Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
File: 60b690d0-a362-4547-bf57-d14f49f40869.roa (raw, json)
Hash identifier: lYh7E/DIR3cehQmylnOyC0zh2T8kiwzVOJRZaLmUHPc=
Subject key identifier: 39:7C:CE:34:D4:97:10:60:EB:9C:5B:76:46:B3:7B:0C:9E:B8:BA:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16B3DF73EFAB76E7874A5F0F9B6F8E010583BF27
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
Signing time: Mon 01 Sep 2025 21:10:05 +0000
ROA not before: Mon 01 Sep 2025 21:10:05 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:b3:df:73:ef:ab:76:e7:87:4a:5f:0f:9b:6f:8e:01:05:83:bf:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:10:05 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=1d02b4d04c985a4f714bd46c7918e7330f5c4c446f758e65e32fb7d3812b66a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e9:24:90:d0:0c:6d:ce:03:2a:0a:2a:d2:c8:
6e:b5:d0:e3:c5:57:ba:9b:96:27:a8:12:b4:f2:94:
18:7e:f8:b9:d8:7a:fb:9e:62:3a:8e:91:89:62:32:
61:82:cb:28:6e:89:e1:df:6b:8c:37:7f:dc:8b:97:
28:32:e9:a6:d3:35:f0:8c:4a:e3:c8:9f:60:b9:05:
5f:71:57:78:85:e7:ea:d9:94:77:21:06:82:55:9b:
20:b8:27:8a:fc:22:3b:9a:82:92:94:dd:3d:b4:fa:
9b:b1:66:06:96:a3:5f:97:7b:58:ae:53:66:90:4a:
ed:25:0c:3a:45:5e:9a:01:3a:28:37:76:6a:41:99:
f4:81:e7:61:46:7b:04:b9:bc:55:1e:c7:af:33:30:
54:1d:5d:23:ad:32:63:0a:4e:93:62:e5:c6:3e:09:
81:e2:fc:49:97:e2:28:87:5e:74:ed:47:4e:e4:ed:
41:1a:91:d3:d8:d5:50:cf:1d:20:eb:45:53:56:13:
61:86:d7:0e:b6:09:a0:de:c4:57:c4:19:d4:7c:bd:
48:ed:be:d6:64:81:c2:d7:5e:85:62:64:bd:ff:b9:
39:20:47:27:fe:58:10:74:c3:37:93:9e:ae:1c:64:
9a:aa:41:da:59:ea:e5:18:17:50:ac:f2:f5:b5:85:
fd:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:7C:CE:34:D4:97:10:60:EB:9C:5B:76:46:B3:7B:0C:9E:B8:BA:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60b690d0-a362-4547-bf57-d14f49f40869.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:400::/38
Signature Algorithm: sha256WithRSAEncryption
96:ef:b3:d1:78:a3:96:b1:7f:75:bc:20:0b:57:6c:4a:00:1f:
a3:04:97:90:d9:30:27:7b:9c:ae:18:45:8b:44:af:26:f8:ac:
e3:ec:25:12:5c:34:4b:83:c3:cb:28:e8:20:db:09:a2:45:4b:
b4:2f:9e:2c:57:36:e1:9a:55:37:8e:6b:8b:1e:8b:59:fe:67:
80:2c:03:96:85:ad:19:aa:db:21:e8:0f:e5:b2:f7:72:28:55:
4e:c1:16:81:99:27:70:68:f5:9e:59:b2:12:6a:82:f1:5b:7d:
82:36:a2:3b:61:fa:f9:1a:b2:78:dc:1e:86:2a:1d:02:e4:f7:
54:92:80:b6:09:28:0d:1c:d2:0f:38:f9:ac:7c:56:28:9c:7e:
cc:85:50:b3:b7:02:92:81:ff:6e:1e:52:79:34:aa:c6:f0:fe:
f3:b7:5d:9d:e0:a7:87:33:eb:96:77:fb:b7:0a:45:d3:cd:d4:
f7:0f:df:cf:12:b1:f7:36:fa:c2:6f:65:e2:e9:0b:76:ba:fe:
58:03:2c:80:dd:84:7f:4b:1b:47:e8:65:1b:22:92:92:2b:cd:
f7:1d:92:2f:35:30:b6:61:30:f7:6c:67:b5:15:bf:76:4e:00:
d4:18:a3:03:e0:8c:1b:57:89:8a:e7:e6:ac:6b:6e:96:5f:df:
a0:eb:68:c4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFrPfc++rdueHSl8Pm2+OAQWDvycwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTEwMDVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkMDJiNGQwNGM5ODVhNGY3MTRiZDQ2Yzc5MThlNzMzMGY1YzRjNDQ2Zjc1
OGU2NWUzMmZiN2QzODEyYjY2YTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTpJJDQDG3OAyoKKtLIbrXQ48VXupuWJ6gStPKUGH74udh6+55iOo6RiWIy
YYLLKG6J4d9rjDd/3IuXKDLpptM18IxK48ifYLkFX3FXeIXn6tmUdyEGglWbILgn
ivwiO5qCkpTdPbT6m7FmBpajX5d7WK5TZpBK7SUMOkVemgE6KDd2akGZ9IHnYUZ7
BLm8VR7HrzMwVB1dI60yYwpOk2Llxj4JgeL8SZfiKIdedO1HTuTtQRqR09jVUM8d
IOtFU1YTYYbXDrYJoN7EV8QZ1Hy9SO2+1mSBwtdehWJkvf+5OSBHJ/5YEHTDN5Oe
rhxkmqpB2lnq5RgXUKzy9bWF/bUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ5fM40
1JcQYOucW3ZGs3sMnri6DjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjBiNjkwZDAtYTM2Mi00NTQ3LWJmNTctZDE0ZjQ5ZjQwODY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgE
MA0GCSqGSIb3DQEBCwUAA4IBAQCW77PReKOWsX91vCALV2xKAB+jBJeQ2TAne5yu
GEWLRK8m+Kzj7CUSXDRLg8PLKOgg2wmiRUu0L54sVzbhmlU3jmuLHotZ/meALAOW
ha0Zqtsh6A/lsvdyKFVOwRaBmSdwaPWeWbISaoLxW32CNqI7Yfr5GrJ43B6GKh0C
5PdUkoC2CSgNHNIPOPmsfFYonH7MhVCztwKSgf9uHlJ5NKrG8P7zt12d4KeHM+uW
d/u3CkXTzdT3D9/PErH3NvrCb2Xi6Qt2uv5YAyyA3YR/SxtH6GUbIpKSK833HZIv
NTC2YTD3bGe1Fb92TgDUGKMD4IwbV4mK5+asa26WX9+g62jE
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:01 2025 by rpki-client