Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
File: 7116ef93-bff5-462e-a725-ae90147ffd39.roa (raw, json)
Hash identifier: 2vZeaXJz3A7xNmb7G3fpHlGllzf9Ik+J/J3Ma6WKX80=
Subject key identifier: A0:89:72:1E:4C:7E:CB:5C:39:FB:AC:47:CB:72:4A:58:94:85:E5:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7732A506865223560AA393EDCFA444DDAF1A842B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
Signing time: Mon 01 Sep 2025 20:00:18 +0000
ROA not before: Mon 01 Sep 2025 20:00:18 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:32:a5:06:86:52:23:56:0a:a3:93:ed:cf:a4:44:dd:af:1a:84:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:00:18 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=bc4e2c142d1411e95446d69edf57d0ad159e0e8d25e203de7a7100b6b9643d70, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f9:fa:4e:b5:81:b1:87:d6:a7:4c:63:e0:32:
24:9f:07:1f:fb:ff:d9:81:e5:a6:23:1e:3a:ef:ef:
48:8a:0f:cf:1a:6f:64:71:b8:01:34:ba:97:ab:0e:
21:f1:6c:df:2e:45:13:df:53:cc:bf:6e:86:54:38:
8e:ee:74:04:28:ab:3a:e1:60:cf:9f:76:9a:1d:68:
c0:f6:92:e1:6c:06:60:c8:9b:e8:e2:00:69:be:eb:
5e:6c:ad:b4:db:e1:e7:38:d3:34:71:08:e9:63:2c:
82:cd:a1:24:ed:88:10:7d:6c:a2:a3:92:9d:b5:1b:
fc:15:9d:bd:7e:48:62:fa:10:bf:89:95:c3:d4:9c:
b9:37:e6:2c:5e:fc:c3:c2:cf:4a:e1:b7:e8:9c:4c:
d6:b7:69:10:86:02:b7:ac:71:eb:bb:41:18:6b:64:
56:05:0d:7e:67:9e:a4:49:ec:37:1a:0b:34:f3:39:
62:5e:54:84:e4:17:6e:14:75:bd:04:cf:e8:14:fb:
30:da:9a:f0:70:e5:ae:fc:93:96:17:a2:7d:87:7a:
9a:75:b3:e2:93:35:ca:d5:cd:0f:73:6d:b1:17:22:
a1:8f:1b:2d:6a:26:88:6c:a3:30:32:42:7a:49:a8:
3e:69:99:56:84:60:21:f8:1a:cd:96:5b:5d:d8:62:
ef:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:89:72:1E:4C:7E:CB:5C:39:FB:AC:47:CB:72:4A:58:94:85:E5:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
61:c7:4b:6a:f5:d8:98:ba:79:bf:b0:42:a9:96:5a:12:f8:86:
f2:cf:15:e4:75:a0:79:79:4e:6d:60:bb:03:ed:13:88:85:9f:
14:c9:51:89:d3:a8:60:cc:6c:f0:35:63:ee:b0:ba:54:ca:db:
90:30:17:2e:d8:97:c0:28:c9:4b:95:ed:29:ab:89:70:21:4c:
cd:f3:b3:e9:ee:09:0c:1e:09:53:ae:5a:f9:1a:e6:4a:10:d1:
1a:74:95:30:7b:e6:d3:b7:91:bc:e3:c0:80:91:a5:e9:74:1d:
50:f2:d2:c5:ca:91:15:85:ff:e6:48:b0:fc:fc:20:06:5a:30:
7b:d1:18:f3:f7:7d:87:d3:94:00:4e:d4:66:29:a1:b6:7a:3d:
b6:a1:eb:35:ce:7d:34:be:66:e0:89:5e:7c:32:f4:46:ae:2c:
bf:d7:52:9d:0c:45:2d:c5:34:27:ac:52:a8:bf:d2:dd:9e:0c:
a6:f8:02:c4:17:f8:94:bd:b2:aa:c6:fb:7c:95:f0:53:e1:f0:
86:39:c4:5a:61:34:27:4c:26:f4:fd:36:c0:8e:e8:66:78:c0:
01:6a:97:e1:11:c7:db:07:69:2a:f8:c0:02:f0:24:e5:5b:0c:
bd:04:ce:cc:8b:3a:11:5f:0a:e7:6c:53:2a:32:1a:45:74:b9:
e8:5f:3d:72
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdzKlBoZSI1YKo5Ptz6RE3a8ahCswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDAwMThaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjNGUyYzE0MmQxNDExZTk1NDQ2ZDY5ZWRmNTdkMGFkMTU5ZTBlOGQyNWUy
MDNkZTdhNzEwMGI2Yjk2NDNkNzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKL5+k61gbGH1qdMY+AyJJ8HH/v/2YHlpiMeOu/vSIoPzxpvZHG4ATS6l6sO
IfFs3y5FE99TzL9uhlQ4ju50BCirOuFgz592mh1owPaS4WwGYMib6OIAab7rXmyt
tNvh5zjTNHEI6WMsgs2hJO2IEH1soqOSnbUb/BWdvX5IYvoQv4mVw9ScuTfmLF78
w8LPSuG36JxM1rdpEIYCt6xx67tBGGtkVgUNfmeepEnsNxoLNPM5Yl5UhOQXbhR1
vQTP6BT7MNqa8HDlrvyTlheifYd6mnWz4pM1ytXND3NtsRcioY8bLWomiGyjMDJC
ekmoPmmZVoRgIfgazZZbXdhi7y0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSgiXIe
TH7LXDn7rEfLckpYlIXlyDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzExNmVmOTMtYmZmNS00NjJlLWE3MjUtYWU5MDE0N2ZmZDM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
wDANBgkqhkiG9w0BAQsFAAOCAQEAYcdLavXYmLp5v7BCqZZaEviG8s8V5HWgeXlO
bWC7A+0TiIWfFMlRidOoYMxs8DVj7rC6VMrbkDAXLtiXwCjJS5XtKauJcCFMzfOz
6e4JDB4JU65a+RrmShDRGnSVMHvm07eRvOPAgJGl6XQdUPLSxcqRFYX/5kiw/Pwg
Blowe9EY8/d9h9OUAE7UZimhtno9tqHrNc59NL5m4IlefDL0Rq4sv9dSnQxFLcU0
J6xSqL/S3Z4MpvgCxBf4lL2yqsb7fJXwU+HwhjnEWmE0J0wm9P02wI7oZnjAAWqX
4RHH2wdpKvjAAvAk5VsMvQTOzIs6EV8K52xTKjIaRXS56F89cg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:51 2025 by rpki-client