Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/581266ac-af97-4864-a566-36693b593269.roa
File: 581266ac-af97-4864-a566-36693b593269.roa (raw, json)
Hash identifier: hcNWVCySh3gT578lBTFLUJfLatF2NIv2Mx02/poQFF4=
Subject key identifier: A3:19:1F:35:BB:F4:45:A9:C0:18:37:2B:12:C1:8E:23:A8:8D:19:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D7DE3DAC7E2639B0C99421D4C5F8D40B2020286
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/581266ac-af97-4864-a566-36693b593269.roa
Signing time: Mon 01 Sep 2025 20:30:13 +0000
ROA not before: Mon 01 Sep 2025 20:30:13 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:7d:e3:da:c7:e2:63:9b:0c:99:42:1d:4c:5f:8d:40:b2:02:02:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:13 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=25d9fb9ba88953dde89093c7d2ee7739f7871bd4c6cce152673196c9c898f283, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:98:76:86:45:14:0e:d5:c5:12:68:1e:1a:44:
08:24:00:d5:82:bb:7d:6e:3d:c2:58:d7:ca:7a:a9:
d6:c7:b7:bc:1c:99:ea:c4:df:f3:e9:2b:8a:42:ad:
8a:0b:12:0f:73:7e:28:fd:3e:de:2f:d2:50:f0:34:
a9:42:84:79:0a:39:7d:3f:ca:31:2a:7f:6d:52:27:
0e:d4:de:7e:48:a3:c6:3d:54:c3:13:96:08:7c:4a:
3c:32:7f:b0:d5:a3:89:eb:17:d7:99:fb:63:cc:c9:
de:cd:53:73:17:a5:c9:94:24:2a:af:54:63:9c:5d:
d8:6d:9e:51:37:9e:01:a8:4a:89:4d:16:79:70:73:
d6:c9:3c:2d:da:8b:d5:40:51:eb:39:c6:12:6d:09:
0d:17:32:04:d9:50:23:56:4e:4e:8e:7b:f5:3d:2e:
5f:43:a5:72:83:38:ec:a5:82:bf:5d:6a:d4:15:72:
47:30:e7:60:a7:cf:c6:95:de:5a:04:46:25:3d:a8:
f8:a0:99:ac:0b:60:60:52:16:33:70:3c:99:2d:bc:
af:3f:80:9e:03:06:e0:51:ef:d2:0d:9e:59:42:30:
4c:75:53:02:68:31:db:78:e7:5d:c4:34:40:80:d3:
10:f5:d4:72:e2:d2:02:2c:40:1c:3f:98:5b:20:48:
f1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:19:1F:35:BB:F4:45:A9:C0:18:37:2B:12:C1:8E:23:A8:8D:19:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/581266ac-af97-4864-a566-36693b593269.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8000::/40
Signature Algorithm: sha256WithRSAEncryption
69:f1:49:15:d2:7c:8d:cb:9a:4a:28:bf:f8:97:d9:8c:89:fd:
87:73:6d:6e:a9:10:9f:7d:db:b6:91:67:c5:d3:b3:05:5a:1a:
e7:8f:a3:b0:7e:16:90:84:19:c0:af:ff:ad:38:a4:d7:b2:d7:
b7:13:38:f9:1f:ca:e1:f4:ef:40:8f:5c:71:80:62:bf:2e:37:
1a:bd:11:ce:d5:56:99:52:2b:77:95:b3:a9:52:d0:5d:c5:41:
a7:e1:a4:97:e8:7f:10:44:ac:da:7f:b1:bf:c5:d3:2f:b2:a5:
0b:b6:56:d1:cb:e5:85:c3:12:00:9f:5a:2f:41:2f:43:0e:2d:
85:85:59:9b:25:5d:76:50:a9:e0:52:32:20:77:4d:24:1b:dd:
e7:c7:f8:3b:d0:a5:a8:9c:a6:88:e7:5a:7a:b0:ea:b4:39:48:
63:a5:4c:af:d2:e6:6f:8c:fd:04:ed:93:8e:85:41:a8:a2:b2:
ef:7c:a1:79:4e:36:4f:c0:1f:16:42:41:ed:d4:e5:02:70:da:
ae:12:5b:46:7c:5b:79:93:bd:ad:1a:b1:09:71:84:79:d4:bd:
f7:f1:86:34:9d:66:34:c9:91:4a:5d:d1:9c:48:1d:2a:83:4b:
7c:db:aa:e2:61:86:66:3f:0d:4e:eb:25:fd:1c:48:23:db:1b:
16:5e:4a:10
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHX3j2sfiY5sMmUIdTF+NQLICAoYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwMTNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1ZDlmYjliYTg4OTUzZGRlODkwOTNjN2QyZWU3NzM5Zjc4NzFiZDRjNmNj
ZTE1MjY3MzE5NmM5Yzg5OGYyODMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJeYdoZFFA7VxRJoHhpECCQA1YK7fW49wljXynqp1se3vByZ6sTf8+krikKt
igsSD3N+KP0+3i/SUPA0qUKEeQo5fT/KMSp/bVInDtTefkijxj1UwxOWCHxKPDJ/
sNWjiesX15n7Y8zJ3s1TcxelyZQkKq9UY5xd2G2eUTeeAahKiU0WeXBz1sk8LdqL
1UBR6znGEm0JDRcyBNlQI1ZOTo579T0uX0OlcoM47KWCv11q1BVyRzDnYKfPxpXe
WgRGJT2o+KCZrAtgYFIWM3A8mS28rz+AngMG4FHv0g2eWUIwTHVTAmgx23jnXcQ0
QIDTEPXUcuLSAixAHD+YWyBI8ScCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSjGR81
u/RFqcAYNysSwY4jqI0ZrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTgxMjY2YWMtYWY5Ny00ODY0LWE1NjYtMzY2OTNiNTkzMjY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+A
MA0GCSqGSIb3DQEBCwUAA4IBAQBp8UkV0nyNy5pKKL/4l9mMif2Hc21uqRCffdu2
kWfF07MFWhrnj6OwfhaQhBnAr/+tOKTXste3Ezj5H8rh9O9Aj1xxgGK/LjcavRHO
1VaZUit3lbOpUtBdxUGn4aSX6H8QRKzaf7G/xdMvsqULtlbRy+WFwxIAn1ovQS9D
Di2FhVmbJV12UKngUjIgd00kG93nx/g70KWonKaI51p6sOq0OUhjpUyv0uZvjP0E
7ZOOhUGoorLvfKF5TjZPwB8WQkHt1OUCcNquEltGfFt5k72tGrEJcYR51L338YY0
nWY0yZFKXdGcSB0qg0t826riYYZmPw1O6yX9HEgj2xsWXkoQ
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:48 2025 by rpki-client