Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa
File: 31246558-533e-42f5-8c90-dc91729aa7fa.roa (raw, json)
Hash identifier: lDiP0/sZdWtCnFiu3MQLPumDEZhr/TEjjWFmblnzKMk=
Subject key identifier: 8B:C2:06:7C:58:D6:E6:B4:4D:4A:05:B9:01:3F:EE:28:77:F3:64:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 114164F10B5E951974CE7703AFB3309CE77610B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa
Signing time: Mon 01 Sep 2025 20:31:12 +0000
ROA not before: Mon 01 Sep 2025 20:31:12 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:41:64:f1:0b:5e:95:19:74:ce:77:03:af:b3:30:9c:e7:76:10:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:31:12 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=601444ed1f7f54018cc0be513f2d338e45ad31d2c0e66907be6a81a370b9d6ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:91:d1:9f:d4:a3:b7:07:fd:29:97:fd:7b:9b:
dd:1b:2c:6e:bd:a0:27:d9:0f:58:61:60:a4:35:f6:
ba:b0:11:a7:fe:92:f0:12:a4:88:27:2b:e7:d1:64:
72:31:31:35:28:a9:79:35:cf:49:9c:a2:08:a1:f5:
31:97:ca:74:7b:7e:44:e4:e1:1a:5d:16:41:92:75:
03:37:56:45:76:8a:e4:d6:a9:43:f2:63:c9:2a:df:
5a:89:b1:42:29:36:8d:31:84:ca:ea:0f:b6:8e:6e:
d4:1d:de:2a:01:c9:ec:40:08:1b:e4:c9:5c:49:77:
57:65:e4:16:9c:f3:4b:17:6a:57:c8:5f:2c:59:7d:
78:e8:17:a9:b1:9d:f3:84:96:a3:4f:ab:56:6c:f4:
57:13:00:8d:80:09:e5:c2:3c:5d:3f:75:61:fa:03:
a6:3d:ee:56:a8:5b:34:81:6e:85:54:28:5f:67:2b:
d3:32:aa:85:fe:dd:7e:2e:3e:85:24:d1:35:51:1a:
10:12:70:ca:08:78:c0:22:79:72:0e:33:0f:24:61:
82:17:66:9e:3d:49:77:b3:59:54:01:66:2a:17:a9:
a1:14:36:89:9b:58:a5:f5:ee:0e:da:47:73:2c:73:
a1:44:52:16:59:8d:53:ac:0c:61:4d:e0:f6:d1:b9:
6a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:C2:06:7C:58:D6:E6:B4:4D:4A:05:B9:01:3F:EE:28:77:F3:64:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/31246558-533e-42f5-8c90-dc91729aa7fa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:1000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:32:3b:d1:ab:6b:cf:ff:5a:d2:d8:a5:1a:a7:a2:3a:fb:0e:
3f:34:dc:0a:7e:91:b7:b1:bf:d4:ca:89:e6:54:8c:88:ba:05:
2c:a2:6d:bf:e7:6b:9d:1b:8b:6f:7e:2f:1a:ed:e8:44:2e:55:
86:25:dd:e6:f7:d4:2c:44:29:8e:5f:f5:db:b2:3a:17:51:5c:
4f:3a:d3:05:35:48:c7:42:d0:cb:55:cc:58:b1:8a:23:d6:d4:
0b:cd:e4:29:fc:46:d3:e0:34:3c:b8:a5:5b:0f:a0:1f:dc:b6:
92:ed:4a:3d:8e:8d:45:d5:fe:41:0a:3f:ab:14:07:77:f2:ca:
f0:81:9c:08:25:af:c0:1d:77:00:f6:c5:68:8d:1f:b4:1d:a7:
58:a0:d9:b0:cf:75:76:c7:b0:f5:d1:64:d5:fc:5a:2e:63:3c:
27:58:b9:3f:92:5b:c3:98:13:b8:c8:b3:55:7e:11:c8:9e:93:
fc:f0:51:75:91:95:73:cf:cd:10:4d:38:12:37:a8:ac:b9:cd:
f6:97:a0:4e:f4:ea:56:6e:3c:46:7b:38:b0:30:27:e8:5c:9d:
eb:de:70:78:a8:11:93:c1:f4:3b:03:3d:d1:8b:01:3b:63:0b:
24:a5:ef:66:41:93:db:0a:7d:a8:ee:dd:8c:8b:4e:41:82:58:
53:64:fa:0c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEUFk8QtelRl0zncDr7MwnOd2ELYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMxMTJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwMTQ0NGVkMWY3ZjU0MDE4Y2MwYmU1MTNmMmQzMzhlNDVhZDMxZDJjMGU2
NjkwN2JlNmE4MWEzNzBiOWQ2ZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJKR0Z/Uo7cH/SmX/Xub3Rssbr2gJ9kPWGFgpDX2urARp/6S8BKkiCcr59Fk
cjExNSipeTXPSZyiCKH1MZfKdHt+ROThGl0WQZJ1AzdWRXaK5NapQ/JjySrfWomx
Qik2jTGEyuoPto5u1B3eKgHJ7EAIG+TJXEl3V2XkFpzzSxdqV8hfLFl9eOgXqbGd
84SWo0+rVmz0VxMAjYAJ5cI8XT91YfoDpj3uVqhbNIFuhVQoX2cr0zKqhf7dfi4+
hSTRNVEaEBJwygh4wCJ5cg4zDyRhghdmnj1Jd7NZVAFmKhepoRQ2iZtYpfXuDtpH
cyxzoURSFlmNU6wMYU3g9tG5amECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSLwgZ8
WNbmtE1KBbkBP+4od/NkmzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzEyNDY1NTgtNTMzZS00MmY1LThjOTAtZGM5MTcyOWFhN2ZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G0Q
MA0GCSqGSIb3DQEBCwUAA4IBAQDBMjvRq2vP/1rS2KUap6I6+w4/NNwKfpG3sb/U
yonmVIyIugUsom2/52udG4tvfi8a7ehELlWGJd3m99QsRCmOX/XbsjoXUVxPOtMF
NUjHQtDLVcxYsYoj1tQLzeQp/EbT4DQ8uKVbD6Af3LaS7Uo9jo1F1f5BCj+rFAd3
8srwgZwIJa/AHXcA9sVojR+0HadYoNmwz3V2x7D10WTV/FouYzwnWLk/klvDmBO4
yLNVfhHInpP88FF1kZVzz80QTTgSN6isuc32l6BO9OpWbjxGeziwMCfoXJ3r3nB4
qBGTwfQ7Az3RiwE7Ywskpe9mQZPbCn2o7t2Mi05BglhTZPoM
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:52 2025 by rpki-client