Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
File: 455a2efe-3411-42cf-a196-73c25845d48c.roa (raw, json)
Hash identifier: 0pRf+4Z+oUSImywYxcxbrdjHqRJ67YoABz1av9cNQzs=
Subject key identifier: 8B:9C:2F:33:A0:4B:51:48:3E:67:05:99:CD:7A:9C:B2:B6:7C:77:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4BF3385BDE4BEEE0087063D3F895D8A15475E059
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
Signing time: Mon 01 Sep 2025 20:40:25 +0000
ROA not before: Mon 01 Sep 2025 20:40:25 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:f3:38:5b:de:4b:ee:e0:08:70:63:d3:f8:95:d8:a1:54:75:e0:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:40:25 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=dbba29bf5c655b49e3267dc7f6035bf49f1f69def276f16cb647987f16b9b5aa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:59:11:89:e8:f0:33:ef:d7:e7:bf:6d:01:36:
63:f4:70:dc:2c:c3:7e:53:83:ac:0c:62:be:3e:d0:
2e:59:f6:1e:f3:66:3a:96:f1:cf:2a:e5:2e:61:ae:
38:3e:43:48:53:fe:f9:ec:c4:49:aa:2f:6d:ed:fe:
ca:78:43:e2:18:ec:f8:fa:c6:cf:f6:f2:36:10:ae:
d0:85:69:64:a1:8d:eb:32:10:87:24:56:f4:95:00:
5f:cc:14:8c:d4:14:26:29:a6:42:57:dd:5d:b2:24:
f1:3a:bb:7f:d8:26:99:5c:85:23:d9:56:4e:e8:be:
e0:fb:b0:1a:ea:f4:89:bb:ac:ea:c8:c4:d2:2b:f4:
ea:41:07:bd:35:8e:9f:9f:3e:5f:03:f1:7e:23:d2:
73:45:c8:85:64:6d:9a:0c:25:93:38:36:cc:09:c5:
2b:e7:95:f4:53:b3:06:15:eb:ba:92:4f:1a:47:69:
98:b1:89:4a:7a:33:ce:c6:12:8e:00:e5:d4:ec:2d:
6b:85:4b:7d:5c:e5:aa:2c:03:82:0e:70:60:61:62:
f9:73:6d:d3:c0:b9:f9:4d:f7:ec:0e:87:d7:b1:45:
75:6c:9f:cd:a7:d6:4d:7c:d6:49:67:60:91:d9:49:
ea:0e:d6:f0:35:b3:97:63:fe:93:17:9f:81:83:be:
d2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:9C:2F:33:A0:4B:51:48:3E:67:05:99:CD:7A:9C:B2:B6:7C:77:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455a2efe-3411-42cf-a196-73c25845d48c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:2000::/40
Signature Algorithm: sha256WithRSAEncryption
57:6e:1d:5c:ff:da:3a:fb:2e:3f:05:1b:1a:d2:0a:64:4b:6e:
a6:b8:ae:0e:2d:fb:bc:56:12:a1:46:c7:fd:cd:5b:2c:e5:e5:
cf:f3:6f:57:d3:af:58:3e:7b:83:ef:6e:07:28:43:2f:71:80:
4b:45:02:23:8b:9a:53:0f:7b:24:d9:67:d2:99:81:dd:e5:28:
ad:b1:a1:e7:43:5b:48:56:89:51:e7:c5:2e:54:13:51:22:bb:
1d:cb:5a:71:fa:15:1f:77:13:48:cf:6c:86:cd:ad:21:25:ef:
3c:36:0c:e9:eb:48:1d:6a:d4:41:71:cc:35:cd:2c:d6:3d:87:
c5:c0:1e:18:c4:ec:90:f6:d1:9d:b6:44:23:fd:ba:5e:99:e1:
c8:c3:4a:2a:23:9a:89:64:25:c2:4a:6f:d3:12:68:09:eb:90:
ad:1b:57:7d:dd:c9:aa:df:a1:8e:1f:8c:07:9a:20:5f:ea:71:
ee:47:12:44:b6:bd:20:bb:ed:87:a5:a2:50:da:53:39:e1:6d:
28:d1:bd:03:d5:74:6e:5b:1b:8c:c3:d1:88:f2:7f:6b:73:b2:
35:bd:17:3e:eb:52:a6:0d:9c:7f:81:f0:99:dd:72:2d:39:ec:
17:8a:d4:0a:5e:cd:7b:3f:14:64:88:44:0e:3a:f9:9a:d7:57:
f4:06:3d:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUS/M4W95L7uAIcGPT+JXYoVR14FkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQwMjVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiYmEyOWJmNWM2NTViNDllMzI2N2RjN2Y2MDM1YmY0OWYxZjY5ZGVmMjc2
ZjE2Y2I2NDc5ODdmMTZiOWI1YWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1ZEYno8DPv1+e/bQE2Y/Rw3CzDflODrAxivj7QLln2HvNmOpbxzyrlLmGu
OD5DSFP++ezESaovbe3+ynhD4hjs+PrGz/byNhCu0IVpZKGN6zIQhyRW9JUAX8wU
jNQUJimmQlfdXbIk8Tq7f9gmmVyFI9lWTui+4PuwGur0ibus6sjE0iv06kEHvTWO
n58+XwPxfiPSc0XIhWRtmgwlkzg2zAnFK+eV9FOzBhXrupJPGkdpmLGJSnozzsYS
jgDl1Owta4VLfVzlqiwDgg5wYGFi+XNt08C5+U337A6H17FFdWyfzafWTXzWSWdg
kdlJ6g7W8DWzl2P+kxefgYO+0s8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSLnC8z
oEtRSD5nBZnNepyytnx37DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU1YTJlZmUtMzQxMS00MmNmLWExOTYtNzNjMjU4NDVkNDhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fgg
MA0GCSqGSIb3DQEBCwUAA4IBAQBXbh1c/9o6+y4/BRsa0gpkS26muK4OLfu8VhKh
Rsf9zVss5eXP829X069YPnuD724HKEMvcYBLRQIji5pTD3sk2WfSmYHd5SitsaHn
Q1tIVolR58UuVBNRIrsdy1px+hUfdxNIz2yGza0hJe88Ngzp60gdatRBccw1zSzW
PYfFwB4YxOyQ9tGdtkQj/bpemeHIw0oqI5qJZCXCSm/TEmgJ65CtG1d93cmq36GO
H4wHmiBf6nHuRxJEtr0gu+2HpaJQ2lM54W0o0b0D1XRuWxuMw9GI8n9rc7I1vRc+
61KmDZx/gfCZ3XItOewXitQKXs17PxRkiEQOOvma11f0Bj36
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:05 2025 by rpki-client