Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
File: 41abc6c7-a6fb-4666-b503-a8a0784797a1.roa (raw, json)
Hash identifier: 0noe0LpXEwCyI6Z7qCy6WB5EDWXX3xSFeK8STAnl/BM=
Subject key identifier: 41:FE:21:0A:96:4F:55:7C:D6:13:E5:1C:06:30:A3:E2:C1:B5:49:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37ED73D20D28A64274B8F75CE74DF8D9394F5968
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
Signing time: Mon 01 Sep 2025 20:21:24 +0000
ROA not before: Mon 01 Sep 2025 20:21:24 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:ed:73:d2:0d:28:a6:42:74:b8:f7:5c:e7:4d:f8:d9:39:4f:59:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:21:24 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=100ce69cc0ebc0ea657b64baf81d1555e339e9b65442ff3649f01d57bf1dc4bf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:99:94:86:f4:4f:6a:65:50:54:f8:bc:a2:0f:
33:cd:34:07:55:ca:23:4f:99:67:d8:b4:ff:d7:52:
40:4c:97:6f:b5:ab:b5:42:0d:38:0c:ca:f9:4d:db:
47:2b:fd:f2:00:9a:44:02:c0:5a:32:4f:27:a7:07:
81:ca:70:a3:bd:72:09:0e:86:4a:31:5f:d3:db:d2:
92:ca:4b:19:09:b0:8f:93:a5:d1:0f:7c:7b:39:a9:
a5:d7:83:83:ca:07:69:41:ac:51:36:d2:ee:b2:a2:
ba:5a:e1:89:25:4e:7c:92:44:8d:35:5e:e9:91:cf:
3b:fb:1c:81:60:f1:f7:5c:26:13:71:2c:6a:04:6e:
48:13:e6:ff:86:0c:1d:36:1d:c6:ec:58:87:83:d3:
be:40:d0:5b:a4:42:73:b3:9d:99:9e:a4:c4:f5:96:
82:23:c4:47:1f:60:3d:b0:37:51:90:78:40:85:f6:
20:1c:02:78:82:87:3b:74:ac:fd:6d:a0:58:23:21:
f7:32:d0:23:ef:f6:54:27:eb:bb:a5:02:31:9d:ce:
de:14:4c:2e:09:9d:72:bf:b5:9c:44:44:53:7a:8c:
b3:10:86:31:68:45:2c:bb:30:de:3a:0c:c3:91:8b:
34:ec:7c:47:83:c8:e1:18:22:85:2b:3d:cc:3a:0e:
14:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:FE:21:0A:96:4F:55:7C:D6:13:E5:1C:06:30:A3:E2:C1:B5:49:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/41abc6c7-a6fb-4666-b503-a8a0784797a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8000::/40
Signature Algorithm: sha256WithRSAEncryption
5a:ce:52:f1:91:8d:e8:36:c2:fd:38:50:71:0a:fc:87:3c:d1:
4f:52:7e:56:b5:1c:64:61:14:06:74:7b:26:8b:4d:e2:16:7b:
ca:88:21:08:81:58:fe:ae:10:ba:70:87:66:ed:ee:fd:52:7a:
c0:16:b7:7d:15:b3:c3:b5:88:96:c6:a4:3f:be:10:1a:f0:fa:
99:c8:5b:ee:d3:eb:63:35:4d:e3:4b:f2:ef:af:71:df:db:38:
38:94:89:f2:e2:3d:ec:9b:c4:80:14:95:60:e1:75:1f:36:50:
dd:c8:05:76:85:c1:89:ad:aa:2a:fe:71:4c:af:3f:54:53:e5:
1d:98:d4:0c:fe:ed:93:a1:57:c0:b9:cb:59:21:fe:7c:32:c1:
c4:36:ce:5c:0e:60:6d:72:a2:6b:1e:c3:c9:20:15:f5:8a:5d:
19:d5:09:e5:0b:f9:47:38:ed:a1:5a:87:6e:c5:e1:43:73:ad:
76:20:07:23:8a:14:27:8f:ff:7d:a2:46:8f:27:21:d6:a5:eb:
bf:3d:af:d2:69:cf:4f:6d:fb:91:8b:3d:33:67:c4:72:4f:3b:
04:27:34:d1:2a:34:58:72:ec:ef:2d:ba:f5:32:ef:94:98:9a:
9c:ef:98:28:6f:f0:2c:d9:b5:d3:4b:b2:69:a5:29:82:c2:f8:
1e:06:e9:e8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN+1z0g0opkJ0uPdc50342TlPWWgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIxMjRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwMGNlNjljYzBlYmMwZWE2NTdiNjRiYWY4MWQxNTU1ZTMzOWU5YjY1NDQy
ZmYzNjQ5ZjAxZDU3YmYxZGM0YmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKZlIb0T2plUFT4vKIPM800B1XKI0+ZZ9i0/9dSQEyXb7WrtUINOAzK+U3b
Ryv98gCaRALAWjJPJ6cHgcpwo71yCQ6GSjFf09vSkspLGQmwj5Ol0Q98ezmppdeD
g8oHaUGsUTbS7rKiulrhiSVOfJJEjTVe6ZHPO/scgWDx91wmE3EsagRuSBPm/4YM
HTYdxuxYh4PTvkDQW6RCc7OdmZ6kxPWWgiPERx9gPbA3UZB4QIX2IBwCeIKHO3Ss
/W2gWCMh9zLQI+/2VCfru6UCMZ3O3hRMLgmdcr+1nEREU3qMsxCGMWhFLLsw3joM
w5GLNOx8R4PI4RgihSs9zDoOFA0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRB/iEK
lk9VfNYT5RwGMKPiwbVJHDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDFhYmM2YzctYTZmYi00NjY2LWI1MDMtYThhMDc4NDc5N2ExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACA
MA0GCSqGSIb3DQEBCwUAA4IBAQBazlLxkY3oNsL9OFBxCvyHPNFPUn5WtRxkYRQG
dHsmi03iFnvKiCEIgVj+rhC6cIdm7e79UnrAFrd9FbPDtYiWxqQ/vhAa8PqZyFvu
0+tjNU3jS/Lvr3Hf2zg4lIny4j3sm8SAFJVg4XUfNlDdyAV2hcGJraoq/nFMrz9U
U+UdmNQM/u2ToVfAuctZIf58MsHENs5cDmBtcqJrHsPJIBX1il0Z1QnlC/lHOO2h
WoduxeFDc612IAcjihQnj/99okaPJyHWpeu/Pa/Sac9PbfuRiz0zZ8RyTzsEJzTR
KjRYcuzvLbr1Mu+UmJqc75gob/As2bXTS7JppSmCwvgeBuno
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:10 2025 by rpki-client