Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
File: 35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa (raw, json)
Hash identifier: CYAAjXl/l9FHCegaKXcTmbKu543Z5Ua9EhG+xG8jNw4=
Subject key identifier: 6B:1B:D1:38:6C:0C:DF:C6:5A:97:3C:36:18:FD:F7:3B:E2:DC:5F:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F626DC51273FEFB57BBF9FC55F57BDD2FCDF057
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
Signing time: Mon 01 Sep 2025 21:10:41 +0000
ROA not before: Mon 01 Sep 2025 21:10:41 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:62:6d:c5:12:73:fe:fb:57:bb:f9:fc:55:f5:7b:dd:2f:cd:f0:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:10:41 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=c4ac1b828779829140821c14a8c5779e482f76858dfb1e140647caa6d5e675c6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c9:a9:00:b8:9e:e3:fc:ee:b2:f1:93:f6:1c:
be:3d:80:6b:43:9f:82:ee:1b:db:62:d3:5b:58:08:
ce:68:1c:96:cd:db:f9:eb:17:80:a3:13:46:44:b9:
45:f5:05:5a:cd:16:d0:f5:86:5d:9d:dc:d9:31:f8:
95:e0:95:49:2a:50:8f:9f:42:1d:86:b5:ef:be:34:
f9:5c:35:51:bc:83:5e:d4:b7:4e:93:16:49:64:c6:
5d:15:d1:8b:38:9b:32:0c:38:e0:f9:28:e4:e4:5d:
2c:22:c3:bc:85:0a:11:af:01:82:8b:a7:f5:46:f5:
fc:23:4c:43:21:60:42:f0:67:46:a5:96:2c:82:1c:
c4:b5:95:7b:2f:1b:b4:f7:77:30:59:84:76:dc:c3:
8b:72:22:2e:cc:1f:c8:12:c3:2a:2b:13:45:39:91:
a3:53:d7:c9:23:9b:0d:6d:b9:0b:6f:f6:fb:3a:1a:
c1:53:2c:47:b5:dc:98:00:b8:aa:2f:06:22:5d:1c:
20:5f:bf:d6:70:8b:79:18:8e:16:f9:b6:fa:9b:cd:
63:a0:c8:9d:33:1c:f0:77:4d:85:14:18:5e:28:71:
f4:90:9a:c2:34:a0:c6:1b:9c:f8:36:b0:f2:85:e1:
c8:fd:8c:23:4b:d9:15:4e:05:7b:a8:dc:eb:0a:a0:
d3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:1B:D1:38:6C:0C:DF:C6:5A:97:3C:36:18:FD:F7:3B:E2:DC:5F:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019::/38
Signature Algorithm: sha256WithRSAEncryption
1b:cf:2c:ec:94:59:77:f0:bc:9b:87:10:61:8b:6c:3f:e7:be:
a4:98:ad:90:57:da:b8:ec:86:ce:fc:c4:59:52:4c:30:e0:73:
50:e5:94:4b:61:6b:9b:4e:0a:be:78:52:3f:02:f6:a6:ac:80:
ac:8b:0e:58:4c:37:d0:bf:ef:c2:1d:bf:61:f5:80:bc:c5:77:
35:08:0d:a6:16:28:bc:47:cd:7e:5e:ac:1b:22:4e:25:05:b8:
03:df:81:50:62:ba:e0:85:63:4c:5c:9b:51:28:8c:5e:32:ae:
eb:01:88:48:ea:a8:c9:54:c3:8f:24:2c:89:cf:d8:41:04:fa:
0e:62:e8:72:39:86:13:3c:4d:61:83:e4:02:1f:92:b3:9b:a4:
1b:44:94:73:5a:d6:20:70:68:e3:ac:ef:a0:1f:cb:8f:b9:50:
bc:35:7d:9d:75:ed:c3:50:07:cc:f3:5c:47:0d:d6:e3:ff:b4:
5f:38:c0:ce:c8:61:2d:39:c7:b0:a0:40:2b:b0:2b:5c:dd:8f:
69:61:bc:d2:ea:0c:4e:54:1f:da:b3:cd:5c:ec:84:1d:4b:43:
83:ac:01:7c:2b:41:7d:e2:82:7d:2e:a8:a1:f4:75:d1:d4:03:
10:2e:d7:14:83:8e:8b:89:de:1e:c0:2d:1f:fc:b8:96:d6:72:
d3:48:2b:d5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD2JtxRJz/vtXu/n8VfV73S/N8FcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTEwNDFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0YWMxYjgyODc3OTgyOTE0MDgyMWMxNGE4YzU3NzllNDgyZjc2ODU4ZGZi
MWUxNDA2NDdjYWE2ZDVlNjc1YzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7JqQC4nuP87rLxk/Ycvj2Aa0Ofgu4b22LTW1gIzmgcls3b+esXgKMTRkS5
RfUFWs0W0PWGXZ3c2TH4leCVSSpQj59CHYa17740+Vw1UbyDXtS3TpMWSWTGXRXR
izibMgw44Pko5ORdLCLDvIUKEa8Bgoun9Ub1/CNMQyFgQvBnRqWWLIIcxLWVey8b
tPd3MFmEdtzDi3IiLswfyBLDKisTRTmRo1PXySObDW25C2/2+zoawVMsR7XcmAC4
qi8GIl0cIF+/1nCLeRiOFvm2+pvNY6DInTMc8HdNhRQYXihx9JCawjSgxhuc+Daw
8oXhyP2MI0vZFU4Fe6jc6wqg05cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRrG9E4
bAzfxlqXPDYY/fc74txfejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzViYjBkYTUtMGEyZC00YjgwLWFhZmUtYWY3ZTc0Y2Y1ODY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkA
MA0GCSqGSIb3DQEBCwUAA4IBAQAbzyzslFl38LybhxBhi2w/576kmK2QV9q47IbO
/MRZUkww4HNQ5ZRLYWubTgq+eFI/AvamrICsiw5YTDfQv+/CHb9h9YC8xXc1CA2m
Fii8R81+XqwbIk4lBbgD34FQYrrghWNMXJtRKIxeMq7rAYhI6qjJVMOPJCyJz9hB
BPoOYuhyOYYTPE1hg+QCH5Kzm6QbRJRzWtYgcGjjrO+gH8uPuVC8NX2dde3DUAfM
81xHDdbj/7RfOMDOyGEtOcewoEArsCtc3Y9pYbzS6gxOVB/as81c7IQdS0ODrAF8
K0F94oJ9Lqih9HXR1AMQLtcUg46Lid4ewC0f/LiW1nLTSCvV
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:04 2025 by rpki-client