Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
File: 58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa (raw, json)
Hash identifier: apt7gGC0fns1Z9gRIqR+QwDoPXLG5iLP+uX+hWsJMUA=
Subject key identifier: B5:58:76:4B:18:3D:E1:7A:72:3A:A7:36:A9:D7:B6:9A:16:30:0D:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4FE09D2019B2DBE588E7E8DD1BAC6B4BF910A0E1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
Signing time: Mon 01 Sep 2025 20:20:16 +0000
ROA not before: Mon 01 Sep 2025 20:20:16 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:e0:9d:20:19:b2:db:e5:88:e7:e8:dd:1b:ac:6b:4b:f9:10:a0:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:20:16 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=1c0fc15393f302f19bad4fabb9dc16cd4fd188ffa6283d69d1d6ea8477a2b002, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:70:41:18:ad:99:7c:a7:a0:b8:f7:7c:fd:b6:
36:80:61:34:5e:4b:6e:f3:c6:34:09:ba:07:f5:a2:
d8:3f:ae:66:30:9b:fc:9a:21:19:9a:0b:fb:70:ed:
9e:43:d5:c8:ce:a5:b1:f7:8f:0c:29:ca:6b:ea:01:
ee:4b:cd:80:23:ef:31:ad:35:55:d7:cf:f0:6d:37:
50:58:ca:41:90:c4:50:ae:14:80:8b:92:ca:1c:fa:
11:5b:f4:52:24:82:26:01:bb:51:f4:0e:8a:a4:bc:
6c:8e:f7:51:c9:9a:14:6d:36:e2:a5:4f:b2:c0:ab:
8d:90:87:dd:45:6f:10:f1:13:65:7b:0e:86:66:d9:
32:83:74:7a:d4:9f:1a:38:18:33:17:a6:87:d3:dc:
a7:7d:38:f1:33:85:c5:08:38:5e:8f:4e:2e:8d:12:
72:cf:35:6a:c1:8e:95:0e:9a:52:24:b8:67:87:90:
84:16:51:a4:64:fa:f3:ac:e6:cc:c1:0f:3a:b4:31:
f3:05:c2:07:d6:be:1c:d1:79:87:ef:3b:66:e9:38:
5f:34:a0:d9:4d:bd:7d:f5:cf:ef:31:81:b0:3f:6f:
e0:8e:b6:3b:82:0b:ed:c5:a0:34:11:3c:01:d7:37:
66:5a:60:f5:63:e0:9c:9d:fc:c6:ba:7d:0e:d6:60:
5f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:58:76:4B:18:3D:E1:7A:72:3A:A7:36:A9:D7:B6:9A:16:30:0D:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2040::/48
Signature Algorithm: sha256WithRSAEncryption
b0:2f:a4:10:02:15:4e:a6:96:a7:34:bc:14:59:e2:a3:0e:45:
d5:ec:96:4f:b6:19:c3:8b:59:c8:08:3c:29:24:fe:f9:b3:27:
2c:cc:da:c7:2d:94:ef:bd:d8:30:98:ea:58:c2:b0:c9:97:11:
9a:05:f6:7c:cd:a6:dd:d8:a7:04:e1:f2:24:10:1c:87:7c:64:
ba:9f:53:0a:dd:9e:25:e7:da:e7:1f:66:da:4b:9c:ef:48:e3:
8b:e2:37:5c:88:24:a0:0a:26:71:d0:27:fb:0b:fd:8e:65:f6:
c8:08:fb:29:e9:de:9a:02:59:f8:5d:4b:5a:fd:b4:42:21:39:
bd:29:c3:c2:74:99:c9:fa:de:f5:5a:25:22:45:73:ee:f9:ff:
b3:bf:db:c4:00:f8:d3:aa:97:b4:d0:59:2b:84:cf:85:93:04:
b5:a1:60:45:1a:3c:0c:d7:61:e9:52:e5:61:b3:47:ad:d5:50:
6a:b2:ce:5c:0f:9a:24:e6:eb:49:73:0c:7c:fa:10:8a:cd:2b:
83:dd:a9:bb:90:8a:6a:4c:f9:1f:4a:26:9f:4c:95:82:89:ae:
38:91:e6:38:84:3a:a3:1d:70:50:ec:3c:61:e7:d6:4c:dd:5f:
55:ab:ce:c8:84:b3:a0:ca:8a:1d:a2:3e:61:2a:cb:dc:ea:77:
f1:1e:c4:c5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUT+CdIBmy2+WI5+jdG6xrS/kQoOEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIwMTZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjMGZjMTUzOTNmMzAyZjE5YmFkNGZhYmI5ZGMxNmNkNGZkMTg4ZmZhNjI4
M2Q2OWQxZDZlYTg0NzdhMmIwMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpwQRitmXynoLj3fP22NoBhNF5LbvPGNAm6B/Wi2D+uZjCb/JohGZoL+3Dt
nkPVyM6lsfePDCnKa+oB7kvNgCPvMa01VdfP8G03UFjKQZDEUK4UgIuSyhz6EVv0
UiSCJgG7UfQOiqS8bI73UcmaFG024qVPssCrjZCH3UVvEPETZXsOhmbZMoN0etSf
GjgYMxemh9Pcp3048TOFxQg4Xo9OLo0Scs81asGOlQ6aUiS4Z4eQhBZRpGT686zm
zMEPOrQx8wXCB9a+HNF5h+87Zuk4XzSg2U29ffXP7zGBsD9v4I62O4IL7cWgNBE8
Adc3Zlpg9WPgnJ38xrp9DtZgX98CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS1WHZL
GD3henI6pzap17aaFjANxDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTg1NTdhODktYjQzMS00OWMzLWJjMGUtZDQ5ZTJkNGM3OWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
QDANBgkqhkiG9w0BAQsFAAOCAQEAsC+kEAIVTqaWpzS8FFniow5F1eyWT7YZw4tZ
yAg8KST++bMnLMzaxy2U773YMJjqWMKwyZcRmgX2fM2m3dinBOHyJBAch3xkup9T
Ct2eJefa5x9m2kuc70jji+I3XIgkoAomcdAn+wv9jmX2yAj7KenemgJZ+F1LWv20
QiE5vSnDwnSZyfre9VolIkVz7vn/s7/bxAD406qXtNBZK4TPhZMEtaFgRRo8DNdh
6VLlYbNHrdVQarLOXA+aJObrSXMMfPoQis0rg92pu5CKakz5H0omn0yVgomuOJHm
OIQ6ox1wUOw8YefWTN1fVavOyISzoMqKHaI+YSrL3Op38R7ExQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:04 2025 by rpki-client