Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa
File: 51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa (raw, json)
Hash identifier: QJFqJqRj1QmUt/nm088zFtqJ3ZyV6CdWDOqJbve0UZA=
Subject key identifier: 28:3E:C1:40:79:D0:2D:58:0C:18:6E:14:F7:2F:3D:55:C0:4D:EA:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4A8785978DB48CBF6BF1D117F05F7D16A4812277
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa
Signing time: Mon 01 Sep 2025 20:20:54 +0000
ROA not before: Mon 01 Sep 2025 20:20:54 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:80d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:87:85:97:8d:b4:8c:bf:6b:f1:d1:17:f0:5f:7d:16:a4:81:22:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:20:54 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=c939a7dead6fced4ce6b9e116fe19577f505bcf9753a2c4ea255a27d293133be, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c1:c8:83:78:66:08:a4:73:ad:a5:09:7f:d9:
77:8a:83:cc:1f:b8:1a:0c:e5:ac:a1:77:9f:2f:65:
c4:58:2c:fb:56:03:35:42:8f:c9:6f:ac:d8:d5:8f:
07:4b:40:a0:59:71:bf:d4:e7:9b:e5:0f:92:25:8c:
a6:0f:5d:8e:7b:66:1d:e7:50:c7:13:9b:de:91:1c:
1d:d5:2f:a0:91:62:df:e0:67:22:a5:bc:f0:20:e9:
b0:85:1f:53:0c:d0:40:81:c3:9f:79:04:10:46:88:
65:9b:cb:6a:53:1c:b6:09:3b:8f:f8:29:59:35:85:
7a:65:43:f8:05:3f:f6:56:b5:40:77:9d:41:48:9c:
f9:7a:3a:bd:5f:3e:11:93:44:83:a5:8f:9b:96:2e:
5b:a7:3f:8f:3c:ec:bc:2e:a5:cc:47:55:5b:d5:75:
cf:a3:8e:94:51:8e:02:ae:c0:e4:a5:d3:4f:fc:88:
c2:3b:8c:76:ca:c6:f4:b3:56:08:ad:ae:72:64:6f:
72:54:8b:9d:9f:d5:86:e6:36:f6:00:e2:e2:9d:b6:
3a:d1:2b:bc:a6:f0:d6:b4:4c:89:f4:c4:53:9e:cf:
15:d9:9d:6e:4d:42:fb:19:ff:50:25:f1:b4:2c:1b:
1c:dc:1e:51:58:7f:11:a4:b0:8f:5b:fd:a5:86:63:
ff:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:3E:C1:40:79:D0:2D:58:0C:18:6E:14:F7:2F:3D:55:C0:4D:EA:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/51a1ea71-75af-4bc7-8c05-1b2e3a562792.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:80d0::/48
Signature Algorithm: sha256WithRSAEncryption
be:44:22:8c:c8:d0:38:6d:a1:52:68:1f:f7:ac:d4:ed:e1:04:
63:a0:de:15:b3:09:4e:45:3d:ad:5e:8d:26:1e:2f:ce:9f:4e:
33:22:5c:93:3a:ee:54:89:01:21:2f:16:5d:b3:64:67:3b:eb:
7b:05:a4:6d:f6:db:23:ad:fe:3c:63:28:fa:63:e1:48:07:aa:
da:4b:78:0f:82:6d:9b:b7:8f:9c:4e:e5:8e:53:fb:a5:cb:80:
2e:db:8f:00:45:d2:c6:61:42:49:2a:fd:b8:95:7e:a5:9a:d1:
19:94:27:02:8e:02:68:22:c1:78:51:71:89:d2:5f:87:c4:78:
77:e4:57:a5:17:8c:d6:8c:20:f4:bf:05:0a:8d:31:c7:9f:af:
ee:7e:8b:07:dc:7e:c6:e1:30:3c:f4:71:5a:fe:87:fb:ca:d9:
f1:f5:78:f7:9d:60:e1:ab:86:7e:d3:12:a5:21:92:bd:a8:29:
16:b0:ab:99:1b:79:7c:af:c5:22:f2:b5:57:34:96:51:1d:24:
49:6a:71:12:31:c6:dd:76:96:f3:e6:7b:8e:12:64:d0:94:4e:
3f:f2:e7:55:92:56:0e:13:64:e6:a2:d6:c5:fc:06:0d:e6:ce:
6d:80:6b:25:13:19:95:ec:ca:2c:e9:a4:1e:57:5c:6e:32:bc:
20:06:b6:37
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSoeFl420jL9r8dEX8F99FqSBIncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIwNTRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5MzlhN2RlYWQ2ZmNlZDRjZTZiOWUxMTZmZTE5NTc3ZjUwNWJjZjk3NTNh
MmM0ZWEyNTVhMjdkMjkzMTMzYmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzByIN4Zgikc62lCX/Zd4qDzB+4GgzlrKF3ny9lxFgs+1YDNUKPyW+s2NWP
B0tAoFlxv9Tnm+UPkiWMpg9djntmHedQxxOb3pEcHdUvoJFi3+BnIqW88CDpsIUf
UwzQQIHDn3kEEEaIZZvLalMctgk7j/gpWTWFemVD+AU/9la1QHedQUic+Xo6vV8+
EZNEg6WPm5YuW6c/jzzsvC6lzEdVW9V1z6OOlFGOAq7A5KXTT/yIwjuMdsrG9LNW
CK2ucmRvclSLnZ/VhuY29gDi4p22OtErvKbw1rRMifTEU57PFdmdbk1C+xn/UCXx
tCwbHNweUVh/EaSwj1v9pYZj/08CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQoPsFA
edAtWAwYbhT3Lz1VwE3qTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTFhMWVhNzEtNzVhZi00YmM3LThjMDUtMWIyZTNhNTYyNzkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
0DANBgkqhkiG9w0BAQsFAAOCAQEAvkQijMjQOG2hUmgf96zU7eEEY6DeFbMJTkU9
rV6NJh4vzp9OMyJckzruVIkBIS8WXbNkZzvrewWkbfbbI63+PGMo+mPhSAeq2kt4
D4Jtm7ePnE7ljlP7pcuALtuPAEXSxmFCSSr9uJV+pZrRGZQnAo4CaCLBeFFxidJf
h8R4d+RXpReM1owg9L8FCo0xx5+v7n6LB9x+xuEwPPRxWv6H+8rZ8fV4951g4auG
ftMSpSGSvagpFrCrmRt5fK/FIvK1VzSWUR0kSWpxEjHG3XaW8+Z7jhJk0JROP/Ln
VZJWDhNk5qLWxfwGDebObYBrJRMZlezKLOmkHldcbjK8IAa2Nw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:07 2025 by rpki-client