Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
File: 739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa (raw, json)
Hash identifier: CJt5l20X3tQngXJp4RrLp+nG99g6IoZQoYuuJJhQXTY=
Subject key identifier: 5F:F0:D0:20:14:10:8A:D6:53:72:12:46:4C:28:6F:0B:15:A9:2B:2A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6524330BE002B8F69E03938802446433A55ED04D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
Signing time: Mon 01 Sep 2025 21:00:03 +0000
ROA not before: Mon 01 Sep 2025 21:00:03 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:24:33:0b:e0:02:b8:f6:9e:03:93:88:02:44:64:33:a5:5e:d0:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:00:03 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=19a7487c71e01c922f6ff078735b3a66bd4543cb056faa6dd7cae37f0914588f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7a:84:5e:af:fb:e6:dd:26:55:86:e2:e4:c9:
cf:6a:79:53:d4:1f:7f:87:1b:d8:2b:c2:6b:d3:c1:
69:b9:a3:06:e4:1b:51:1d:da:d5:f3:c4:2f:38:ef:
b8:9a:82:94:f7:83:12:4b:0f:7a:90:23:e2:a5:67:
fa:9a:5b:53:66:b2:00:a0:c1:dc:f7:d5:76:11:d7:
66:fa:0c:ae:44:a0:3b:43:72:a1:24:1b:d1:1b:bf:
13:ed:fb:c2:fd:54:37:67:50:fc:1f:60:ca:67:1e:
ce:78:43:a1:f0:f9:dd:ff:e3:0f:55:5e:4e:d3:d8:
f1:4a:75:ba:f7:63:11:e7:4a:95:f1:ba:3b:85:ce:
f0:0a:6a:68:6e:25:17:1f:3a:f1:26:f3:87:b5:ef:
6d:37:ed:44:59:62:4e:07:5c:3b:c5:09:a0:77:6f:
d8:39:4c:4b:4f:12:28:a0:ff:c9:49:ed:99:6f:7c:
73:36:ec:de:76:09:dd:e2:ba:f5:23:97:42:58:93:
43:91:c8:bd:aa:0b:70:d6:4a:70:74:0d:04:73:b0:
c1:44:e1:1d:e7:9f:cc:b8:b4:39:b3:c7:db:7c:1e:
19:c5:4a:8f:f4:c3:2d:27:13:d3:86:08:7d:ea:e5:
6d:cc:4a:c6:a7:94:9e:f9:03:57:54:01:83:0b:e7:
1c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F0:D0:20:14:10:8A:D6:53:72:12:46:4C:28:6F:0B:15:A9:2B:2A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:9000::/40
Signature Algorithm: sha256WithRSAEncryption
36:eb:89:14:8c:45:70:72:e3:bd:d5:87:a2:cd:5c:ca:cd:1e:
09:ac:ae:c3:60:a5:c1:49:b6:51:6f:c5:6b:82:68:f6:ea:eb:
bb:56:5a:7b:b4:ef:e9:61:8a:26:3f:26:0a:a2:35:87:11:c9:
ed:9f:1f:f1:79:17:92:f6:69:b1:6f:1f:02:05:aa:47:ac:5a:
00:6e:70:37:97:ca:de:f1:e6:8c:e3:e7:43:ae:da:48:68:5d:
52:8d:f0:67:b8:b8:5e:f8:f2:c0:3f:c2:c7:28:56:8a:24:79:
ee:77:90:65:ce:5c:0f:81:e5:88:65:75:2f:49:0a:ab:07:cf:
cd:0c:39:26:d7:df:72:8e:99:3a:7a:7b:3b:a4:12:b9:2b:97:
af:b0:ef:ac:61:75:64:51:9a:44:ab:05:9c:38:e1:f3:71:26:
61:73:55:7a:9a:4b:e0:a1:8f:f4:e6:80:24:b8:cc:d3:f6:63:
cb:8a:4f:57:e1:74:aa:e1:50:7c:90:f4:64:2e:b0:04:17:4e:
b0:0a:d9:76:ec:95:61:72:97:ae:77:e7:a8:71:1b:97:69:1b:
ba:70:60:83:57:76:71:8c:23:cb:ad:a2:3f:29:b7:55:27:b6:
d2:13:b0:66:e2:53:1d:d4:13:2f:c8:00:92:86:b6:ff:0a:5c:
9b:0d:ac:68
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZSQzC+ACuPaeA5OIAkRkM6Ve0E0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAwMDNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5YTc0ODdjNzFlMDFjOTIyZjZmZjA3ODczNWIzYTY2YmQ0NTQzY2IwNTZm
YWE2ZGQ3Y2FlMzdmMDkxNDU4OGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKx6hF6v++bdJlWG4uTJz2p5U9Qff4cb2CvCa9PBabmjBuQbUR3a1fPELzjv
uJqClPeDEksPepAj4qVn+ppbU2ayAKDB3PfVdhHXZvoMrkSgO0NyoSQb0Ru/E+37
wv1UN2dQ/B9gymceznhDofD53f/jD1VeTtPY8Up1uvdjEedKlfG6O4XO8ApqaG4l
Fx868Sbzh7XvbTftRFliTgdcO8UJoHdv2DlMS08SKKD/yUntmW98czbs3nYJ3eK6
9SOXQliTQ5HIvaoLcNZKcHQNBHOwwUThHeefzLi0ObPH23weGcVKj/TDLScT04YI
ferlbcxKxqeUnvkDV1QBgwvnHHECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRf8NAg
FBCK1lNyEkZMKG8LFakrKjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM5ZDhiMDgtZjgyYi00YTJhLTg0MWMtMmZhZjdhMzMxZmZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6Q
MA0GCSqGSIb3DQEBCwUAA4IBAQA264kUjEVwcuO91YeizVzKzR4JrK7DYKXBSbZR
b8Vrgmj26uu7Vlp7tO/pYYomPyYKojWHEcntnx/xeReS9mmxbx8CBapHrFoAbnA3
l8re8eaM4+dDrtpIaF1SjfBnuLhe+PLAP8LHKFaKJHnud5BlzlwPgeWIZXUvSQqr
B8/NDDkm199yjpk6ens7pBK5K5evsO+sYXVkUZpEqwWcOOHzcSZhc1V6mkvgoY/0
5oAkuMzT9mPLik9X4XSq4VB8kPRkLrAEF06wCtl27JVhcpeud+eocRuXaRu6cGCD
V3ZxjCPLraI/KbdVJ7bSE7Bm4lMd1BMvyACShrb/ClybDaxo
-----END CERTIFICATE-----
Generated at Fri Sep 19 14:29:12 2025 by rpki-client