Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
File: 543bc67d-08f9-4a99-bf5e-68100e034395.roa (raw, json)
Hash identifier: 7oNEbbd00DfEOxMnbKfXlhYBuWnVWsoPEgtQfCS38ng=
Subject key identifier: 11:CA:28:71:2B:FE:BC:ED:36:79:62:13:DD:CC:04:2C:A4:BC:65:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 754446D9748B82FCA2144F75DF808E7919D060B2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
Signing time: Mon 01 Sep 2025 20:11:26 +0000
ROA not before: Mon 01 Sep 2025 20:11:26 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:44:46:d9:74:8b:82:fc:a2:14:4f:75:df:80:8e:79:19:d0:60:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:11:26 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=141b807a7e552b7b38ba0d71a7a19c92e7d4e1527c9bf45dc91ec7a341e2e2ad, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:dd:61:72:1f:e6:b7:60:0c:65:a5:f3:dd:35:
71:ae:96:f2:d3:3a:28:26:56:c1:9e:e2:25:d6:a3:
36:b1:67:ce:da:6e:0a:8d:bb:b5:fd:15:41:f2:5b:
9d:42:4a:18:2d:e0:3a:4c:da:64:87:08:08:4f:73:
23:ef:a1:70:de:dc:88:b0:81:1e:19:3d:5b:5f:a1:
93:ec:27:fd:0b:25:4b:b3:8f:8f:73:39:75:93:b9:
e0:8c:8f:e8:d4:23:97:77:0c:64:68:81:0a:f0:2e:
0f:34:5a:fd:8c:0b:0b:87:58:8d:89:49:49:49:a1:
c4:66:3f:3a:f9:17:f4:3e:be:31:fb:15:52:46:04:
39:c1:57:88:63:ce:15:f9:15:e1:d6:44:21:f9:58:
59:08:a7:7f:5f:6b:97:ff:51:a2:b6:fb:0d:35:df:
46:1b:0a:d7:e9:d2:3b:fb:8f:a7:c7:d2:73:c9:cd:
48:3c:05:bc:f0:56:29:d4:1a:31:ab:0a:e6:40:8d:
ea:5d:b6:a9:bd:52:82:3c:d0:9e:03:c0:6e:3c:ab:
a8:5d:45:1b:23:1f:ea:bf:5e:6d:19:00:25:9d:f0:
9c:99:c2:df:e1:29:8d:86:b9:32:41:5b:4d:62:a9:
14:ef:65:36:7e:4f:2a:8c:d8:74:66:17:be:79:63:
33:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:CA:28:71:2B:FE:BC:ED:36:79:62:13:DD:CC:04:2C:A4:BC:65:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4080::/48
Signature Algorithm: sha256WithRSAEncryption
10:cb:b4:51:42:7b:0e:ef:ce:c2:0a:25:a9:46:e0:29:31:51:
79:44:21:a7:39:77:04:30:ee:46:90:82:7e:3a:c9:25:da:32:
2e:ef:3b:4c:68:70:fa:54:18:8d:09:da:64:a9:18:f9:31:61:
54:84:17:9b:20:ec:16:5a:73:a9:c1:ab:a4:33:de:b7:e7:35:
63:c1:ae:50:e0:e6:5f:74:53:9c:c4:cb:db:93:4e:13:c7:8e:
e3:17:8c:1f:8d:e7:d5:8a:1b:b7:74:24:80:ef:45:98:38:13:
44:1b:bc:f2:69:ca:fe:71:2c:82:c0:96:17:e8:4c:b1:04:9a:
3b:d0:53:80:75:aa:1a:da:da:4e:e4:de:db:23:7b:77:c2:2d:
33:d6:b8:6b:38:a5:45:a4:e6:59:b2:db:67:7c:b6:6d:86:ae:
a4:60:9e:ac:d4:27:83:40:2f:db:3d:23:dc:eb:01:4b:35:90:
d2:40:6c:d5:04:c1:d9:18:1b:3d:4e:94:e4:5f:c6:f9:34:f8:
b2:40:68:23:ad:88:d1:a0:94:eb:69:ab:41:19:38:e2:95:c9:
fd:4e:90:2d:b1:be:e8:50:a3:65:f7:94:30:15:de:ad:98:69:
0f:36:82:d3:1e:d8:a5:73:4f:47:e8:c1:ab:df:26:2a:5b:4a:
25:8f:eb:ba
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdURG2XSLgvyiFE9134COeRnQYLIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDExMjZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0MWI4MDdhN2U1NTJiN2IzOGJhMGQ3MWE3YTE5YzkyZTdkNGUxNTI3Yzli
ZjQ1ZGM5MWVjN2EzNDFlMmUyYWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO3dYXIf5rdgDGWl8901ca6W8tM6KCZWwZ7iJdajNrFnztpuCo27tf0VQfJb
nUJKGC3gOkzaZIcICE9zI++hcN7ciLCBHhk9W1+hk+wn/QslS7OPj3M5dZO54IyP
6NQjl3cMZGiBCvAuDzRa/YwLC4dYjYlJSUmhxGY/OvkX9D6+MfsVUkYEOcFXiGPO
FfkV4dZEIflYWQinf19rl/9Rorb7DTXfRhsK1+nSO/uPp8fSc8nNSDwFvPBWKdQa
MasK5kCN6l22qb1SgjzQngPAbjyrqF1FGyMf6r9ebRkAJZ3wnJnC3+EpjYa5MkFb
TWKpFO9lNn5PKozYdGYXvnljM60CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQRyihx
K/687TZ5YhPdzAQspLxlGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQzYmM2N2QtMDhmOS00YTk5LWJmNWUtNjgxMDBlMDM0Mzk1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
gDANBgkqhkiG9w0BAQsFAAOCAQEAEMu0UUJ7Du/OwgolqUbgKTFReUQhpzl3BDDu
RpCCfjrJJdoyLu87TGhw+lQYjQnaZKkY+TFhVIQXmyDsFlpzqcGrpDPet+c1Y8Gu
UODmX3RTnMTL25NOE8eO4xeMH43n1Yobt3QkgO9FmDgTRBu88mnK/nEsgsCWF+hM
sQSaO9BTgHWqGtraTuTe2yN7d8ItM9a4azilRaTmWbLbZ3y2bYaupGCerNQng0Av
2z0j3OsBSzWQ0kBs1QTB2RgbPU6U5F/G+TT4skBoI62I0aCU62mrQRk44pXJ/U6Q
LbG+6FCjZfeUMBXerZhpDzaC0x7YpXNPR+jBq98mKltKJY/rug==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:07 2025 by rpki-client