Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
File: 492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa (raw, json)
Hash identifier: DqWeyRAXAQsb+b0XAbXfI9JMteV5ElWBcnnf+rAnHgk=
Subject key identifier: FB:DC:2C:38:72:55:8B:21:A3:88:8D:9E:76:3C:FD:53:83:CD:70:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47710F573CCFB2362EC6999D32EA4F3663C8D130
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
Signing time: Mon 01 Sep 2025 20:50:55 +0000
ROA not before: Mon 01 Sep 2025 20:50:55 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:71:0f:57:3c:cf:b2:36:2e:c6:99:9d:32:ea:4f:36:63:c8:d1:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:50:55 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=7888717c5311513fb93532c84dc056b41b47dd1dd390267f79c5f8f86a0a4a8a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:05:78:ca:36:bf:8d:e8:f9:a4:b3:66:82:93:
ea:ef:ce:e4:07:32:bb:69:64:33:1b:cb:a1:f8:ce:
e8:00:e3:0f:28:7f:5b:41:d2:80:9b:39:70:5f:8d:
15:90:9d:57:33:d2:34:5c:d8:6c:bc:58:00:a0:b7:
83:df:73:67:fb:f7:65:42:81:6a:6c:5a:84:4d:bc:
96:a5:a8:97:df:65:d0:a4:be:e2:fe:ab:39:fc:96:
f9:03:62:a9:ff:78:2c:17:5c:8f:ef:f9:5b:ee:f6:
44:33:83:14:20:10:9f:97:ab:44:e6:8e:3c:51:c3:
25:c5:02:19:4d:46:6f:55:08:00:e9:de:ba:ca:c9:
01:16:84:ff:b1:15:3a:a8:f7:04:ce:74:49:49:b0:
f7:c7:b6:43:8d:54:a1:53:a6:e3:c5:67:cd:f8:57:
34:b2:ed:26:c2:f0:ba:9a:86:44:42:71:0c:3d:7e:
8b:08:ed:49:8b:75:36:e3:d5:56:52:ff:ba:1f:72:
10:78:9f:a7:55:6c:9c:ca:35:9b:39:c4:95:94:76:
25:53:3f:92:18:25:ff:32:7f:4c:30:aa:7f:de:94:
56:26:f7:2c:b0:79:45:5b:c5:a9:4c:5c:ce:c1:db:
24:09:99:42:af:8f:b4:92:29:6d:bb:11:01:4d:1d:
14:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:DC:2C:38:72:55:8B:21:A3:88:8D:9E:76:3C:FD:53:83:CD:70:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:4000::/40
Signature Algorithm: sha256WithRSAEncryption
90:32:e3:af:73:0b:1a:14:bf:d4:64:18:da:f7:20:e1:2a:72:
f7:e8:24:80:b6:d1:34:77:63:ba:74:d6:14:78:92:0e:93:7f:
f3:8b:15:df:38:9b:9e:25:7f:80:3f:a6:9a:0a:68:21:4a:96:
cb:61:13:a8:cd:f3:22:32:25:7c:bd:62:44:f8:88:b0:ea:d2:
3b:d7:79:39:e2:c5:4f:6b:c0:ed:63:17:e9:52:ec:47:7c:73:
ae:3f:99:58:b4:26:57:99:ba:c0:94:73:41:6d:88:af:b9:b5:
69:f2:a4:17:11:93:61:e6:49:e6:05:f5:27:74:56:f1:35:60:
f7:13:df:ae:eb:6f:b4:9b:84:58:59:c1:e6:6c:61:46:13:1c:
08:4c:49:6c:7f:a0:45:f4:75:c8:df:bb:cf:20:7b:c1:34:be:
c2:16:f2:f8:1b:27:16:93:07:c1:b5:78:a9:d9:f7:85:0d:81:
51:4c:d0:98:b6:cb:6f:d6:d4:f5:72:22:4a:b1:12:fe:c8:85:
29:d9:d3:10:2d:79:c2:8a:37:e4:6f:c3:80:a3:af:2c:1b:0e:
52:68:5d:3d:82:e9:ca:a1:19:c1:c2:7a:23:39:e4:3f:0e:27:
9f:26:21:c0:b0:31:90:5c:74:70:47:a6:57:51:a9:26:8a:0c:
96:c6:e7:24
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR3EPVzzPsjYuxpmdMupPNmPI0TAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUwNTVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4ODg3MTdjNTMxMTUxM2ZiOTM1MzJjODRkYzA1NmI0MWI0N2RkMWRkMzkw
MjY3Zjc5YzVmOGY4NmEwYTRhOGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOIFeMo2v43o+aSzZoKT6u/O5Acyu2lkMxvLofjO6ADjDyh/W0HSgJs5cF+N
FZCdVzPSNFzYbLxYAKC3g99zZ/v3ZUKBamxahE28lqWol99l0KS+4v6rOfyW+QNi
qf94LBdcj+/5W+72RDODFCAQn5erROaOPFHDJcUCGU1Gb1UIAOneusrJARaE/7EV
Oqj3BM50SUmw98e2Q41UoVOm48VnzfhXNLLtJsLwupqGREJxDD1+iwjtSYt1NuPV
VlL/uh9yEHifp1VsnMo1mznElZR2JVM/khgl/zJ/TDCqf96UVib3LLB5RVvFqUxc
zsHbJAmZQq+PtJIpbbsRAU0dFD8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT73Cw4
clWLIaOIjZ52PP1Tg81wuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkyZWQ4Y2EtZWZhNC00MDQxLWFjOGQtYjBhNzhlZjA1MzA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1A
MA0GCSqGSIb3DQEBCwUAA4IBAQCQMuOvcwsaFL/UZBja9yDhKnL36CSAttE0d2O6
dNYUeJIOk3/zixXfOJueJX+AP6aaCmghSpbLYROozfMiMiV8vWJE+Iiw6tI713k5
4sVPa8DtYxfpUuxHfHOuP5lYtCZXmbrAlHNBbYivubVp8qQXEZNh5knmBfUndFbx
NWD3E9+u62+0m4RYWcHmbGFGExwITElsf6BF9HXI37vPIHvBNL7CFvL4GycWkwfB
tXip2feFDYFRTNCYtstv1tT1ciJKsRL+yIUp2dMQLXnCijfkb8OAo68sGw5SaF09
gunKoRnBwnojOeQ/DiefJiHAsDGQXHRwR6ZXUakmigyWxuck
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:10:23 2025 by rpki-client