Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
File: 4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa (raw, json)
Hash identifier: qwE02gis/ugJv6nwtCEQ/RhcLX+bwzy2vnzWG4z+pmA=
Subject key identifier: 37:DE:B6:42:1F:72:FF:95:E3:47:C5:52:0E:20:A2:DC:80:AD:A9:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38178E09A32F6B61681E6B29BB5943EBDE2BAD55
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
Signing time: Mon 01 Sep 2025 20:31:16 +0000
ROA not before: Mon 01 Sep 2025 20:31:16 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:17:8e:09:a3:2f:6b:61:68:1e:6b:29:bb:59:43:eb:de:2b:ad:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:31:16 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=d06e906164aa9d9a5915e499338e4978c1a189024f0ca313ee3a6cf5458393a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b5:d7:9c:29:77:dc:9c:2e:a7:c7:b7:ae:0f:
52:ce:79:36:98:c7:81:c6:20:44:be:07:db:53:27:
12:42:f2:57:02:d0:8f:2c:25:2a:99:21:1c:1a:3f:
1a:08:90:6e:f0:00:40:51:7f:00:b9:51:af:a0:75:
4a:f6:dc:df:96:59:c1:8b:3f:0b:18:c6:97:42:d4:
e6:bf:2e:90:c4:df:14:a8:2f:c9:f9:7d:87:83:b3:
b0:98:04:fc:76:4e:06:df:f2:f9:c9:7c:b8:b7:34:
14:fc:84:51:fd:b8:4a:91:36:83:7e:89:51:5f:b7:
63:8c:7c:24:95:2c:f7:b2:1f:7c:59:7b:ff:f6:d2:
44:53:54:5a:4a:c3:a6:33:d1:79:62:85:99:76:4f:
00:18:63:c8:96:89:99:34:d1:cd:7e:a7:d4:fc:db:
71:36:12:68:a2:eb:a9:ae:da:66:3f:07:70:dc:7a:
84:bf:00:13:b9:4d:79:47:b7:44:af:55:90:12:6a:
da:c4:1d:6d:23:3c:65:f6:ed:34:42:8a:7a:0f:ea:
f3:67:70:fa:c0:da:80:a2:ee:30:07:62:70:0b:30:
f2:d0:ee:d3:a4:60:cb:83:6a:66:1d:f8:62:e2:5e:
bf:aa:b6:18:3e:94:ae:c9:fe:50:a9:d4:34:5e:9d:
26:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:DE:B6:42:1F:72:FF:95:E3:47:C5:52:0E:20:A2:DC:80:AD:A9:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c2cf7b6-3fbb-4d74-886d-21c58b347f58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:8000::/40
Signature Algorithm: sha256WithRSAEncryption
76:a7:c3:eb:28:51:c3:20:e7:80:14:ed:f2:0a:a7:32:cc:18:
76:b2:dc:04:ed:a8:36:bc:69:5f:da:11:1b:06:d6:9f:06:66:
3a:17:92:0e:48:1b:0d:60:3c:9a:00:20:4f:5d:9f:ad:53:f7:
de:18:45:c4:ff:65:8f:9d:1c:e3:4d:38:e3:65:44:a9:fa:20:
26:5f:3b:b7:b4:62:67:e2:86:66:37:03:35:b0:eb:54:b8:ec:
62:f6:7d:ef:5a:5d:4d:8b:db:33:11:a1:75:e9:1d:66:70:de:
a9:b0:3c:73:c1:a7:39:7b:37:80:ad:3f:5c:25:88:4e:f3:f9:
c1:d8:cd:78:87:75:d0:d4:70:1c:f2:39:fb:c6:1f:2e:19:5e:
ad:c4:b2:f9:51:f2:83:e2:b4:30:76:2b:9c:cc:12:14:14:1e:
99:58:3b:7f:17:b1:83:a8:14:96:7e:96:43:4a:c6:9c:c4:ec:
70:03:38:7d:51:87:44:9e:c9:1b:3f:d7:e1:9d:f7:8a:1e:76:
5c:06:41:36:c8:fa:fb:ac:f1:e5:19:d1:05:0d:a6:ef:db:b2:
68:09:98:12:c6:73:18:11:4e:9c:92:f6:88:a3:7b:cd:f9:11:
cf:6b:be:3d:21:b8:b6:2e:d1:99:e2:f1:d0:ca:fa:7b:3e:d5:
4f:79:9b:eb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOBeOCaMva2FoHmspu1lD694rrVUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMxMTZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwNmU5MDYxNjRhYTlkOWE1OTE1ZTQ5OTMzOGU0OTc4YzFhMTg5MDI0ZjBj
YTMxM2VlM2E2Y2Y1NDU4MzkzYTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+115wpd9ycLqfHt64PUs55NpjHgcYgRL4H21MnEkLyVwLQjywlKpkhHBo/
GgiQbvAAQFF/ALlRr6B1Svbc35ZZwYs/CxjGl0LU5r8ukMTfFKgvyfl9h4OzsJgE
/HZOBt/y+cl8uLc0FPyEUf24SpE2g36JUV+3Y4x8JJUs97IffFl7//bSRFNUWkrD
pjPReWKFmXZPABhjyJaJmTTRzX6n1PzbcTYSaKLrqa7aZj8HcNx6hL8AE7lNeUe3
RK9VkBJq2sQdbSM8ZfbtNEKKeg/q82dw+sDagKLuMAdicAsw8tDu06Rgy4NqZh34
YuJev6q2GD6Ursn+UKnUNF6dJskCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ33rZC
H3L/leNHxVIOIKLcgK2pGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGMyY2Y3YjYtM2ZiYi00ZDc0LTg4NmQtMjFjNThiMzQ3ZjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6A
MA0GCSqGSIb3DQEBCwUAA4IBAQB2p8PrKFHDIOeAFO3yCqcyzBh2stwE7ag2vGlf
2hEbBtafBmY6F5IOSBsNYDyaACBPXZ+tU/feGEXE/2WPnRzjTTjjZUSp+iAmXzu3
tGJn4oZmNwM1sOtUuOxi9n3vWl1Ni9szEaF16R1mcN6psDxzwac5ezeArT9cJYhO
8/nB2M14h3XQ1HAc8jn7xh8uGV6txLL5UfKD4rQwdiuczBIUFB6ZWDt/F7GDqBSW
fpZDSsacxOxwAzh9UYdEnskbP9fhnfeKHnZcBkE2yPr7rPHlGdEFDabv27JoCZgS
xnMYEU6ckvaIo3vN+RHPa749Ibi2LtGZ4vHQyvp7PtVPeZvr
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:16:57 2025 by rpki-client