Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5854e06a-c825-40fe-bf51-5b77d3ba4d02.roa
File: 5854e06a-c825-40fe-bf51-5b77d3ba4d02.roa (raw, json)
Hash identifier: TlbqRqbfLRErV759uvKV8Jb8eglSTCxvHgWExEwqN9Q=
Subject key identifier: 54:F0:A7:0C:DA:66:16:E4:C2:36:51:EB:52:7D:59:6F:E5:2B:6A:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D4CA8E6EF10249C70121503EA4E066CAE7058DB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5854e06a-c825-40fe-bf51-5b77d3ba4d02.roa
Signing time: Mon 01 Sep 2025 21:10:07 +0000
ROA not before: Mon 01 Sep 2025 21:10:07 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:4c:a8:e6:ef:10:24:9c:70:12:15:03:ea:4e:06:6c:ae:70:58:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:10:07 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=c3d9672b2b6790a9ab626c89fb9fd43bf154d94ad037f436a515bd6aee4febc9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:0a:0e:6c:e6:61:1f:7d:93:36:fb:cf:20:d2:
9f:08:ec:27:45:31:37:c9:e2:8b:45:e3:27:5f:c5:
9c:8d:cf:f4:76:a2:03:53:5c:b4:d1:20:2d:cb:f5:
ae:fd:9d:33:a0:91:ea:44:d8:63:3b:bf:7c:59:ce:
f5:54:59:ef:99:34:b7:46:d9:32:1b:f6:49:55:c7:
2e:cd:3b:00:a8:d8:a3:c9:2e:45:f3:3e:55:5e:17:
bc:a9:b3:ad:b0:c7:00:05:46:7e:45:95:98:62:c1:
d6:7e:8c:d8:ae:02:27:ca:b4:5d:63:f1:63:05:4a:
b7:bb:1f:93:39:41:bd:c3:b8:39:72:15:e6:09:ac:
9d:ca:7f:e0:cc:81:99:6f:29:7d:26:e5:0a:c0:a5:
c7:18:08:8e:b4:bf:91:ff:bb:09:93:c6:52:fa:64:
bb:b1:5d:f5:45:e7:81:75:09:99:6a:f1:d0:d0:c2:
53:5d:cb:e6:cb:9e:4a:01:fa:97:24:56:b2:24:6c:
05:79:0f:00:7c:71:37:40:fc:34:4a:47:0e:b5:f4:
29:19:9b:19:01:55:5a:28:4c:7d:31:49:89:b0:cf:
60:c3:f8:c8:27:dd:62:dc:02:e8:c7:72:92:73:19:
c2:e0:ad:6f:34:81:c6:d7:ae:b0:a0:ae:21:60:5a:
bd:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:F0:A7:0C:DA:66:16:E4:C2:36:51:EB:52:7D:59:6F:E5:2B:6A:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5854e06a-c825-40fe-bf51-5b77d3ba4d02.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016:c00::/38
Signature Algorithm: sha256WithRSAEncryption
49:6d:0e:a7:b6:9c:5c:00:4f:b6:cc:66:93:b7:05:04:9f:ca:
ac:eb:18:6d:cc:84:91:f5:ea:56:4c:92:69:c7:e3:f9:07:e2:
e6:56:eb:20:0f:b3:f7:6a:10:55:a9:2b:83:d0:2d:23:1d:4c:
1f:4b:89:b5:27:bd:6f:ed:a1:9c:7a:5f:bd:cf:6e:7d:6d:00:
a0:e8:58:46:e4:19:23:5d:18:5d:cc:ba:55:2e:f5:3d:75:23:
8d:f4:67:f7:f7:76:c1:02:b5:62:6f:17:c5:9b:9e:d6:5b:e2:
4f:e0:dc:5a:32:d8:48:a7:15:5a:e9:49:74:8b:5a:bf:bd:a6:
b7:d8:df:05:ae:94:fe:14:a5:fd:08:d3:2c:f6:24:cd:13:ed:
40:7a:ce:39:c8:7d:98:c0:95:40:2d:66:3a:15:86:cd:59:d3:
0e:bc:f6:bb:23:bd:02:f9:23:a7:46:25:8c:e6:99:40:89:dc:
7a:ca:65:15:ad:d2:4b:aa:f9:f2:86:c0:1c:02:b6:85:0c:50:
10:81:6e:ee:cc:92:c2:c0:06:63:c3:49:d0:4f:f3:fc:82:56:
f3:15:0c:87:81:c1:b1:01:35:ac:e1:7b:94:0c:60:41:b6:18:
77:c1:96:89:b5:2c:70:c0:96:f8:ac:58:55:77:26:8b:7f:13:
82:1f:b3:d2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbUyo5u8QJJxwEhUD6k4GbK5wWNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTEwMDdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzZDk2NzJiMmI2NzkwYTlhYjYyNmM4OWZiOWZkNDNiZjE1NGQ5NGFkMDM3
ZjQzNmE1MTViZDZhZWU0ZmViYzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOYKDmzmYR99kzb7zyDSnwjsJ0UxN8nii0XjJ1/FnI3P9HaiA1NctNEgLcv1
rv2dM6CR6kTYYzu/fFnO9VRZ75k0t0bZMhv2SVXHLs07AKjYo8kuRfM+VV4XvKmz
rbDHAAVGfkWVmGLB1n6M2K4CJ8q0XWPxYwVKt7sfkzlBvcO4OXIV5gmsncp/4MyB
mW8pfSblCsClxxgIjrS/kf+7CZPGUvpku7Fd9UXngXUJmWrx0NDCU13L5sueSgH6
lyRWsiRsBXkPAHxxN0D8NEpHDrX0KRmbGQFVWihMfTFJibDPYMP4yCfdYtwC6Mdy
knMZwuCtbzSBxteusKCuIWBavccCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRU8KcM
2mYW5MI2UetSfVlv5StqxDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTg1NGUwNmEtYzgyNS00MGZlLWJmNTEtNWI3N2QzYmE0ZDAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYM
MA0GCSqGSIb3DQEBCwUAA4IBAQBJbQ6ntpxcAE+2zGaTtwUEn8qs6xhtzISR9epW
TJJpx+P5B+LmVusgD7P3ahBVqSuD0C0jHUwfS4m1J71v7aGcel+9z259bQCg6FhG
5BkjXRhdzLpVLvU9dSON9Gf393bBArVibxfFm57WW+JP4NxaMthIpxVa6Ul0i1q/
vaa32N8FrpT+FKX9CNMs9iTNE+1Aes45yH2YwJVALWY6FYbNWdMOvPa7I70C+SOn
RiWM5plAidx6ymUVrdJLqvnyhsAcAraFDFAQgW7uzJLCwAZjw0nQT/P8glbzFQyH
gcGxATWs4XuUDGBBthh3wZaJtSxwwJb4rFhVdyaLfxOCH7PS
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:44 2025 by rpki-client