0f:ac:0b:f5:38:7a:e4:1a:9c:df:
f5:1c:cc:f8:33:6b:75:41:c0:1f:1c:1c:97:39:ef:
bb:58:97:79:74:2f:89:23:b7:69:b2:54:65:c9:96:
21:54:bb:ba:d9:7c:b4:6d:f5:53:a4:50:88:4f:6c:
a7:45:a8:50:a0:a8:e6:44:08:91:c9:c7:32:72:c8:
33:9e:bb:e1:4a:61:cc:ed:26:36:33:9e:e0:37:64:
3f:39:a7:72:8c:f3:aa:67:ee:e9:6e:47:2b:ce:02:
44:e3:85:e4:35:21:b1:05:47:f4:46:51:71:be:ef:
90:d3:01:37:d0:db:8c:8a:81:5c:2b:a0:74:d5:83:
dd:c9:bd:2f:4d:fa:bd:64:ca:51:0f:f5:be:1c:ea:
3c:da:bf:6b:5e:7b:7c:c8:a8:56:1c:fb:31:42:fd:
6c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:AB:91:AF:05:7C:81:6C:7D:EF:76:43:15:CD:5F:D4:F9:1E:3F:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:5000::/40
Signature Algorithm: sha256WithRSAEncryption
1b:7c:2c:d8:00:a1:67:a1:cc:79:13:54:c3:11:dc:7f:07:e4:
94:f4:e9:74:f7:f9:e5:ea:f6:f8:07:04:5b:95:61:ca:89:c6:
5e:65:d4:6f:d3:ee:34:77:82:7c:9f:ed:08:29:22:7c:87:1d:
d9:90:8c:98:97:84:4c:58:b1:79:9c:97:09:88:35:33:f3:09:
52:02:8f:96:17:50:51:1f:41:4a:91:f1:42:81:4b:46:02:0a:
03:60:5c:9f:88:4b:3f:58:78:7b:cb:df:ad:23:88:52:48:d7:
16:15:dd:e8:16:49:97:d3:b6:a9:02:a1:98:cb:93:67:78:31:
42:ad:67:aa:94:85:87:ba:76:7b:15:ca:1f:4d:e6:15:c3:59:
d4:97:78:48:68:85:32:17:6f:fd:ca:18:e7:0b:42:7c:c9:a3:
c0:1b:47:24:e7:74:c6:26:0e:73:1e:90:4b:91:e3:6d:3e:5f:
15:c5:60:02:94:64:6d:7c:6f:60:fc:7c:8f:7f:91:22:ba:e2:
17:4a:e1:38:e7:f5:5f:2e:f9:61:df:7d:aa:be:f7:30:a0:b7:
17:33:d6:b3:d4:1b:d5:e0:b0:cc:ad:df:5a:97:7f:26:77:ef:
8a:94:c0:1d:a4:ef:59:25:01:c0:96:e6:fd:a3:2a:1c:59:21:
33:78:ab:96
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNRMWJN+UBDmBLvE5aW+ccvaM8fQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAwMTdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2YTU0YTZiZmUxMjllZjIyMzI5MzExYzY1NzI1NDc3OWEwMzRjNzZhYTgx
ZmI4NmJmMDBhYjRkMWMwYTBhMmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJfApbp/5WBIR2V+l5B64ZePB7ZaOEP9URopkXVD9RBAjUEN+0FqI06bAyrr
/HNnMX6Uflz2beYjn2VU3zJuvGWAHuYyOw0eQEGUNLzI1JoVqybXF/6VXcIjsQ6u
5moPrAv1OHrkGpzf9RzM+DNrdUHAHxwclznvu1iXeXQviSO3abJUZcmWIVS7utl8
tG31U6RQiE9sp0WoUKCo5kQIkcnHMnLIM5674UphzO0mNjOe4DdkPzmncozzqmfu
6W5HK84CROOF5DUhsQVH9EZRcb7vkNMBN9DbjIqBXCugdNWD3cm9L036vWTKUQ/1
vhzqPNq/a157fMioVhz7MUL9bNcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR7q5Gv
BXyBbH3vdkMVzV/U+R4/PTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmY0NDk4MDktYWJkOC00MjAyLWFkYzMtY2U4ZGQxNzY3YjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAbfCzYAKFnocx5E1TDEdx/B+SU9Ol09/nl6vb4
BwRblWHKicZeZdRv0+40d4J8n+0IKSJ8hx3ZkIyYl4RMWLF5nJcJiDUz8wlSAo+W
F1BRH0FKkfFCgUtGAgoDYFyfiEs/WHh7y9+tI4hSSNcWFd3oFkmX07apAqGYy5Nn
eDFCrWeqlIWHunZ7FcofTeYVw1nUl3hIaIUyF2/9yhjnC0J8yaPAG0ck53TGJg5z
HpBLkeNtPl8VxWAClGRtfG9g/HyPf5EiuuIXSuE45/VfLvlh332qvvcwoLcXM9az
1BvV4LDMrd9al38md++KlMAdpO9ZJQHAlub9oyocWSEzeKuW
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:19 2025 by rpki-client