Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
File: 4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa (raw, json)
Hash identifier: w4vBNLoAMQ938QH6b76P7o2XgHIfBMAmKRD3QzuLDe0=
Subject key identifier: F8:C3:15:8A:12:B7:10:4C:F1:14:14:54:67:B6:9A:51:86:BE:E1:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2E3D83E92118B6BC388CA3A56408BD89DCA1A720
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
Signing time: Mon 01 Sep 2025 21:11:21 +0000
ROA not before: Mon 01 Sep 2025 21:11:21 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:3d:83:e9:21:18:b6:bc:38:8c:a3:a5:64:08:bd:89:dc:a1:a7:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:11:21 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=ed2872483a4f63e1c6b627a4f34b56ad51b62d9a410c06707a81556477284111, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:33:61:6b:59:5c:17:03:10:fa:5d:11:8a:02:
eb:31:77:fa:b4:e0:a6:2f:d6:b7:b7:9d:8f:0a:9e:
53:26:10:fb:e4:aa:6f:90:d3:bf:5c:b6:1d:33:ae:
d4:0a:9b:73:bc:57:1a:35:09:e5:74:60:2a:70:62:
70:37:9a:c3:f1:ca:7e:c4:0f:fb:85:a9:78:ab:30:
16:f2:88:2c:4d:03:29:64:9e:33:0f:d2:a4:de:f0:
7e:9a:70:63:98:ca:f8:12:4d:4c:64:78:71:15:5b:
81:93:8f:2b:d4:39:22:24:ac:10:07:a0:28:ed:de:
bb:f5:6b:fd:5e:4e:7d:38:9f:c9:ed:32:2a:6a:ce:
05:be:83:41:cf:aa:96:3e:b8:6f:c3:74:63:8f:a6:
78:40:2a:88:c3:ab:f2:17:5d:4b:8a:95:2f:95:19:
99:9c:d8:be:7e:99:23:ff:74:20:68:18:4e:88:54:
c7:53:aa:50:ba:52:90:24:80:ca:d0:b8:87:22:5b:
e9:95:a2:34:4e:5c:8e:16:8e:18:8f:2b:78:f1:e5:
e7:80:a1:22:64:a8:db:fc:1c:10:af:c9:48:6b:14:
ad:10:5f:20:2a:5d:ae:26:5e:68:c8:52:40:bc:5d:
6b:b7:0b:44:f2:89:93:44:46:18:d1:ab:e1:17:28:
6b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:C3:15:8A:12:B7:10:4C:F1:14:14:54:67:B6:9A:51:86:BE:E1:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a077699-48cb-42a1-9f1b-1e7c9a3ae808.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:400::/38
Signature Algorithm: sha256WithRSAEncryption
19:78:4c:23:da:72:a9:ac:09:39:7d:c7:ff:02:1d:09:7a:e2:
90:39:86:77:ea:b5:e2:76:a0:d4:ff:79:31:b8:8b:73:b4:18:
0f:b9:fb:de:f1:44:d8:f1:25:aa:2e:bf:14:d9:41:2b:e0:3e:
dc:ee:ec:a1:51:c7:b5:21:8d:c0:87:8a:66:eb:bc:da:88:0b:
62:5b:4f:e7:3e:a2:18:bc:20:04:f2:f1:0b:90:14:36:13:2f:
14:6c:46:f6:fd:55:92:16:9c:32:65:8a:ef:05:bc:8d:b7:94:
79:50:8c:20:16:e0:42:0d:71:ac:d8:a6:e1:d2:68:2d:47:da:
15:f0:99:4f:74:64:d3:e5:da:6f:a2:6c:9b:cd:1b:34:49:6a:
67:da:29:4a:de:48:18:b4:27:ab:09:a4:8f:da:ff:6b:a5:21:
38:5c:42:35:fd:e4:91:20:08:85:24:00:5f:6f:8c:6e:33:0a:
92:a6:48:67:30:a2:d7:a7:c4:9c:c5:dd:90:2e:2b:85:79:a6:
b0:e0:b6:55:f1:4a:9b:93:01:ba:62:59:13:20:85:fd:b5:20:
57:e5:71:36:6f:2e:ee:49:72:98:8f:0d:98:a8:d7:59:95:d3:
29:96:60:9d:92:c1:19:fd:62:1e:bd:36:5d:65:41:d4:04:cc:
fc:fc:5e:8b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULj2D6SEYtrw4jKOlZAi9idyhpyAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTExMjFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkMjg3MjQ4M2E0ZjYzZTFjNmI2MjdhNGYzNGI1NmFkNTFiNjJkOWE0MTBj
MDY3MDdhODE1NTY0NzcyODQxMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkzYWtZXBcDEPpdEYoC6zF3+rTgpi/Wt7edjwqeUyYQ++Sqb5DTv1y2HTOu
1Aqbc7xXGjUJ5XRgKnBicDeaw/HKfsQP+4WpeKswFvKILE0DKWSeMw/SpN7wfppw
Y5jK+BJNTGR4cRVbgZOPK9Q5IiSsEAegKO3eu/Vr/V5OfTifye0yKmrOBb6DQc+q
lj64b8N0Y4+meEAqiMOr8hddS4qVL5UZmZzYvn6ZI/90IGgYTohUx1OqULpSkCSA
ytC4hyJb6ZWiNE5cjhaOGI8rePHl54ChImSo2/wcEK/JSGsUrRBfICpdriZeaMhS
QLxda7cLRPKJk0RGGNGr4RcoaxkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT4wxWK
ErcQTPEUFFRntppRhr7hijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGEwNzc2OTktNDhjYi00MmExLTlmMWItMWU3YzlhM2FlODA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQE
MA0GCSqGSIb3DQEBCwUAA4IBAQAZeEwj2nKprAk5fcf/Ah0JeuKQOYZ36rXidqDU
/3kxuItztBgPufve8UTY8SWqLr8U2UEr4D7c7uyhUce1IY3Ah4pm67zaiAtiW0/n
PqIYvCAE8vELkBQ2Ey8UbEb2/VWSFpwyZYrvBbyNt5R5UIwgFuBCDXGs2Kbh0mgt
R9oV8JlPdGTT5dpvomybzRs0SWpn2ilK3kgYtCerCaSP2v9rpSE4XEI1/eSRIAiF
JABfb4xuMwqSpkhnMKLXp8Scxd2QLiuFeaaw4LZV8UqbkwG6YlkTIIX9tSBX5XE2
by7uSXKYjw2YqNdZldMplmCdksEZ/WIevTZdZUHUBMz8/F6L
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:08 2025 by rpki-client