Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5836d090-8999-43ab-a38c-f63a0e829c0b.roa
File: 5836d090-8999-43ab-a38c-f63a0e829c0b.roa (raw, json)
Hash identifier: gxuV1wpAUJU9gHsz9svzdF5665qJ69in5+ld1YKb3V8=
Subject key identifier: E6:E9:E2:F1:3D:E2:DF:74:AC:25:FD:53:B8:0D:79:3C:24:2C:3A:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59FD1D0FF2027A8513681C101E8B292B7F8801CE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5836d090-8999-43ab-a38c-f63a0e829c0b.roa
Signing time: Mon 01 Sep 2025 19:51:30 +0000
ROA not before: Mon 01 Sep 2025 19:51:30 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:fd:1d:0f:f2:02:7a:85:13:68:1c:10:1e:8b:29:2b:7f:88:01:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:51:30 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=9823fe1aedb14b21318057e54669668cc7b52c9ed05d4ac4de5f3a3642afc8a8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b5:67:4f:7c:1d:ef:8c:de:1e:bf:c0:03:7d:
11:73:44:02:c3:63:85:7c:7c:97:bc:e6:c9:5f:a8:
f2:8d:69:12:a3:7a:94:18:87:b4:13:63:ab:60:75:
53:e3:9f:26:5c:af:b3:ae:8d:24:0c:a5:b0:b7:6b:
4e:f3:ed:10:9e:07:ff:cd:6d:99:6e:59:e4:8f:e9:
35:c9:64:c3:03:cc:ab:c1:89:d7:af:30:b6:2f:d6:
f7:9a:80:71:22:82:e7:ce:8c:fe:30:0d:95:21:81:
03:00:37:98:9a:ad:9a:5c:79:8b:1f:36:00:ae:d4:
e7:fc:78:cb:c9:1c:6a:31:f1:e7:e5:52:91:11:de:
f9:d0:b2:17:39:af:26:06:3d:97:a2:2e:9a:4f:e6:
cf:05:35:10:fa:ec:da:bc:c5:bf:c8:d2:76:61:82:
66:d0:a1:45:7b:58:45:03:4b:f2:64:63:08:e3:db:
df:dd:d8:ac:93:04:c3:58:5c:a6:aa:ff:b7:54:84:
d9:f3:97:59:84:c7:1a:30:d7:22:46:6f:f9:17:83:
4d:9f:72:6a:a5:ad:33:88:3d:0e:db:97:7b:d8:1e:
2f:bf:a1:dc:86:92:73:5d:4d:64:e0:50:a7:94:26:
57:ad:7c:cb:f3:59:10:f7:15:b7:6b:62:44:87:1a:
af:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:E9:E2:F1:3D:E2:DF:74:AC:25:FD:53:B8:0D:79:3C:24:2C:3A:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5836d090-8999-43ab-a38c-f63a0e829c0b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:5000::/40
Signature Algorithm: sha256WithRSAEncryption
69:7c:97:76:2f:3a:15:80:3f:bf:68:35:de:8a:02:38:94:e7:
ae:47:67:b5:5b:db:d0:b9:24:63:45:a9:13:30:70:65:e2:42:
5a:97:44:1b:cd:c2:bf:35:6d:81:e3:04:8c:a6:1e:36:8c:b3:
5d:db:83:bf:f4:ac:c0:fc:77:79:a5:96:95:8e:11:1f:51:5a:
8f:fa:80:40:ea:c3:b8:a2:8c:0a:19:c7:4f:6e:21:e9:5e:72:
bd:58:de:5e:93:f4:59:58:b1:ee:c2:27:24:8b:5a:da:94:cf:
c6:71:25:83:33:3e:29:70:bc:5c:a8:5d:54:72:87:78:67:cb:
de:0c:d2:89:dd:97:34:c4:78:04:cf:e0:08:98:0b:b1:26:b0:
83:9e:fb:27:df:6a:f7:c0:94:97:df:e3:27:0a:5d:c5:35:af:
63:89:51:0b:97:6e:ba:70:c8:6b:24:80:5e:12:96:2b:23:ad:
7f:c5:0e:f0:34:58:c1:22:c2:41:23:23:56:94:14:cc:60:1c:
ec:e4:79:ae:cd:aa:c5:2c:f1:67:78:2f:e0:41:4e:a4:0c:09:
2f:d9:69:03:c7:d3:87:93:6c:ed:ed:53:df:5d:a8:95:a1:0b:
10:3b:c6:3c:e4:ef:35:36:4c:62:bb:f7:fe:d7:24:df:31:00:
92:d3:37:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWf0dD/ICeoUTaBwQHospK3+IAc4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTUxMzBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4MjNmZTFhZWRiMTRiMjEzMTgwNTdlNTQ2Njk2NjhjYzdiNTJjOWVkMDVk
NGFjNGRlNWYzYTM2NDJhZmM4YTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ21Z098He+M3h6/wAN9EXNEAsNjhXx8l7zmyV+o8o1pEqN6lBiHtBNjq2B1
U+OfJlyvs66NJAylsLdrTvPtEJ4H/81tmW5Z5I/pNclkwwPMq8GJ168wti/W95qA
cSKC586M/jANlSGBAwA3mJqtmlx5ix82AK7U5/x4y8kcajHx5+VSkRHe+dCyFzmv
JgY9l6Iumk/mzwU1EPrs2rzFv8jSdmGCZtChRXtYRQNL8mRjCOPb393YrJMEw1hc
pqr/t1SE2fOXWYTHGjDXIkZv+ReDTZ9yaqWtM4g9DtuXe9geL7+h3IaSc11NZOBQ
p5QmV618y/NZEPcVt2tiRIcar6cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTm6eLx
PeLfdKwl/VO4DXk8JCw6MTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTgzNmQwOTAtODk5OS00M2FiLWEzOGMtZjYzYTBlODI5YzBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBpfJd2LzoVgD+/aDXeigI4lOeuR2e1W9vQuSRj
RakTMHBl4kJal0QbzcK/NW2B4wSMph42jLNd24O/9KzA/Hd5pZaVjhEfUVqP+oBA
6sO4oowKGcdPbiHpXnK9WN5ek/RZWLHuwicki1ralM/GcSWDMz4pcLxcqF1Ucod4
Z8veDNKJ3Zc0xHgEz+AImAuxJrCDnvsn32r3wJSX3+MnCl3FNa9jiVELl266cMhr
JIBeEpYrI61/xQ7wNFjBIsJBIyNWlBTMYBzs5HmuzarFLPFneC/gQU6kDAkv2WkD
x9OHk2zt7VPfXaiVoQsQO8Y85O81Nkxiu/f+1yTfMQCS0zde
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:16:55 2025 by rpki-client