Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
File: 76a60505-d74d-4741-a42e-97a09bb6b2a1.roa (raw, json)
Hash identifier: 6dHMHG2bLeMwhocdQaxN/5hhC4NeseXdRiqD3bx5Q8k=
Subject key identifier: 9B:02:1A:BE:87:48:05:9F:04:8C:80:A8:66:DB:48:D4:87:40:F7:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 730309F73690A89513B0E376BA167816F08CB480
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
Signing time: Mon 01 Sep 2025 20:10:50 +0000
ROA not before: Mon 01 Sep 2025 20:10:50 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:03:09:f7:36:90:a8:95:13:b0:e3:76:ba:16:78:16:f0:8c:b4:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:10:50 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=6453107462f0ddf8da5925cabff18e230888765ee5e7b17579717ae7783a0207, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6a:d0:1d:b0:b0:c7:0d:4b:68:18:87:19:d8:
0c:f6:dd:90:cb:75:64:a7:27:c1:3f:c8:38:2f:d5:
a5:59:f4:e6:85:1f:ca:58:eb:53:6e:94:5b:97:8c:
bf:9c:f8:89:93:79:bb:a2:11:f1:6a:af:52:70:20:
16:b4:4e:4b:10:74:3a:06:b0:fd:0f:20:12:a3:e7:
fa:e7:28:54:b3:58:cc:09:b5:ab:12:8d:81:46:2b:
34:53:c1:1a:c3:91:97:ae:f6:ff:75:77:eb:1b:a8:
c0:68:70:80:49:eb:da:aa:39:a9:89:a4:c0:f3:5a:
2b:f4:6d:27:81:23:25:e6:76:a3:a6:3d:c9:10:71:
71:14:34:ae:86:8c:d4:0a:a3:8f:6f:6f:44:3a:a3:
2b:cc:92:5d:ad:32:d3:07:a6:1b:28:a0:0f:55:70:
29:7d:84:01:b5:63:13:a2:5c:e1:b1:d7:dc:e9:49:
d6:0c:6e:53:0c:29:7a:89:a7:f5:b2:d8:97:7b:c2:
d9:d4:ad:40:b1:58:8b:58:54:ba:ac:a3:5c:ba:ee:
52:d9:ce:6d:7c:04:cb:6a:2c:ae:52:97:16:cc:04:
d4:89:a0:fa:84:6b:a3:fa:24:1c:19:e2:89:73:89:
a5:13:b8:e8:fd:20:7b:f9:5c:4c:28:f0:bd:76:d7:
b0:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:02:1A:BE:87:48:05:9F:04:8C:80:A8:66:DB:48:D4:87:40:F7:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8080::/48
Signature Algorithm: sha256WithRSAEncryption
3f:e3:d2:ff:1b:74:2c:e7:3b:60:60:e7:19:63:64:4b:76:bc:
7f:42:5a:90:df:38:4b:27:76:66:37:a3:9f:fb:eb:2a:bd:4e:
d4:6b:00:d7:4a:b2:ba:5f:bb:3e:93:16:24:29:13:78:09:2f:
4a:a4:97:08:dc:81:0f:04:7f:c6:30:6e:b4:30:8b:79:43:08:
16:45:7b:16:81:8c:97:5e:fd:e6:df:95:5a:7c:cf:d7:4b:90:
18:e4:84:c1:ad:97:fb:f1:28:b3:48:d9:89:aa:ec:3d:d0:0f:
f0:37:b6:15:36:e5:9a:64:82:6a:3c:1a:29:43:0b:38:40:39:
e7:f2:82:a0:21:c5:79:ce:0d:6d:72:5f:60:9e:b9:20:df:4f:
9c:f0:d9:e4:81:07:4b:e7:d0:19:c6:ed:74:ec:ae:9c:33:64:
10:18:62:35:fb:35:d2:53:dc:ac:a4:e1:a5:da:22:88:be:3c:
22:9b:1c:8a:ff:ca:30:e5:15:6d:ad:ba:d6:13:e5:96:f2:66:
b6:cb:a6:e4:44:a5:dd:80:d8:f6:bc:68:81:95:80:2b:09:8c:
84:1c:4a:3e:d0:62:ba:ac:da:1f:d1:f2:3d:59:53:a4:10:85:
66:c7:0d:65:c8:22:49:bb:e8:32:39:39:76:b4:28:02:b0:74:
7b:1f:ab:f9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcwMJ9zaQqJUTsON2uhZ4FvCMtIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDEwNTBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0NTMxMDc0NjJmMGRkZjhkYTU5MjVjYWJmZjE4ZTIzMDg4ODc2NWVlNWU3
YjE3NTc5NzE3YWU3NzgzYTAyMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtq0B2wsMcNS2gYhxnYDPbdkMt1ZKcnwT/IOC/VpVn05oUfyljrU26UW5eM
v5z4iZN5u6IR8WqvUnAgFrROSxB0Ogaw/Q8gEqPn+ucoVLNYzAm1qxKNgUYrNFPB
GsORl672/3V36xuowGhwgEnr2qo5qYmkwPNaK/RtJ4EjJeZ2o6Y9yRBxcRQ0roaM
1Aqjj29vRDqjK8ySXa0y0wemGyigD1VwKX2EAbVjE6Jc4bHX3OlJ1gxuUwwpeomn
9bLYl3vC2dStQLFYi1hUuqyjXLruUtnObXwEy2osrlKXFswE1Img+oRro/okHBni
iXOJpRO46P0ge/lcTCjwvXbXsIMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSbAhq+
h0gFnwSMgKhm20jUh0D3DDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzZhNjA1MDUtZDc0ZC00NzQxLWE0MmUtOTdhMDliYjZiMmExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
gDANBgkqhkiG9w0BAQsFAAOCAQEAP+PS/xt0LOc7YGDnGWNkS3a8f0JakN84Syd2
Zjejn/vrKr1O1GsA10qyul+7PpMWJCkTeAkvSqSXCNyBDwR/xjButDCLeUMIFkV7
FoGMl1795t+VWnzP10uQGOSEwa2X+/Eos0jZiarsPdAP8De2FTblmmSCajwaKUML
OEA55/KCoCHFec4NbXJfYJ65IN9PnPDZ5IEHS+fQGcbtdOyunDNkEBhiNfs10lPc
rKThpdoiiL48Ipsciv/KMOUVba261hPllvJmtsum5ESl3YDY9rxogZWAKwmMhBxK
PtBiuqzaH9HyPVlTpBCFZscNZcgiSbvoMjk5drQoArB0ex+r+Q==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:07 2025 by rpki-client