Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
File: 79440387-66a3-4852-a94b-8a3250f20726.roa (raw, json)
Hash identifier: vu0pkwurbMp8PeOpYNTULLdyrNKhx032QCHHEoP0b0s=
Subject key identifier: 5B:AF:B4:25:67:16:2D:9E:61:7A:F7:E8:33:7A:3F:01:4A:07:1F:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D499D0900C29712E8AE75C216E36EC1A0937F43
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
Signing time: Mon 01 Sep 2025 19:30:23 +0000
ROA not before: Mon 01 Sep 2025 19:30:23 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:49:9d:09:00:c2:97:12:e8:ae:75:c2:16:e3:6e:c1:a0:93:7f:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:30:23 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=164995e8915c483e23ec54a0013532dfcec31e47a80f6891339d9b3382d58f99, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f0:01:98:94:03:8e:5d:15:33:30:17:22:81:
c4:cb:d8:18:79:bb:12:1c:cd:13:fa:d5:50:24:5a:
93:3c:a8:9d:8d:d7:95:77:10:22:85:27:e6:5e:a7:
62:54:ca:2f:e3:0e:df:9c:82:09:9b:7d:d8:08:bc:
03:b5:ee:e2:a8:2e:5d:09:b9:d0:73:33:56:ad:44:
49:24:fa:55:82:6c:64:8b:1b:57:8a:ac:76:e7:28:
22:f6:b3:46:18:84:45:b0:3a:76:03:40:71:9e:e3:
83:c2:49:05:6b:bb:2b:d6:9f:48:56:d6:7e:7a:96:
88:8e:38:ae:07:64:66:ec:74:8a:2f:06:25:6c:bb:
55:38:9c:5e:ab:b6:16:7c:4e:ba:35:b9:7b:0f:41:
15:1a:1c:c2:1e:f8:45:96:64:bc:95:ab:16:02:8f:
42:d4:0a:99:cd:6c:fe:b9:02:5c:5d:d7:7c:63:93:
35:ef:df:1c:98:3c:7c:4d:8b:a7:65:b5:67:e1:af:
53:e7:37:c5:b2:77:26:77:8b:f5:81:80:46:c8:3c:
18:a0:7d:52:42:b6:75:79:ab:0b:06:45:7b:e6:d4:
67:59:a7:7d:70:7d:db:90:a4:ed:29:10:8e:38:d0:
8f:23:db:72:17:e3:ce:9f:41:1c:d9:37:15:32:23:
a8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:AF:B4:25:67:16:2D:9E:61:7A:F7:E8:33:7A:3F:01:4A:07:1F:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79440387-66a3-4852-a94b-8a3250f20726.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a040::/48
Signature Algorithm: sha256WithRSAEncryption
ab:9c:6b:a7:b8:da:7b:95:f9:88:ba:ae:82:c5:60:89:11:5e:
68:e0:68:31:59:67:d8:78:c0:ab:e5:cc:9d:1b:38:70:ee:22:
00:69:3e:3a:ae:02:c1:5e:08:c5:92:5a:0c:0b:77:66:58:5b:
8a:03:fa:8f:64:e7:19:b4:38:dc:78:55:bb:10:5d:a3:63:bc:
f1:f3:96:d8:1f:47:a9:11:24:73:94:cb:0b:c9:09:5b:78:24:
87:fe:91:c5:25:78:12:24:e4:5b:d8:dd:d1:33:5e:02:64:99:
b9:d6:97:42:e8:40:a4:c7:1b:4d:7c:7f:1c:2e:dd:49:a0:4b:
32:65:a8:c2:ae:17:de:b7:9a:6f:be:0e:42:c4:10:10:88:76:
18:7e:19:dd:ab:b1:32:00:33:f4:e0:4d:c4:fc:22:ab:3d:09:
7c:01:cd:98:37:fc:51:62:a0:1f:57:cf:de:f5:a1:90:b3:40:
95:57:f8:40:e7:1f:e3:55:fb:8e:a0:aa:95:f8:82:fd:f3:24:
96:cb:78:60:60:71:36:5c:29:81:99:bd:46:f7:1f:16:7c:20:
70:aa:fc:a3:7a:f0:4b:63:5e:c8:61:65:d9:08:96:7f:05:d0:
3b:07:7b:cd:f2:c6:c7:b6:7c:64:34:56:6b:76:e1:b9:ac:87:
17:bd:70:ba
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXUmdCQDClxLornXCFuNuwaCTf0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTMwMjNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2NDk5NWU4OTE1YzQ4M2UyM2VjNTRhMDAxMzUzMmRmY2VjMzFlNDdhODBm
Njg5MTMzOWQ5YjMzODJkNThmOTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJrwAZiUA45dFTMwFyKBxMvYGHm7EhzNE/rVUCRakzyonY3XlXcQIoUn5l6n
YlTKL+MO35yCCZt92Ai8A7Xu4qguXQm50HMzVq1ESST6VYJsZIsbV4qsducoIvaz
RhiERbA6dgNAcZ7jg8JJBWu7K9afSFbWfnqWiI44rgdkZux0ii8GJWy7VTicXqu2
FnxOujW5ew9BFRocwh74RZZkvJWrFgKPQtQKmc1s/rkCXF3XfGOTNe/fHJg8fE2L
p2W1Z+GvU+c3xbJ3JneL9YGARsg8GKB9UkK2dXmrCwZFe+bUZ1mnfXB925Ck7SkQ
jjjQjyPbchfjzp9BHNk3FTIjqAcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRbr7Ql
ZxYtnmF69+gzej8BSgcfuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzk0NDAzODctNjZhMy00ODUyLWE5NGItOGEzMjUwZjIwNzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
QDANBgkqhkiG9w0BAQsFAAOCAQEAq5xrp7jae5X5iLqugsVgiRFeaOBoMVln2HjA
q+XMnRs4cO4iAGk+Oq4CwV4IxZJaDAt3ZlhbigP6j2TnGbQ43HhVuxBdo2O88fOW
2B9HqREkc5TLC8kJW3gkh/6RxSV4EiTkW9jd0TNeAmSZudaXQuhApMcbTXx/HC7d
SaBLMmWowq4X3reab74OQsQQEIh2GH4Z3auxMgAz9OBNxPwiqz0JfAHNmDf8UWKg
H1fP3vWhkLNAlVf4QOcf41X7jqCqlfiC/fMklst4YGBxNlwpgZm9RvcfFnwgcKr8
o3rwS2NeyGFl2QiWfwXQOwd7zfLGx7Z8ZDRWa3bhuayHF71wug==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:49 2025 by rpki-client