Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa
File: 5fe931ae-e353-437d-9738-79004c5e9188.roa (raw, json)
Hash identifier: 1DLpfyiaZntklxpBOKBZ/dykRrJwJtFbGKov+h4EnGo=
Subject key identifier: 3C:73:3B:C9:18:40:48:19:9F:41:0F:ED:25:E0:ED:46:EF:87:04:F1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72DE459550497917F625743226361C30BF546D33
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa
Signing time: Mon 01 Sep 2025 20:50:18 +0000
ROA not before: Mon 01 Sep 2025 20:50:18 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 21:38:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:de:45:95:50:49:79:17:f6:25:74:32:26:36:1c:30:bf:54:6d:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:50:18 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=a1b4be67c87898ffd72b8be3d9215fe735c959c868f61f09a9f7fabf78788894, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:29:e6:4c:95:83:29:75:f7:4a:5c:15:4d:a7:
df:45:eb:55:ee:d4:99:13:2a:55:ca:ab:48:92:bd:
80:60:7b:37:d7:6f:1e:f3:d6:42:03:92:e7:e3:7a:
f8:60:24:0f:ec:f1:30:29:0f:c3:6d:b0:8a:92:43:
02:03:45:c3:86:63:98:ba:71:8b:15:2c:a8:78:1a:
42:dc:ca:1d:fd:a0:af:29:90:95:97:a9:76:b0:b9:
cc:29:63:0b:da:55:12:42:10:b6:c0:53:e6:e2:17:
96:43:0a:0b:ee:5a:69:da:05:df:d5:4a:27:6e:aa:
08:aa:ba:5f:3a:f2:aa:bf:98:14:9c:c1:62:79:4d:
80:91:2f:04:48:eb:75:0e:e7:cf:61:e1:d1:91:78:
94:e3:9b:ed:48:7e:f7:ab:49:82:ab:c9:71:0a:99:
db:1a:06:88:19:a0:6c:f8:36:7c:22:a6:67:55:dd:
33:a4:c4:b0:2b:61:04:d5:02:ed:be:db:3f:ba:90:
e0:74:1d:a2:51:ef:3b:98:11:89:12:d8:eb:6c:6d:
73:0f:7d:f5:27:f1:bc:86:cf:e6:71:7a:ef:cf:77:
cd:67:90:dc:af:03:56:ec:61:05:43:d0:84:3c:b8:
2b:8f:26:14:75:c4:fc:0e:a7:36:82:cb:ac:af:ab:
89:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:73:3B:C9:18:40:48:19:9F:41:0F:ED:25:E0:ED:46:EF:87:04:F1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5fe931ae-e353-437d-9738-79004c5e9188.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:c000::/40
Signature Algorithm: sha256WithRSAEncryption
a0:85:be:bb:f2:d7:b5:3f:7e:ed:b9:3c:97:52:04:5f:21:e8:
7b:ff:f2:ac:95:4f:d1:69:9d:80:b3:4b:5c:47:64:36:1d:0f:
a7:aa:45:21:2d:f9:68:ec:d8:f9:0e:ab:6c:d0:7b:ba:f9:90:
78:c7:a5:b6:a7:79:68:03:0e:8d:a3:c1:f2:c9:24:9d:0e:31:
17:b5:bb:1d:13:58:a3:e1:8e:00:2d:f9:bb:1b:a1:5f:67:87:
9b:e8:fa:8e:0a:2b:92:f9:74:3d:f2:d7:22:63:99:5f:f7:ff:
54:ad:60:9c:c9:8b:c6:61:7a:dc:10:39:fc:24:19:1e:5f:97:
ff:09:b5:8c:f2:1f:69:07:cd:61:0d:94:05:b9:cd:cc:bb:7e:
fc:0b:7b:90:03:81:04:76:01:ca:24:4e:d4:fe:02:c8:cc:7a:
8f:48:d1:c2:d2:b7:c6:f4:3e:fa:f2:7e:3e:46:72:f1:84:17:
d1:a5:e3:cf:19:f3:38:25:76:c9:b2:61:0d:ff:9a:57:f2:2c:
06:33:4a:7f:06:9a:37:ab:c8:b4:5a:cd:c4:e5:e3:0a:8d:3a:
2c:21:db:47:22:ba:59:3d:90:09:e4:6a:a1:63:af:66:9a:8a:
b5:f6:23:48:32:3f:3a:a4:db:d9:77:44:13:bb:eb:e9:68:ba:
68:59:01:c1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUct5FlVBJeRf2JXQyJjYcML9UbTMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUwMThaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGExYjRiZTY3Yzg3ODk4ZmZkNzJiOGJlM2Q5MjE1ZmU3MzVjOTU5Yzg2OGY2
MWYwOWE5ZjdmYWJmNzg3ODg4OTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgp5kyVgyl190pcFU2n30XrVe7UmRMqVcqrSJK9gGB7N9dvHvPWQgOS5+N6
+GAkD+zxMCkPw22wipJDAgNFw4ZjmLpxixUsqHgaQtzKHf2grymQlZepdrC5zClj
C9pVEkIQtsBT5uIXlkMKC+5aadoF39VKJ26qCKq6Xzryqr+YFJzBYnlNgJEvBEjr
dQ7nz2Hh0ZF4lOOb7Uh+96tJgqvJcQqZ2xoGiBmgbPg2fCKmZ1XdM6TEsCthBNUC
7b7bP7qQ4HQdolHvO5gRiRLY62xtcw999SfxvIbP5nF67893zWeQ3K8DVuxhBUPQ
hDy4K48mFHXE/A6nNoLLrK+riRcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ8czvJ
GEBIGZ9BD+0l4O1G74cE8TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWZlOTMxYWUtZTM1My00MzdkLTk3MzgtNzkwMDRjNWU5MTg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DTA
MA0GCSqGSIb3DQEBCwUAA4IBAQCghb678te1P37tuTyXUgRfIeh7//KslU/RaZ2A
s0tcR2Q2HQ+nqkUhLflo7Nj5Dqts0Hu6+ZB4x6W2p3loAw6No8HyySSdDjEXtbsd
E1ij4Y4ALfm7G6FfZ4eb6PqOCiuS+XQ98tciY5lf9/9UrWCcyYvGYXrcEDn8JBke
X5f/CbWM8h9pB81hDZQFuc3Mu378C3uQA4EEdgHKJE7U/gLIzHqPSNHC0rfG9D76
8n4+RnLxhBfRpePPGfM4JXbJsmEN/5pX8iwGM0p/Bpo3q8i0Ws3E5eMKjTosIdtH
IrpZPZAJ5GqhY69mmoq19iNIMj86pNvZd0QTu+vpaLpoWQHB
-----END CERTIFICATE-----
Generated at Thu Sep 18 02:10:09 2025 by rpki-client