Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60c499a8-e470-4a76-9095-20d8554a426a.roa
File: 60c499a8-e470-4a76-9095-20d8554a426a.roa (raw, json)
Hash identifier: tlburxQ264+ySdCPQeQ31cQ5P6L0Xa2C5hokWWmmuoY=
Subject key identifier: 10:F2:AF:63:66:DB:5C:AB:53:9E:AD:B3:9B:E0:1E:D5:8C:87:77:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33D9D1428C2EB50E9B4FDF48D585B49CF829D5C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60c499a8-e470-4a76-9095-20d8554a426a.roa
Signing time: Mon 01 Sep 2025 21:11:04 +0000
ROA not before: Mon 01 Sep 2025 21:11:04 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:d9:d1:42:8c:2e:b5:0e:9b:4f:df:48:d5:85:b4:9c:f8:29:d5:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:11:04 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=2f3c2bf5cb0b026129a0a2159daf838eeb9ea8bb9ca73b29cfbed6a54cf82f02, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fe:41:37:27:41:f6:e8:f7:8a:3d:9e:5d:bc:
25:52:07:a4:22:99:3f:97:3b:23:0e:bf:be:9f:09:
69:65:a2:16:41:6d:7e:1b:88:fd:59:0c:ef:13:79:
2c:a2:44:06:0b:04:20:91:bd:ad:74:27:a1:86:00:
cf:44:8b:b9:3b:26:c6:61:9a:2a:ce:a9:16:ac:02:
f7:eb:b6:e6:71:36:44:2c:66:af:02:65:de:b9:0a:
cf:83:62:c5:28:d8:bf:35:3c:c8:f1:2a:10:e4:f0:
08:c1:42:f5:26:fd:d6:a3:e0:4e:56:7b:f1:14:14:
04:1d:a6:f0:81:47:0d:bc:f0:e9:a1:fa:dd:d9:40:
a7:ae:27:21:b8:4f:18:c1:91:f7:73:8b:18:d3:e9:
ef:c9:54:3d:da:8c:b4:e2:17:52:dd:ce:31:65:4d:
da:00:9c:b4:2d:e4:5d:ad:ca:95:34:d2:75:0e:ca:
b0:6c:f6:d8:52:44:64:96:f5:10:dc:95:6f:ff:bb:
60:7a:b0:dd:5c:c4:ab:2b:ad:00:b6:1a:39:27:7d:
1e:36:41:5e:0a:ea:2e:fc:c2:b9:2a:a3:6c:78:c5:
4c:ad:f2:9e:fa:65:f3:3d:62:f4:5f:28:e9:79:60:
de:72:02:96:a1:91:c0:af:47:d8:c9:f8:ce:12:df:
c2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:F2:AF:63:66:DB:5C:AB:53:9E:AD:B3:9B:E0:1E:D5:8C:87:77:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60c499a8-e470-4a76-9095-20d8554a426a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:c00::/38
Signature Algorithm: sha256WithRSAEncryption
01:9c:b0:6f:0d:fc:be:c8:b9:76:59:5d:ce:6e:1b:7a:71:9f:
1b:26:5d:98:47:c9:79:51:32:57:2e:50:6e:7a:04:de:d5:d2:
57:a4:ad:1f:24:11:5a:42:a3:37:a2:95:4d:26:a4:f1:27:7c:
ff:c9:c2:55:e5:b7:6d:94:0c:ff:de:b3:77:7a:46:06:02:83:
41:c9:ed:d5:42:7f:03:37:87:87:94:c5:a3:28:8e:a1:f3:44:
fe:2e:8d:5b:e0:4a:ad:66:0a:83:d8:fa:70:2f:5a:24:f0:21:
c9:1d:bb:85:ec:43:c1:3c:38:fc:11:9a:86:88:f3:26:1f:b9:
a8:0e:5a:d3:48:cd:3f:49:40:c8:8d:85:c8:a1:41:23:10:be:
54:d9:a4:55:0e:3b:b3:65:42:df:ed:cf:dd:55:39:8c:3b:67:
a7:1f:d3:ac:ec:fb:69:96:e1:e9:5d:a7:45:d9:84:bd:01:f5:
92:52:9e:67:9c:60:cc:4f:ed:41:db:d2:96:d1:42:62:f7:b4:
17:46:bb:82:c0:54:60:16:0e:c3:4e:5b:99:6b:11:61:d7:2d:
0e:f6:19:01:ab:18:c5:92:0e:f7:de:a4:95:7c:9b:fa:54:77:
69:83:cc:14:7a:69:a2:34:ed:b3:97:52:1c:f3:73:64:43:21:
47:48:f6:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM9nRQowutQ6bT99I1YW0nPgp1cgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTExMDRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmM2MyYmY1Y2IwYjAyNjEyOWEwYTIxNTlkYWY4MzhlZWI5ZWE4YmI5Y2E3
M2IyOWNmYmVkNmE1NGNmODJmMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALb+QTcnQfbo94o9nl28JVIHpCKZP5c7Iw6/vp8JaWWiFkFtfhuI/VkM7xN5
LKJEBgsEIJG9rXQnoYYAz0SLuTsmxmGaKs6pFqwC9+u25nE2RCxmrwJl3rkKz4Ni
xSjYvzU8yPEqEOTwCMFC9Sb91qPgTlZ78RQUBB2m8IFHDbzw6aH63dlAp64nIbhP
GMGR93OLGNPp78lUPdqMtOIXUt3OMWVN2gCctC3kXa3KlTTSdQ7KsGz22FJEZJb1
ENyVb/+7YHqw3VzEqyutALYaOSd9HjZBXgrqLvzCuSqjbHjFTK3ynvpl8z1i9F8o
6Xlg3nIClqGRwK9H2Mn4zhLfwicCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQQ8q9j
Zttcq1OerbOb4B7VjId3mjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjBjNDk5YTgtZTQ3MC00YTc2LTkwOTUtMjBkODU1NGE0MjZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgM
MA0GCSqGSIb3DQEBCwUAA4IBAQABnLBvDfy+yLl2WV3Obht6cZ8bJl2YR8l5UTJX
LlBuegTe1dJXpK0fJBFaQqM3opVNJqTxJ3z/ycJV5bdtlAz/3rN3ekYGAoNBye3V
Qn8DN4eHlMWjKI6h80T+Lo1b4EqtZgqD2PpwL1ok8CHJHbuF7EPBPDj8EZqGiPMm
H7moDlrTSM0/SUDIjYXIoUEjEL5U2aRVDjuzZULf7c/dVTmMO2enH9Os7PtpluHp
XadF2YS9AfWSUp5nnGDMT+1B29KW0UJi97QXRruCwFRgFg7DTluZaxFh1y0O9hkB
qxjFkg733qSVfJv6VHdpg8wUemmiNO2zl1Ic83NkQyFHSPZ0
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:45 2025 by rpki-client