Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45c6591c-1ba0-4769-9e6a-11566f006613.roa
File: 45c6591c-1ba0-4769-9e6a-11566f006613.roa (raw, json)
Hash identifier: F4jA0nM9KfXCBt7hTSvZ7P+4qIYTATjSEbcFmMlQB4I=
Subject key identifier: 6B:3F:D6:EE:DB:43:6D:49:41:7F:82:D4:70:A1:D7:85:19:B3:72:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27AFBE60B9BC806163A91D1268FD33C2BA29ED1F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45c6591c-1ba0-4769-9e6a-11566f006613.roa
Signing time: Mon 01 Sep 2025 20:01:38 +0000
ROA not before: Mon 01 Sep 2025 20:01:38 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:af:be:60:b9:bc:80:61:63:a9:1d:12:68:fd:33:c2:ba:29:ed:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:01:38 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=9964cdb676b643706ca365983a6204a7d2e6a8009765308f87e216d649320f39, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:21:28:6e:69:32:64:c4:f4:ca:5d:dd:94:77:
08:83:9d:84:3e:90:b8:cf:4b:50:e4:b2:4e:c0:06:
b8:5a:e8:a2:29:25:a1:81:4c:19:d7:a5:73:85:cd:
a2:a3:d7:2a:5e:37:aa:67:13:d9:56:47:74:38:66:
e9:41:13:62:ef:ef:a0:a2:18:99:fb:9f:26:bd:48:
d6:66:e9:31:17:4d:ba:3b:b4:3c:db:bb:eb:4f:78:
fc:ad:2b:05:ee:52:24:39:36:12:f6:4b:65:64:74:
ce:5f:45:ec:9c:f2:ff:4d:61:4f:b6:22:d1:8a:62:
41:65:94:9a:a3:b4:db:94:93:54:92:a5:44:57:03:
f6:53:d8:0f:73:d7:15:a8:d9:a6:0a:ef:bc:5a:98:
06:72:4e:bc:7f:29:21:4f:d3:6f:ae:ba:3d:7d:95:
a5:9d:2f:0d:1c:98:ce:c5:19:ae:bc:57:4c:46:4e:
cf:36:01:ba:57:b5:f9:d9:69:d8:45:f3:c1:62:aa:
7d:7c:22:a3:95:f9:ec:1a:70:98:6d:e4:00:07:12:
bc:e6:95:70:d0:9b:a6:e1:c3:f7:73:fb:2b:96:e1:
6e:3b:dd:ad:14:4c:93:ac:b7:ee:34:8c:f5:97:6e:
2b:41:b6:93:db:3f:c9:2b:90:51:e4:b7:a1:fb:dd:
49:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:3F:D6:EE:DB:43:6D:49:41:7F:82:D4:70:A1:D7:85:19:B3:72:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45c6591c-1ba0-4769-9e6a-11566f006613.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
65:17:89:fd:3d:c3:8c:5f:91:1d:cc:ba:3d:3e:2c:49:c7:15:
b8:02:86:28:37:03:34:03:24:c8:3b:bf:3e:49:51:f9:30:75:
af:2e:42:bb:bb:80:26:63:d7:a3:6d:3e:8a:25:99:b1:b0:53:
80:67:0d:b1:6d:83:c9:b1:19:68:71:95:f4:2a:ba:6e:ed:66:
96:1e:c9:58:59:46:2b:98:d7:a1:e6:eb:ea:b8:eb:e1:12:17:
c2:19:ce:f0:7a:a8:65:df:c9:ac:06:1a:b6:d9:3a:3f:bd:97:
23:6a:4e:a3:0b:91:c6:88:8f:cb:7f:f8:bd:67:c6:fc:f5:fd:
bf:30:bb:fb:04:aa:6d:49:27:15:05:18:47:d4:1a:54:1f:f9:
e3:9a:af:3c:f8:a9:66:5b:f5:4a:41:8a:25:38:dd:44:db:78:
75:bf:08:23:8f:9d:ba:57:33:7b:ff:4d:3f:2e:a6:05:c1:41:
80:1b:6c:8b:e5:74:d3:53:79:0d:37:0c:55:f3:7e:60:b9:39:
50:b7:5e:c0:79:06:92:29:46:18:4f:41:94:31:b7:a0:d3:fc:
7e:35:0b:de:84:5b:ff:94:ce:b8:1c:08:bf:35:46:3f:38:f7:
09:7e:ad:58:2f:66:5e:29:b4:fa:55:7d:b0:72:ce:88:42:52:
a8:7a:58:87
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJ6++YLm8gGFjqR0SaP0zwrop7R8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDAxMzhaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5NjRjZGI2NzZiNjQzNzA2Y2EzNjU5ODNhNjIwNGE3ZDJlNmE4MDA5NzY1
MzA4Zjg3ZTIxNmQ2NDkzMjBmMzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOIhKG5pMmTE9Mpd3ZR3CIOdhD6QuM9LUOSyTsAGuFrooikloYFMGdelc4XN
oqPXKl43qmcT2VZHdDhm6UETYu/voKIYmfufJr1I1mbpMRdNuju0PNu76094/K0r
Be5SJDk2EvZLZWR0zl9F7Jzy/01hT7Yi0YpiQWWUmqO025STVJKlRFcD9lPYD3PX
FajZpgrvvFqYBnJOvH8pIU/Tb666PX2VpZ0vDRyYzsUZrrxXTEZOzzYBule1+dlp
2EXzwWKqfXwio5X57BpwmG3kAAcSvOaVcNCbpuHD93P7K5bhbjvdrRRMk6y37jSM
9ZduK0G2k9s/ySuQUeS3ofvdSeMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRrP9bu
20NtSUF/gtRwodeFGbNyuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDVjNjU5MWMtMWJhMC00NzY5LTllNmEtMTE1NjZmMDA2NjEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+Q
wDANBgkqhkiG9w0BAQsFAAOCAQEAZReJ/T3DjF+RHcy6PT4sSccVuAKGKDcDNAMk
yDu/PklR+TB1ry5Cu7uAJmPXo20+iiWZsbBTgGcNsW2DybEZaHGV9Cq6bu1mlh7J
WFlGK5jXoebr6rjr4RIXwhnO8HqoZd/JrAYattk6P72XI2pOowuRxoiPy3/4vWfG
/PX9vzC7+wSqbUknFQUYR9QaVB/545qvPPipZlv1SkGKJTjdRNt4db8II4+dulcz
e/9NPy6mBcFBgBtsi+V001N5DTcMVfN+YLk5ULdewHkGkilGGE9BlDG3oNP8fjUL
3oRb/5TOuBwIvzVGPzj3CX6tWC9mXim0+lV9sHLOiEJSqHpYhw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:02 2025 by rpki-client