Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
File: 455182aa-6d74-4447-81a6-6be09732e55d.roa (raw, json)
Hash identifier: s3rqLhx5PZ0LEVFEL0tK8ZXq0gHzF/ZXbh4LSHaq/Vk=
Subject key identifier: 0D:30:5B:CF:8D:09:CC:6B:3B:5A:87:86:BB:18:7D:E8:4E:13:6F:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5FA34489877B4A8D30AFE776CC5CCE72D308BF4F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
Signing time: Mon 01 Sep 2025 21:10:12 +0000
ROA not before: Mon 01 Sep 2025 21:10:12 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:a3:44:89:87:7b:4a:8d:30:af:e7:76:cc:5c:ce:72:d3:08:bf:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:10:12 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=2f28b09d8da95cc8b86ce8c6851418ce7b8fdabf0f2cc171e7ef4939d375b82e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:78:15:73:ab:af:16:9a:b3:f5:a4:e2:2f:68:
35:09:85:a6:a9:50:60:8b:da:49:99:6c:db:e6:0c:
9e:77:3b:09:c7:87:95:7a:e1:3f:1a:a6:c6:52:ba:
35:fc:b0:73:29:22:7c:8b:be:40:0e:38:c8:aa:14:
8a:6c:3f:03:d6:ca:bd:fa:90:ec:56:c7:3a:46:e9:
46:cc:02:39:7b:de:ae:15:1e:44:2f:79:2f:6a:02:
5b:d3:20:92:21:1b:c0:63:a0:51:9a:17:1a:22:c2:
75:c9:0b:49:c2:4f:4f:91:82:a5:85:59:f7:78:85:
38:3d:16:83:74:82:29:ff:71:64:8b:21:21:95:fa:
cf:55:0e:b8:7c:6d:04:43:5f:74:89:4b:c7:68:c0:
e4:99:ff:d5:8a:df:76:25:6d:ee:12:2a:1a:03:42:
bc:8b:95:b0:6c:d8:8e:8f:ad:85:4c:7f:59:81:af:
6d:ff:7c:5b:ad:34:6e:05:2b:6f:51:f6:17:16:1f:
66:97:12:96:c9:aa:73:1c:1a:ff:eb:66:9e:e7:91:
8c:da:0a:de:92:5e:18:64:3c:bf:1d:df:14:84:d6:
fd:45:83:d8:1c:e4:bf:d4:88:18:25:ff:ac:0b:03:
94:fd:08:0d:df:fc:21:64:8e:a9:0e:58:52:f8:30:
0c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:30:5B:CF:8D:09:CC:6B:3B:5A:87:86:BB:18:7D:E8:4E:13:6F:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:c00::/38
Signature Algorithm: sha256WithRSAEncryption
66:f2:6b:fb:e4:9a:b3:2d:49:f5:76:a7:5c:ed:45:a0:cf:67:
f0:4e:95:2b:d7:1b:bd:4e:fb:ff:41:6d:c3:fb:fc:b5:ca:ad:
a8:05:d9:41:fa:fb:4a:9c:68:e9:0d:94:0f:5a:0d:59:55:73:
d2:f8:b6:19:f1:4b:73:f8:52:f5:2a:a4:20:10:fd:a5:cb:f8:
db:e6:0b:25:bd:3a:64:67:1c:f7:de:d3:5b:92:f4:2a:d4:29:
83:6f:36:1d:6c:15:97:03:94:83:fb:c9:e4:9b:10:2f:25:22:
df:1b:5b:28:36:a4:3b:36:aa:c7:38:c9:aa:af:4b:cc:7a:d6:
c7:ee:c5:db:f1:45:91:0c:62:ef:a6:57:4c:cc:68:c9:b9:d0:
ae:8c:7f:01:21:41:97:d2:15:fe:5d:ab:0c:fb:61:ba:12:82:
92:56:ac:0b:f7:1f:dc:d4:ba:bf:65:92:b0:99:34:dd:79:27:
14:f7:b3:b8:e7:12:0b:af:b9:f3:f9:6a:93:18:8a:19:ca:9c:
62:33:b6:a3:59:2c:8f:18:28:9c:ba:13:51:6a:36:b8:94:87:
e3:e4:08:89:38:13:d0:0b:51:b7:43:ce:bc:34:64:f3:09:d6:
d0:5d:b7:77:5b:3d:be:b5:40:46:3a:39:ee:83:cb:ef:27:a5:
27:4b:fc:c9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX6NEiYd7So0wr+d2zFzOctMIv08wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTEwMTJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmMjhiMDlkOGRhOTVjYzhiODZjZThjNjg1MTQxOGNlN2I4ZmRhYmYwZjJj
YzE3MWU3ZWY0OTM5ZDM3NWI4MmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI94FXOrrxaas/Wk4i9oNQmFpqlQYIvaSZls2+YMnnc7CceHlXrhPxqmxlK6
NfywcykifIu+QA44yKoUimw/A9bKvfqQ7FbHOkbpRswCOXverhUeRC95L2oCW9Mg
kiEbwGOgUZoXGiLCdckLScJPT5GCpYVZ93iFOD0Wg3SCKf9xZIshIZX6z1UOuHxt
BENfdIlLx2jA5Jn/1YrfdiVt7hIqGgNCvIuVsGzYjo+thUx/WYGvbf98W600bgUr
b1H2FxYfZpcSlsmqcxwa/+tmnueRjNoK3pJeGGQ8vx3fFITW/UWD2Bzkv9SIGCX/
rAsDlP0IDd/8IWSOqQ5YUvgwDHkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQNMFvP
jQnMaztah4a7GH3oThNvtDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1MTgyYWEtNmQ3NC00NDQ3LTgxYTYtNmJlMDk3MzJlNTVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4M
MA0GCSqGSIb3DQEBCwUAA4IBAQBm8mv75JqzLUn1dqdc7UWgz2fwTpUr1xu9Tvv/
QW3D+/y1yq2oBdlB+vtKnGjpDZQPWg1ZVXPS+LYZ8Utz+FL1KqQgEP2ly/jb5gsl
vTpkZxz33tNbkvQq1CmDbzYdbBWXA5SD+8nkmxAvJSLfG1soNqQ7NqrHOMmqr0vM
etbH7sXb8UWRDGLvpldMzGjJudCujH8BIUGX0hX+XasM+2G6EoKSVqwL9x/c1Lq/
ZZKwmTTdeScU97O45xILr7nz+WqTGIoZypxiM7ajWSyPGCicuhNRaja4lIfj5AiJ
OBPQC1G3Q868NGTzCdbQXbd3Wz2+tUBGOjnug8vvJ6UnS/zJ
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:29 2025 by rpki-client