Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
File: 4304a130-e9d1-47a4-8ecf-5d755740a478.roa (raw, json)
Hash identifier: SBN+tLm/CEhbwbEGsBKKBXUmduY9pQIESOgPBFTbDtk=
Subject key identifier: 08:89:CA:F9:89:D5:24:0E:7D:59:B1:C1:6A:94:3B:37:DA:05:A1:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2B2F50BD5687D55876019C9294EF1F0FBE245A70
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
Signing time: Mon 01 Sep 2025 20:10:06 +0000
ROA not before: Mon 01 Sep 2025 20:10:06 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:2f:50:bd:56:87:d5:58:76:01:9c:92:94:ef:1f:0f:be:24:5a:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:10:06 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=06fa47bd32cb7871f5f5a3d7220163e313354d422b5d83467f0ef07482d71fb9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e5:76:35:69:99:08:e0:ac:56:c9:28:56:36:
ed:2b:6e:70:c6:0e:97:f7:6e:2d:56:b9:59:3e:df:
1e:01:28:ab:d9:03:03:fe:1e:e8:9f:b6:d5:57:9f:
03:2f:ce:05:db:d2:c1:f9:72:76:22:6a:85:79:87:
3e:fb:30:fe:3f:e8:c5:6f:1a:79:9d:89:e9:e5:4a:
27:6c:b8:1b:ac:06:c6:e4:72:ad:23:b4:3b:fc:02:
af:55:0a:45:19:d6:28:57:f4:c2:6e:fc:a3:76:ac:
8b:68:3c:d4:c0:b0:35:90:e2:ed:3b:2a:85:26:d3:
f8:d6:4c:c5:12:29:9b:38:b5:01:9d:d4:4f:63:a0:
83:e6:ff:b8:04:4f:27:c8:d6:59:d9:ac:94:ac:18:
92:40:41:f4:8f:75:25:5a:68:c8:3c:68:18:f4:ee:
46:59:bb:b9:59:6c:2a:60:f0:f9:49:8c:58:4a:03:
56:82:e7:56:7f:80:97:1c:8e:7d:40:58:9f:ca:e0:
73:07:a1:03:32:9e:55:be:35:7e:f7:19:10:54:f4:
03:e6:f8:21:56:63:9d:48:5f:2c:15:f3:7a:cc:3d:
38:f4:34:78:92:23:5e:bd:a9:57:e1:42:93:cb:16:
22:cb:74:95:03:d5:ac:8d:78:f7:7b:d3:f2:9e:fb:
36:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:89:CA:F9:89:D5:24:0E:7D:59:B1:C1:6A:94:3B:37:DA:05:A1:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4304a130-e9d1-47a4-8ecf-5d755740a478.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80e0::/48
Signature Algorithm: sha256WithRSAEncryption
28:89:e7:f1:08:e7:69:bb:43:66:41:6c:88:de:03:10:4d:97:
d1:63:82:06:4a:ed:7f:49:ff:f0:0b:3f:b8:86:57:ed:6e:78:
e8:7b:27:d6:a3:48:03:b9:b0:79:7f:d2:b3:1c:94:36:a4:c2:
58:39:c9:33:17:26:da:81:07:f0:ce:5f:aa:d4:c3:ea:7c:26:
69:be:12:e8:03:9c:2b:ed:0a:50:6e:1b:3d:87:25:9a:28:17:
22:d7:2a:00:0e:0c:62:b8:70:8a:93:ee:bc:37:42:f8:30:45:
26:44:35:0a:47:b2:c5:68:5f:39:d0:ec:8d:a5:53:15:e9:c1:
a7:98:de:f1:01:72:f9:7d:ad:ae:ae:c3:27:b5:7d:5b:7f:37:
5e:df:7f:b0:9d:db:92:ac:07:3a:48:f8:96:67:ee:30:d9:bc:
cd:9f:c5:4c:57:61:ec:67:db:f8:21:b0:bf:7b:a4:7a:32:05:
6f:54:05:c1:82:33:9b:77:72:a7:a0:5e:56:f7:fa:a8:c3:94:
16:1c:0e:97:09:7c:64:73:e5:83:8c:18:c1:48:e6:98:67:44:
69:ad:bc:f1:8a:64:3e:94:c6:05:64:04:65:67:2f:75:6a:9f:
78:ad:85:9f:5b:2a:e0:8f:de:ab:b8:b4:6d:ae:51:f9:5d:4a:
5b:16:0b:86
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKy9QvVaH1Vh2AZySlO8fD74kWnAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDEwMDZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2ZmE0N2JkMzJjYjc4NzFmNWY1YTNkNzIyMDE2M2UzMTMzNTRkNDIyYjVk
ODM0NjdmMGVmMDc0ODJkNzFmYjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzldjVpmQjgrFbJKFY27StucMYOl/duLVa5WT7fHgEoq9kDA/4e6J+21Vef
Ay/OBdvSwflydiJqhXmHPvsw/j/oxW8aeZ2J6eVKJ2y4G6wGxuRyrSO0O/wCr1UK
RRnWKFf0wm78o3asi2g81MCwNZDi7TsqhSbT+NZMxRIpmzi1AZ3UT2Ogg+b/uARP
J8jWWdmslKwYkkBB9I91JVpoyDxoGPTuRlm7uVlsKmDw+UmMWEoDVoLnVn+AlxyO
fUBYn8rgcwehAzKeVb41fvcZEFT0A+b4IVZjnUhfLBXzesw9OPQ0eJIjXr2pV+FC
k8sWIst0lQPVrI1493vT8p77NhMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQIicr5
idUkDn1ZscFqlDs32gWhlTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDMwNGExMzAtZTlkMS00N2E0LThlY2YtNWQ3NTU3NDBhNDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
4DANBgkqhkiG9w0BAQsFAAOCAQEAKInn8QjnabtDZkFsiN4DEE2X0WOCBkrtf0n/
8As/uIZX7W546Hsn1qNIA7mweX/SsxyUNqTCWDnJMxcm2oEH8M5fqtTD6nwmab4S
6AOcK+0KUG4bPYclmigXItcqAA4MYrhwipPuvDdC+DBFJkQ1CkeyxWhfOdDsjaVT
FenBp5je8QFy+X2trq7DJ7V9W383Xt9/sJ3bkqwHOkj4lmfuMNm8zZ/FTFdh7Gfb
+CGwv3ukejIFb1QFwYIzm3dyp6BeVvf6qMOUFhwOlwl8ZHPlg4wYwUjmmGdEaa28
8YpkPpTGBWQEZWcvdWqfeK2Fn1sq4I/eq7i0ba5R+V1KWxYLhg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:30 2025 by rpki-client