Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67233a4e-590e-4497-a72c-fe940d42b798.roa
File: 67233a4e-590e-4497-a72c-fe940d42b798.roa (raw, json)
Hash identifier: bywYW2FSuUl5vFa8TMTkSdwcVpTVW7hcE7nrzQ90WMI=
Subject key identifier: B9:DE:8E:7E:9F:38:7F:BC:07:36:B4:50:D9:1A:68:3C:B4:74:8B:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0FC577825BE700397C925DBC363CF4A83CC735EC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67233a4e-590e-4497-a72c-fe940d42b798.roa
Signing time: Mon 01 Sep 2025 21:21:30 +0000
ROA not before: Mon 01 Sep 2025 21:21:30 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:c5:77:82:5b:e7:00:39:7c:92:5d:bc:36:3c:f4:a8:3c:c7:35:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:21:30 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=d2a561fb56c12c5326662d768262bfa1096e0a14e448f5099fb6a28f448f488d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d0:26:66:e6:e8:ce:f0:ac:b8:65:fc:24:48:
39:50:cd:92:69:f0:7a:4b:75:6f:c5:82:3c:6c:e7:
6d:29:01:0f:63:8e:a4:09:cf:53:f7:ef:c2:ec:de:
a3:52:3c:55:87:be:a6:bd:1d:bc:7d:94:ce:65:d6:
4d:8c:b5:3c:77:b4:29:06:91:d0:92:36:75:2c:49:
c9:47:c8:1f:cb:c2:ef:14:58:4f:ac:29:78:e2:5c:
f8:e5:44:6e:97:31:05:93:7b:b5:e5:15:89:3c:fb:
e3:f2:01:2a:90:23:79:37:44:a8:6b:a8:a5:7a:4d:
93:be:95:86:d6:d3:8a:a1:0d:54:27:81:56:56:36:
b5:c3:c1:ec:9c:a5:f7:74:be:df:9d:31:11:e5:02:
b6:a6:2c:35:f8:03:f5:8f:60:52:38:2c:c9:b2:18:
44:f6:aa:b2:fa:25:3c:91:d5:bd:8b:81:51:14:f4:
30:89:51:a5:23:36:46:4a:d3:d7:1f:37:3c:88:30:
bc:0f:87:9c:e6:a4:99:68:ed:4c:35:0b:70:2d:a9:
e3:07:d2:d6:d2:fc:85:d8:18:bb:11:28:5f:88:83:
a9:bd:33:b4:af:61:0d:bc:9b:59:7c:f8:78:36:5c:
2c:00:2a:b4:e6:df:75:6a:67:f6:e3:c8:6b:7c:96:
be:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:DE:8E:7E:9F:38:7F:BC:07:36:B4:50:D9:1A:68:3C:B4:74:8B:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67233a4e-590e-4497-a72c-fe940d42b798.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c::/32
Signature Algorithm: sha256WithRSAEncryption
80:08:90:9a:99:92:c1:f0:ae:93:48:8b:f3:3f:8c:3c:c5:2d:
83:cd:bc:0f:81:fe:ce:f2:8f:03:0a:fe:69:49:35:c9:fd:0a:
79:fa:0f:ae:ec:e7:58:25:95:02:70:4f:1b:b6:52:58:a9:a7:
14:5c:55:d3:7b:52:2c:5e:98:d5:42:15:16:ed:93:f3:1f:79:
1b:61:81:e2:9c:58:44:35:1e:dc:cd:1f:16:bc:1d:db:bc:51:
16:13:2e:4b:d7:43:32:c9:2b:d4:0f:2d:94:c4:c9:eb:1a:5a:
11:80:3e:64:05:ae:90:42:4e:22:c6:05:15:f3:4f:32:e0:6b:
7d:f0:98:4e:aa:36:3b:81:68:f4:1c:93:7f:bf:96:66:0a:90:
5f:48:47:14:ad:06:38:b2:56:fc:36:4e:40:41:a8:ea:c6:9a:
f0:90:c8:dc:ad:27:79:01:3c:93:3e:9a:58:b9:05:99:0f:e5:
83:d5:40:a4:d1:42:d0:6f:d8:41:6c:1c:f3:50:64:d7:80:e3:
d1:31:ae:ef:b6:72:4c:bd:dd:ff:6f:5a:05:81:a7:7f:4e:d9:
68:ca:db:23:2f:10:ed:1c:35:f0:93:2a:17:c2:29:25:d2:dd:
2c:77:8d:39:91:ac:8d:1e:e0:64:a4:a9:8d:41:a0:db:89:d3:
71:98:36:c2
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUD8V3glvnADl8kl28Njz0qDzHNewwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIxMzBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyYTU2MWZiNTZjMTJjNTMyNjY2MmQ3NjgyNjJiZmExMDk2ZTBhMTRlNDQ4
ZjUwOTlmYjZhMjhmNDQ4ZjQ4OGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAILQJmbm6M7wrLhl/CRIOVDNkmnwekt1b8WCPGznbSkBD2OOpAnPU/fvwuze
o1I8VYe+pr0dvH2UzmXWTYy1PHe0KQaR0JI2dSxJyUfIH8vC7xRYT6wpeOJc+OVE
bpcxBZN7teUViTz74/IBKpAjeTdEqGuopXpNk76VhtbTiqENVCeBVlY2tcPB7Jyl
93S+350xEeUCtqYsNfgD9Y9gUjgsybIYRPaqsvolPJHVvYuBURT0MIlRpSM2RkrT
1x83PIgwvA+HnOakmWjtTDULcC2p4wfS1tL8hdgYuxEoX4iDqb0ztK9hDbybWXz4
eDZcLAAqtObfdWpn9uPIa3yWvikCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBS53o5+
nzh/vAc2tFDZGmg8tHSLMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjcyMzNhNGUtNTkwZS00NDk3LWE3MmMtZmU5NDBkNDJiNzk4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hww
DQYJKoZIhvcNAQELBQADggEBAIAIkJqZksHwrpNIi/M/jDzFLYPNvA+B/s7yjwMK
/mlJNcn9Cnn6D67s51gllQJwTxu2UlippxRcVdN7UixemNVCFRbtk/MfeRthgeKc
WEQ1HtzNHxa8Hdu8URYTLkvXQzLJK9QPLZTEyesaWhGAPmQFrpBCTiLGBRXzTzLg
a33wmE6qNjuBaPQck3+/lmYKkF9IRxStBjiyVvw2TkBBqOrGmvCQyNytJ3kBPJM+
mli5BZkP5YPVQKTRQtBv2EFsHPNQZNeA49Exru+2cky93f9vWgWBp39O2WjK2yMv
EO0cNfCTKhfCKSXS3Sx3jTmRrI0e4GSkqY1BoNuJ03GYNsI=
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:32 2025 by rpki-client