Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
File: 631196a4-90f5-4760-982e-15fbaf4805ec.roa (raw, json)
Hash identifier: ReCH/S5mt8f8fM6PW9FwVym2HZoVwDEJiu6sR0Q9Uuw=
Subject key identifier: A1:64:D7:CF:A0:07:3D:07:FE:90:AF:0E:6D:7A:07:33:96:E6:7F:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0885D41CC97599517F18DCC210F303A630E2F28F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
Signing time: Tue 26 Aug 2025 17:20:09 +0000
ROA not before: Tue 26 Aug 2025 17:20:09 +0000
ROA not after: Tue 30 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d020:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:85:d4:1c:c9:75:99:51:7f:18:dc:c2:10:f3:03:a6:30:e2:f2:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 26 17:20:09 2025 GMT
Not After : Sep 30 23:59:59 2025 GMT
Subject: serialNumber=0458f190bb8d520e8c58dee005e9d8212293d5414c24baaad611e9ee379e0959, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9b:80:13:76:b1:63:95:ad:ae:f2:ea:e8:78:
b7:b2:43:c0:11:ed:ad:e6:f3:f6:bc:99:8e:a0:56:
09:c0:70:6e:b1:9a:6b:e0:ab:dc:1b:85:a8:c8:17:
01:10:09:d3:a9:a9:ea:c3:0d:f6:9a:81:6d:22:9f:
ad:84:3f:56:8f:4c:2a:a3:15:45:4d:b4:53:a6:7d:
90:bf:0a:3a:2a:72:9d:49:4e:e0:23:de:2a:f2:32:
4c:b2:a8:fd:37:a6:22:1e:12:e6:c3:2f:2b:b2:15:
9c:21:f1:5f:9d:ba:66:9e:ff:10:69:c5:7c:0b:16:
2f:c9:e1:9d:1d:63:17:f7:11:aa:e5:3e:bd:61:07:
7b:dd:08:b5:22:d8:ab:5c:7e:89:30:26:7f:3e:1f:
6d:79:41:af:b6:66:45:e6:09:42:e0:02:5e:95:01:
c1:61:16:f8:2b:41:4a:5e:47:67:f7:88:eb:fc:fc:
0f:d2:57:3d:a5:54:32:a9:b8:68:a3:23:49:16:f0:
1c:28:a5:8f:64:40:eb:88:eb:11:9a:d2:17:b8:df:
c5:97:c1:7b:8a:45:74:33:bb:9a:a9:c0:a4:a8:ec:
c5:21:7f:51:be:44:ae:fb:aa:85:c8:c7:d5:31:f0:
19:2d:86:82:e8:60:c9:33:2a:a0:e0:0e:ec:5b:aa:
0f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:64:D7:CF:A0:07:3D:07:FE:90:AF:0E:6D:7A:07:33:96:E6:7F:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/631196a4-90f5-4760-982e-15fbaf4805ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d020:8000::/36
Signature Algorithm: sha256WithRSAEncryption
77:d6:34:d9:57:37:6d:20:f6:13:4f:31:48:d0:2e:37:37:63:
ae:c9:8f:9d:d1:3f:17:d8:9c:ca:7d:96:15:20:fd:64:92:d1:
6f:c6:4f:d2:7f:51:e5:e0:1c:2d:ed:4b:57:f0:99:e5:94:4e:
33:9b:52:69:da:7b:74:13:ac:74:12:73:f7:d4:41:b8:79:b1:
d9:72:f0:7a:3e:a1:80:92:11:39:a7:ba:a8:62:0d:52:48:d0:
65:2d:b3:df:be:ce:29:45:40:32:50:0a:01:f5:0d:d2:bf:ef:
db:ef:92:c5:1c:f9:4a:82:e4:13:90:3a:67:47:84:95:39:34:
f4:5a:bc:45:38:2d:ec:5a:02:74:91:da:33:32:5f:cc:37:c3:
89:94:52:34:7d:51:96:80:28:e6:e3:5a:39:5f:99:e1:9f:b8:
fb:f2:f4:cb:63:18:8a:98:e3:e3:2c:31:59:1b:14:e8:fd:30:
58:a2:dd:10:47:1b:a5:ae:be:8c:28:e2:d4:45:c1:9f:a6:3e:
b4:56:b6:ea:61:0c:6b:7b:68:e5:ba:29:69:d0:ff:91:be:aa:
7f:58:4b:89:49:c2:9f:7e:40:5d:69:a2:1c:b9:f3:98:0a:6b:
8b:73:f3:d1:d7:ce:75:0c:fc:34:61:4c:b2:6e:c6:be:78:11:
1c:30:d5:63
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCIXUHMl1mVF/GNzCEPMDpjDi8o8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjYxNzIwMDlaFw0yNTA5MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0NThmMTkwYmI4ZDUyMGU4YzU4ZGVlMDA1ZTlkODIxMjI5M2Q1NDE0YzI0
YmFhYWQ2MTFlOWVlMzc5ZTA5NTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2bgBN2sWOVra7y6uh4t7JDwBHtrebz9ryZjqBWCcBwbrGaa+Cr3BuFqMgX
ARAJ06mp6sMN9pqBbSKfrYQ/Vo9MKqMVRU20U6Z9kL8KOipynUlO4CPeKvIyTLKo
/TemIh4S5sMvK7IVnCHxX526Zp7/EGnFfAsWL8nhnR1jF/cRquU+vWEHe90ItSLY
q1x+iTAmfz4fbXlBr7ZmReYJQuACXpUBwWEW+CtBSl5HZ/eI6/z8D9JXPaVUMqm4
aKMjSRbwHCilj2RA64jrEZrSF7jfxZfBe4pFdDO7mqnApKjsxSF/Ub5ErvuqhcjH
1THwGS2GguhgyTMqoOAO7FuqDyMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBShZNfP
oAc9B/6Qrw5tegczluZ/ojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjMxMTk2YTQtOTBmNS00NzYwLTk4MmUtMTVmYmFmNDgwNWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CCA
MA0GCSqGSIb3DQEBCwUAA4IBAQB31jTZVzdtIPYTTzFI0C43N2OuyY+d0T8X2JzK
fZYVIP1kktFvxk/Sf1Hl4Bwt7UtX8JnllE4zm1Jp2nt0E6x0EnP31EG4ebHZcvB6
PqGAkhE5p7qoYg1SSNBlLbPfvs4pRUAyUAoB9Q3Sv+/b75LFHPlKguQTkDpnR4SV
OTT0WrxFOC3sWgJ0kdozMl/MN8OJlFI0fVGWgCjm41o5X5nhn7j78vTLYxiKmOPj
LDFZGxTo/TBYot0QRxulrr6MKOLURcGfpj60VrbqYQxre2jluilp0P+Rvqp/WEuJ
ScKffkBdaaIcufOYCmuLc/PR1851DPw0YUyybsa+eBEcMNVj
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:52 2025 by rpki-client