Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
File: 575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa (raw, json)
Hash identifier: BE62QHtgDIUq38dsQE6VhT9NutmveMrvxWpMxqOg7T0=
Subject key identifier: 8C:CF:E8:2A:FE:37:B4:77:38:CA:D9:68:A5:E3:F8:7F:BA:0E:A3:FD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 70694D09B8128A254BD58C517FC56834D1D6511B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
Signing time: Mon 01 Sep 2025 20:40:10 +0000
ROA not before: Mon 01 Sep 2025 20:40:10 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:69:4d:09:b8:12:8a:25:4b:d5:8c:51:7f:c5:68:34:d1:d6:51:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:40:10 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=3890d11c0be2a0624716e0154a960c1a95af2351205c934e0de2480813f32850, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:52:00:dc:f8:63:00:f4:02:98:36:92:b5:65:
a5:41:82:4f:f6:fe:12:a8:c8:61:d3:e9:d5:06:31:
0e:c0:3b:12:bf:cb:7d:9d:29:56:72:e7:81:48:46:
fb:44:3a:80:8f:d7:57:ee:96:e7:55:1c:ab:89:ba:
29:9f:4b:8c:27:2c:16:ff:39:2f:5f:d4:48:ee:5a:
2a:c2:00:43:cb:fc:60:ca:54:75:9c:8f:62:a9:d6:
55:14:8f:89:16:5d:26:cd:43:c9:8d:ee:91:ec:93:
24:cc:03:9e:0f:fb:ab:fd:9a:f8:72:38:76:92:c7:
f4:09:d4:e3:18:45:e5:c3:98:bb:9e:ad:32:5b:fc:
5b:fb:8f:49:b2:68:66:15:b8:70:4a:96:7e:78:c3:
09:b1:46:32:78:d4:c5:1b:8a:4d:0e:68:26:3e:98:
bd:41:9c:ce:06:c9:f4:f4:aa:73:d6:ab:6e:25:12:
3b:a0:ce:ba:54:8a:eb:5e:29:c9:8c:a3:a0:4c:7c:
c9:b6:cd:eb:94:f3:1f:c0:cf:3f:95:a6:6d:03:bd:
82:89:8a:fb:c7:4b:b5:69:9d:cd:d4:17:d1:d1:14:
89:5c:7f:ff:53:a4:b3:9f:4d:be:a4:df:c5:aa:01:
40:cc:c1:ec:69:75:63:f1:3a:ae:37:e4:8f:5c:a0:
35:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:CF:E8:2A:FE:37:B4:77:38:CA:D9:68:A5:E3:F8:7F:BA:0E:A3:FD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/575e30c8-2ea5-4e97-872b-6af0b3e8318e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:4000::/40
Signature Algorithm: sha256WithRSAEncryption
30:3e:85:3c:91:d9:87:4b:4c:3d:fc:38:85:13:94:74:1f:e2:
02:a1:ed:19:e7:7e:8a:12:78:77:07:c8:8d:0e:bb:a0:c1:ad:
90:cb:bd:0e:04:b9:92:3e:a2:65:99:aa:ca:63:94:7a:bf:8c:
cf:00:88:de:b6:72:9f:96:1e:79:42:1c:2a:10:4b:2d:e9:ce:
cc:d4:93:5f:ac:e9:ff:80:fd:3e:e4:54:f9:cd:3a:a7:b0:61:
1e:95:a9:b8:cc:14:06:69:2f:be:e3:22:7f:54:e7:17:f1:51:
5d:d3:3f:38:86:51:9b:9b:b4:24:69:0e:24:dc:b1:a6:95:9a:
45:5f:f1:48:e7:4a:6b:22:85:b7:69:ae:12:93:49:ab:06:5f:
a8:fc:45:e0:21:35:4d:fa:6e:d0:6c:74:f0:4f:34:c5:ae:9e:
ce:11:9d:a0:63:a3:8d:5f:a2:5c:19:ff:df:22:32:4d:9f:33:
d3:3e:7e:22:76:d6:b0:80:d2:c6:d0:81:a3:40:1f:8e:ed:fe:
90:28:67:90:5d:f4:19:67:46:d1:72:d1:85:63:bf:89:46:b1:
21:d0:81:62:ba:03:6a:b5:95:5c:ce:0d:50:9b:ac:e4:b7:c3:
c3:2f:44:87:29:93:eb:cb:17:ae:53:70:15:52:12:65:35:d5:
b3:f1:58:ed
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcGlNCbgSiiVL1YxRf8VoNNHWURswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQwMTBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4OTBkMTFjMGJlMmEwNjI0NzE2ZTAxNTRhOTYwYzFhOTVhZjIzNTEyMDVj
OTM0ZTBkZTI0ODA4MTNmMzI4NTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFSANz4YwD0Apg2krVlpUGCT/b+EqjIYdPp1QYxDsA7Er/LfZ0pVnLngUhG
+0Q6gI/XV+6W51Ucq4m6KZ9LjCcsFv85L1/USO5aKsIAQ8v8YMpUdZyPYqnWVRSP
iRZdJs1DyY3ukeyTJMwDng/7q/2a+HI4dpLH9AnU4xhF5cOYu56tMlv8W/uPSbJo
ZhW4cEqWfnjDCbFGMnjUxRuKTQ5oJj6YvUGczgbJ9PSqc9arbiUSO6DOulSK614p
yYyjoEx8ybbN65TzH8DPP5WmbQO9gomK+8dLtWmdzdQX0dEUiVx//1Oks59NvqTf
xaoBQMzB7Gl1Y/E6rjfkj1ygNesCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSMz+gq
/je0dzjK2Wil4/h/ug6j/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTc1ZTMwYzgtMmVhNS00ZTk3LTg3MmItNmFmMGIzZTgzMThlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZA
MA0GCSqGSIb3DQEBCwUAA4IBAQAwPoU8kdmHS0w9/DiFE5R0H+ICoe0Z536KEnh3
B8iNDrugwa2Qy70OBLmSPqJlmarKY5R6v4zPAIjetnKflh55QhwqEEst6c7M1JNf
rOn/gP0+5FT5zTqnsGEelam4zBQGaS++4yJ/VOcX8VFd0z84hlGbm7QkaQ4k3LGm
lZpFX/FI50prIoW3aa4Sk0mrBl+o/EXgITVN+m7QbHTwTzTFrp7OEZ2gY6ONX6Jc
Gf/fIjJNnzPTPn4idtawgNLG0IGjQB+O7f6QKGeQXfQZZ0bRctGFY7+JRrEh0IFi
ugNqtZVczg1Qm6zkt8PDL0SHKZPryxeuU3AVUhJlNdWz8Vjt
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:36 2025 by rpki-client