Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
File: 758ab83f-3a25-48db-a214-04c27915b62e.roa (raw, json)
Hash identifier: 67LdBdz0x60ET1o0kZuHbxy2MSfS8qtYm1NqhJ9bcm0=
Subject key identifier: 60:35:58:71:94:A8:1E:E6:C6:43:F8:DF:B5:C0:CD:94:CB:61:F9:C2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D2D2503765A38376757494131BEC063B7E9B88D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
Signing time: Mon 01 Sep 2025 20:51:29 +0000
ROA not before: Mon 01 Sep 2025 20:51:29 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:2d:25:03:76:5a:38:37:67:57:49:41:31:be:c0:63:b7:e9:b8:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:51:29 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=410253e5970b16a688df1e6b4620cf286e2df2d5e97a4a52f2703e0e70a2b047, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:80:a4:44:39:69:96:46:be:ae:ca:bf:8d:f1:
35:6a:46:14:88:c2:fb:6a:6b:68:ad:88:aa:6d:a3:
48:c0:24:ff:65:cc:5e:3e:4d:48:ea:88:70:87:e1:
2f:7c:e3:25:6f:bf:ce:9a:06:35:3a:07:f1:08:b1:
bb:20:cc:5a:5f:d5:aa:dc:8f:4f:c3:23:5a:22:bd:
4e:52:18:b6:df:b6:3f:ef:7e:2c:ab:42:e8:34:8c:
e6:d1:bb:e4:50:d5:dd:04:ce:6c:2c:c7:87:52:3a:
f7:cc:93:d1:17:a6:99:d0:3a:f9:0b:0a:cd:93:21:
23:66:df:1c:00:06:a3:e9:d8:28:e6:03:de:2a:1e:
ef:fc:5a:6f:70:6b:e5:c5:b1:d5:04:cc:ab:1f:46:
f0:04:98:55:0f:d2:7a:e7:5f:04:44:aa:27:fc:c8:
94:4a:13:0f:6b:52:fa:28:e6:8b:e5:e6:c5:21:49:
f7:bd:cb:7a:9c:8c:fb:e2:73:1b:8f:69:38:f0:28:
84:3c:f0:e4:60:50:83:80:e5:b9:0d:89:86:70:f2:
c5:6f:1a:1e:87:0e:cb:1d:85:45:a0:dd:00:1e:0c:
dc:ce:78:28:5e:ac:cd:b8:4e:90:47:d3:92:fd:9f:
f5:7c:c8:49:83:dd:7f:a0:2d:dc:6b:e5:e8:d9:22:
00:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:35:58:71:94:A8:1E:E6:C6:43:F8:DF:B5:C0:CD:94:CB:61:F9:C2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/758ab83f-3a25-48db-a214-04c27915b62e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:a000::/40
Signature Algorithm: sha256WithRSAEncryption
7a:fa:dc:7e:fc:97:8c:1f:43:4e:7e:be:55:78:55:bc:74:0c:
cc:5b:43:ec:14:13:59:b5:18:9a:fa:41:ac:15:6e:47:b6:46:
fb:42:b6:74:d9:b9:9d:d1:1d:ad:28:ef:47:52:97:21:0a:92:
7a:e4:3e:26:50:74:97:43:51:3b:33:91:f4:e5:7e:ca:86:a4:
83:9f:e4:df:88:4f:59:18:28:f1:3c:1b:21:10:d6:9c:e7:fd:
ba:c8:e8:f2:1e:48:f4:38:58:18:58:2c:ee:35:15:29:08:c1:
10:9b:73:17:6b:6f:b6:78:73:25:1d:d6:f1:13:90:c9:3f:d8:
75:cd:ec:08:b5:ef:30:74:50:3d:1b:fe:55:be:3c:5b:79:be:
9c:bb:7b:af:f3:64:7f:09:9d:1f:13:4c:7f:17:02:9c:01:e4:
5b:5b:d9:37:ad:4e:91:45:78:f7:40:aa:d8:01:b6:47:14:3d:
71:83:08:37:f7:24:2a:49:78:b3:f8:8c:29:0a:5f:6c:9c:57:
e1:49:8d:e3:71:0d:07:76:76:7f:d6:0d:28:31:cb:92:44:da:
16:33:a2:4c:db:0f:c2:7c:17:13:a6:de:60:f9:fa:54:76:97:
21:17:ed:6a:00:37:a4:bf:5a:1e:ff:fc:f2:6f:66:df:b9:a2:
d5:25:b7:84
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHS0lA3ZaODdnV0lBMb7AY7fpuI0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUxMjlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxMDI1M2U1OTcwYjE2YTY4OGRmMWU2YjQ2MjBjZjI4NmUyZGYyZDVlOTdh
NGE1MmYyNzAzZTBlNzBhMmIwNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKApEQ5aZZGvq7Kv43xNWpGFIjC+2praK2Iqm2jSMAk/2XMXj5NSOqIcIfh
L3zjJW+/zpoGNToH8QixuyDMWl/VqtyPT8MjWiK9TlIYtt+2P+9+LKtC6DSM5tG7
5FDV3QTObCzHh1I698yT0RemmdA6+QsKzZMhI2bfHAAGo+nYKOYD3ioe7/xab3Br
5cWx1QTMqx9G8ASYVQ/SeudfBESqJ/zIlEoTD2tS+ijmi+XmxSFJ973LepyM++Jz
G49pOPAohDzw5GBQg4DluQ2JhnDyxW8aHocOyx2FRaDdAB4M3M54KF6szbhOkEfT
kv2f9XzISYPdf6At3Gvl6NkiAG0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRgNVhx
lKge5sZD+N+1wM2Uy2H5wjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzU4YWI4M2YtM2EyNS00OGRiLWEyMTQtMDRjMjc5MTViNjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2g
MA0GCSqGSIb3DQEBCwUAA4IBAQB6+tx+/JeMH0NOfr5VeFW8dAzMW0PsFBNZtRia
+kGsFW5Htkb7QrZ02bmd0R2tKO9HUpchCpJ65D4mUHSXQ1E7M5H05X7KhqSDn+Tf
iE9ZGCjxPBshENac5/26yOjyHkj0OFgYWCzuNRUpCMEQm3MXa2+2eHMlHdbxE5DJ
P9h1zewIte8wdFA9G/5Vvjxbeb6cu3uv82R/CZ0fE0x/FwKcAeRbW9k3rU6RRXj3
QKrYAbZHFD1xgwg39yQqSXiz+IwpCl9snFfhSY3jcQ0HdnZ/1g0oMcuSRNoWM6JM
2w/CfBcTpt5g+fpUdpchF+1qADekv1oe//zyb2bfuaLVJbeE
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:44 2025 by rpki-client