Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
File: 304afa07-08cf-4abd-b55e-949deeea1591.roa (raw, json)
Hash identifier: nP8CH7zOqVzePFuhRhSpRzyIQULBl59ckgGc/UdTOcQ=
Subject key identifier: 09:25:F5:85:2A:DE:F9:BF:03:5D:1E:F9:34:AF:A5:D1:20:AC:BA:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D52712E49BC6E9CDB350E2938CCD1968274A043
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
Signing time: Mon 25 Aug 2025 19:00:12 +0000
ROA not before: Mon 25 Aug 2025 19:00:12 +0000
ROA not after: Mon 29 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:52:71:2e:49:bc:6e:9c:db:35:0e:29:38:cc:d1:96:82:74:a0:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 25 19:00:12 2025 GMT
Not After : Sep 29 23:59:59 2025 GMT
Subject: serialNumber=6ce97c958bbf1a954a9b60603827545c2073be56f733660d66cec8a5a39e4f36, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:97:2c:c1:c5:a3:9b:ee:f3:43:b4:05:0a:a4:
aa:e7:3d:f4:60:36:f5:b2:72:32:54:b0:ee:0a:2e:
2a:a0:56:49:64:70:4e:c6:53:6b:d2:4c:dc:c5:2c:
40:63:ad:f9:f0:6a:79:53:95:6c:ca:d7:95:fb:d7:
15:e0:d2:34:bd:96:f4:99:a2:bf:42:e0:31:81:7a:
d9:63:1f:f4:23:6e:88:76:44:dc:ec:26:03:df:9c:
32:c2:84:3b:66:ad:7a:5e:45:82:d2:07:2d:d6:c6:
ab:c3:ae:17:52:92:13:d9:6e:a1:64:ee:ad:d6:7e:
be:b1:19:58:9a:eb:97:0c:29:5f:c9:b8:4d:90:4d:
1d:d5:77:8f:9b:a1:db:33:ba:92:40:b6:01:9c:94:
46:ef:fe:69:6a:27:f4:ee:0c:d5:07:fb:73:67:09:
bd:46:c6:95:49:28:2b:b5:6c:99:6c:47:90:c9:3a:
f9:56:99:3f:57:59:87:bc:9e:6a:48:20:f7:c6:a0:
1b:9d:d8:c7:a7:02:40:87:db:fa:d4:79:8a:d7:4b:
f1:28:a1:b1:d7:6d:50:54:9d:42:a3:62:13:80:b5:
02:de:33:b4:de:ef:55:1e:58:eb:5a:e3:10:1e:12:
13:43:ec:e1:8f:4c:c0:e9:02:c1:2a:af:18:f7:11:
b0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:25:F5:85:2A:DE:F9:BF:03:5D:1E:F9:34:AF:A5:D1:20:AC:BA:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:5000::/40
Signature Algorithm: sha256WithRSAEncryption
b7:57:59:0a:b7:4c:37:ab:28:d9:00:fb:9e:28:af:ad:5f:37:
1c:0b:ab:90:48:dc:9f:27:ab:df:40:91:f4:01:18:e8:ef:cd:
b3:53:b2:22:f2:b8:d8:eb:42:2c:bc:69:83:69:0c:07:13:17:
99:63:c7:a7:cf:ba:f3:fb:4b:02:b9:b8:e9:37:f0:e2:12:2e:
a3:3a:0b:38:bf:5b:1b:ea:04:35:48:42:84:b3:3a:e2:0d:26:
de:03:11:26:6c:e9:af:02:df:e9:d8:52:85:37:7b:b9:79:de:
aa:c3:fa:9e:0c:79:45:7a:16:12:ad:ab:74:51:71:83:28:f5:
51:3a:c6:ea:0d:7a:c3:32:25:2b:84:6d:3e:a8:d1:35:39:db:
83:ea:98:72:97:1f:3c:08:04:dd:b4:31:d1:72:35:41:0b:bb:
fa:ad:08:68:e6:d1:8f:d6:e5:c5:d6:9f:95:f8:03:cc:7e:c1:
f3:16:4b:61:4b:da:2b:45:54:bc:18:09:1e:5f:c4:17:d5:1e:
69:7f:1c:73:ae:3f:0e:3c:61:57:68:2b:f9:fb:32:94:7b:85:
e9:a5:df:86:65:7f:9f:46:ff:29:9d:1e:a1:a2:c4:15:d3:d7:
cb:67:aa:4a:7f:66:65:14:cb:30:cf:bc:fb:d6:25:10:db:bc:
f8:ee:69:e2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDVJxLkm8bpzbNQ4pOMzRloJ0oEMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjUxOTAwMTJaFw0yNTA5MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjZTk3Yzk1OGJiZjFhOTU0YTliNjA2MDM4Mjc1NDVjMjA3M2JlNTZmNzMz
NjYwZDY2Y2VjOGE1YTM5ZTRmMzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaXLMHFo5vu80O0BQqkquc99GA29bJyMlSw7gouKqBWSWRwTsZTa9JM3MUs
QGOt+fBqeVOVbMrXlfvXFeDSNL2W9Jmiv0LgMYF62WMf9CNuiHZE3OwmA9+cMsKE
O2atel5FgtIHLdbGq8OuF1KSE9luoWTurdZ+vrEZWJrrlwwpX8m4TZBNHdV3j5uh
2zO6kkC2AZyURu/+aWon9O4M1Qf7c2cJvUbGlUkoK7VsmWxHkMk6+VaZP1dZh7ye
akgg98agG53Yx6cCQIfb+tR5itdL8SihsddtUFSdQqNiE4C1At4ztN7vVR5Y61rj
EB4SE0Ps4Y9MwOkCwSqvGPcRsP0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQJJfWF
Kt75vwNdHvk0r6XRIKy6DzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzA0YWZhMDctMDhjZi00YWJkLWI1NWUtOTQ5ZGVlZWExNTkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC3V1kKt0w3qyjZAPueKK+tXzccC6uQSNyfJ6vf
QJH0ARjo782zU7Ii8rjY60IsvGmDaQwHExeZY8enz7rz+0sCubjpN/DiEi6jOgs4
v1sb6gQ1SEKEszriDSbeAxEmbOmvAt/p2FKFN3u5ed6qw/qeDHlFehYSrat0UXGD
KPVROsbqDXrDMiUrhG0+qNE1OduD6phylx88CATdtDHRcjVBC7v6rQho5tGP1uXF
1p+V+APMfsHzFkthS9orRVS8GAkeX8QX1R5pfxxzrj8OPGFXaCv5+zKUe4Xppd+G
ZX+fRv8pnR6hosQV09fLZ6pKf2ZlFMswz7z71iUQ27z47mni
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:02 2025 by rpki-client