Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44bb2f76-7c1e-411a-85f6-b9cd1c77d60c.roa
File: 44bb2f76-7c1e-411a-85f6-b9cd1c77d60c.roa (raw, json)
Hash identifier: mXSf6LurrZX50UXXG657m2b1sjKJPjL2oK/SrCxaizg=
Subject key identifier: DE:7F:7D:E2:2A:AC:8E:AF:F8:7E:3D:59:AC:16:BB:2A:14:DB:BF:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59A10051B1FD817E8D3D16A092F94DCE2E1DFF66
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44bb2f76-7c1e-411a-85f6-b9cd1c77d60c.roa
Signing time: Mon 01 Sep 2025 19:41:06 +0000
ROA not before: Mon 01 Sep 2025 19:41:06 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:a1:00:51:b1:fd:81:7e:8d:3d:16:a0:92:f9:4d:ce:2e:1d:ff:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:41:06 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=1b1012e2ed688617368f8b1d306102192beb12d3c9477bfb7593b7913ff8cd44, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d6:8d:15:08:da:9f:6d:0e:63:8b:b2:75:e4:
90:b3:7a:76:53:e7:8a:94:40:ca:9f:5d:fd:aa:4c:
f8:5e:7f:e8:15:96:2c:68:64:47:fc:ba:0a:73:e3:
1d:b5:58:62:16:48:d7:78:2c:e2:89:d9:0a:d0:f3:
ba:c2:af:13:d7:e9:d1:62:f0:e5:28:97:f4:e3:b1:
b4:30:6b:70:e4:21:e7:8c:56:96:35:51:48:bd:01:
1d:18:da:9e:90:93:d1:22:a2:9d:9e:8a:a1:b0:de:
94:79:aa:23:49:77:e8:ee:66:43:58:f8:91:9c:aa:
2f:2e:0a:28:f1:aa:40:bb:a6:e5:1b:ac:c7:eb:8b:
83:b8:5e:48:4d:0f:dd:e4:c2:62:40:bb:d0:ce:ef:
3b:ba:16:f5:a2:9d:01:4a:b6:9f:1b:e6:ad:98:32:
c1:e8:80:d2:da:c2:23:ae:86:47:d1:6f:92:f2:bb:
7f:ee:e9:6d:ce:80:0a:2d:c7:c0:aa:71:d7:22:b0:
72:7a:b9:00:35:fa:53:90:c0:10:9b:58:cb:e5:32:
dd:b0:a3:5a:06:1e:2a:3f:49:70:62:ff:b4:ac:bb:
9a:49:65:93:6d:d5:92:9c:29:a3:7d:b3:68:0d:e8:
ef:23:38:c6:d4:fb:55:7c:3f:e7:65:c7:37:e4:0b:
a3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:7F:7D:E2:2A:AC:8E:AF:F8:7E:3D:59:AC:16:BB:2A:14:DB:BF:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44bb2f76-7c1e-411a-85f6-b9cd1c77d60c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:5040::/48
Signature Algorithm: sha256WithRSAEncryption
43:ae:3f:d1:00:16:54:ee:22:57:7a:76:72:98:a9:7f:c5:0f:
aa:9c:63:66:9a:81:c9:f5:d5:56:33:4a:1d:eb:6e:15:f3:8a:
a0:20:90:84:74:f9:87:7f:d2:21:4e:c7:d2:b2:b1:3b:48:53:
80:90:95:9a:d7:8a:ef:b2:ac:69:22:f6:96:b7:1a:a8:7f:16:
bb:3d:74:4d:fa:9e:67:1f:61:af:b9:ce:c5:03:81:64:fc:e8:
a6:d8:31:af:a2:2a:3f:33:f5:cf:4b:c9:76:6e:92:27:62:f5:
69:7d:28:fd:c8:bd:f8:5f:1c:3c:3b:64:b4:2b:dc:a1:e8:86:
be:1e:82:a7:bb:3f:75:17:58:2f:ae:84:ee:d3:96:39:c9:76:
cc:64:0a:03:86:ea:0d:27:80:f6:48:df:e7:3b:8a:01:82:c4:
56:4d:5e:22:3c:f3:80:32:c5:7d:fc:44:9c:c2:81:22:8e:82:
bb:68:ad:03:d7:da:1c:11:ea:3a:46:77:05:43:a1:1b:83:58:
03:24:e3:9e:89:7a:5f:b8:4f:59:3a:fe:9a:ff:21:82:17:6a:
f3:63:94:bc:ed:dd:51:3b:17:63:6f:1d:a1:07:47:bf:87:b7:
f0:04:f8:0b:85:17:53:0e:fc:82:a1:65:7f:20:11:c1:53:56:
3f:5b:a3:ff
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWaEAUbH9gX6NPRagkvlNzi4d/2YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTQxMDZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiMTAxMmUyZWQ2ODg2MTczNjhmOGIxZDMwNjEwMjE5MmJlYjEyZDNjOTQ3
N2JmYjc1OTNiNzkxM2ZmOGNkNDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnWjRUI2p9tDmOLsnXkkLN6dlPnipRAyp9d/apM+F5/6BWWLGhkR/y6CnPj
HbVYYhZI13gs4onZCtDzusKvE9fp0WLw5SiX9OOxtDBrcOQh54xWljVRSL0BHRja
npCT0SKinZ6KobDelHmqI0l36O5mQ1j4kZyqLy4KKPGqQLum5Rusx+uLg7heSE0P
3eTCYkC70M7vO7oW9aKdAUq2nxvmrZgyweiA0trCI66GR9FvkvK7f+7pbc6ACi3H
wKpx1yKwcnq5ADX6U5DAEJtYy+Uy3bCjWgYeKj9JcGL/tKy7mkllk23Vkpwpo32z
aA3o7yM4xtT7VXw/52XHN+QLo38CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTef33i
KqyOr/h+PVmsFrsqFNu/rTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDRiYjJmNzYtN2MxZS00MTFhLTg1ZjYtYjljZDFjNzdkNjBjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAQ64/0QAWVO4iV3p2cpipf8UPqpxjZpqByfXV
VjNKHetuFfOKoCCQhHT5h3/SIU7H0rKxO0hTgJCVmteK77KsaSL2lrcaqH8Wuz10
TfqeZx9hr7nOxQOBZPzoptgxr6IqPzP1z0vJdm6SJ2L1aX0o/ci9+F8cPDtktCvc
oeiGvh6Cp7s/dRdYL66E7tOWOcl2zGQKA4bqDSeA9kjf5zuKAYLEVk1eIjzzgDLF
ffxEnMKBIo6Cu2itA9faHBHqOkZ3BUOhG4NYAyTjnol6X7hPWTr+mv8hghdq82OU
vO3dUTsXY28doQdHv4e38AT4C4UXUw78gqFlfyARwVNWP1uj/w==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:08 2025 by rpki-client