Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a5c899e-1564-4329-8939-7004d7b754c8.roa
File: 7a5c899e-1564-4329-8939-7004d7b754c8.roa (raw, json)
Hash identifier: 01PbSw2CPKExMWXX516K8/edy9Tv6JCIs2Ha+f9kXpU=
Subject key identifier: 05:24:DC:06:D8:15:19:24:BE:5C:93:0C:68:42:23:0F:31:79:F6:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76DEB871C677F7D9E46755859A9DF33DDF6FA76C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a5c899e-1564-4329-8939-7004d7b754c8.roa
Signing time: Mon 01 Sep 2025 20:50:11 +0000
ROA not before: Mon 01 Sep 2025 20:50:11 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:de:b8:71:c6:77:f7:d9:e4:67:55:85:9a:9d:f3:3d:df:6f:a7:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:50:11 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=b731ed8d976931de7b05b9eec037d6eb2c8f2313da7c5d12f968e80300ad72e8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:dc:8d:f5:a1:09:83:bf:ee:64:bd:35:95:c3:
99:07:17:f9:db:69:9b:46:bb:7f:4c:4f:32:94:22:
09:15:33:c8:bb:9a:24:3a:65:ef:e6:09:b1:29:ec:
79:09:2f:35:ba:c7:4e:2c:66:49:af:e1:aa:bb:da:
2b:d5:b9:f1:15:0d:f9:68:90:ba:65:29:d0:67:b7:
dc:a0:6f:88:98:ef:67:fe:bb:ad:07:55:c4:3a:99:
d5:d5:80:78:fa:a1:54:f8:b5:6e:e2:e6:30:55:35:
06:d8:0d:0a:ea:93:e9:f5:bb:9b:86:f8:46:e1:34:
53:1d:59:d7:87:e3:fa:59:26:bf:c2:5d:12:70:9c:
69:2f:73:86:3a:fd:a1:a5:47:56:ff:0d:7a:e2:b2:
44:cc:21:35:53:bc:4b:28:74:07:ca:4e:12:8e:a6:
af:fb:6d:b3:36:03:93:f1:f6:2d:6b:2e:c7:be:80:
c8:8d:48:1e:90:50:0c:69:23:ef:c1:4c:80:23:16:
91:3a:7f:a9:8e:6d:13:74:71:06:6a:80:13:0b:fc:
85:1b:3c:60:59:27:03:2a:37:79:bd:32:75:61:56:
8f:d5:22:55:8e:bc:85:8a:18:97:00:1f:aa:72:8e:
2d:5c:73:f6:27:1b:c0:8d:c4:cb:e9:ec:99:c6:5e:
94:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:24:DC:06:D8:15:19:24:BE:5C:93:0C:68:42:23:0F:31:79:F6:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a5c899e-1564-4329-8939-7004d7b754c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:9000::/40
Signature Algorithm: sha256WithRSAEncryption
06:e2:b7:6a:2d:54:71:99:53:22:23:9e:cf:9c:0e:90:f0:fc:
02:47:32:e7:da:9e:60:ea:af:26:bb:76:de:7b:84:bb:31:7b:
14:a1:b2:a4:5d:e9:70:1b:73:2a:e5:0e:6b:12:92:b7:82:d5:
75:90:4b:99:be:e5:12:f4:15:60:de:0e:58:99:c0:f3:c5:48:
e1:50:d6:69:1c:ab:d9:51:69:a2:e6:25:44:48:a2:3d:ca:f5:
61:ab:b7:a3:90:2a:73:f5:49:ab:fc:40:d9:78:a7:ca:a3:45:
f5:29:99:1b:d3:6b:c1:f6:b5:af:01:78:e9:e9:64:ee:d1:03:
4a:ad:23:dd:03:5f:a8:98:f0:a2:59:74:10:8c:6f:5c:3d:a8:
a2:49:c5:b9:69:fe:56:39:ff:bb:7e:f3:ae:be:1d:dc:4b:f3:
e9:0a:6e:61:ac:c2:db:14:f3:4e:90:cf:9e:b4:99:85:bf:e1:
6a:d1:98:c7:1a:3b:d7:c7:a9:34:94:37:dd:fc:7c:e3:6b:17:
be:29:4f:60:ac:f2:8f:df:0d:88:95:d0:7c:98:de:e1:e5:56:
80:10:89:8e:74:1e:9d:2d:b1:60:ec:ab:0d:df:f9:bc:25:61:
70:d8:a0:77:11:59:fe:5e:e1:da:e6:ac:e6:e4:77:60:55:93:
a4:4e:9c:d8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdt64ccZ399nkZ1WFmp3zPd9vp2wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUwMTFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3MzFlZDhkOTc2OTMxZGU3YjA1YjllZWMwMzdkNmViMmM4ZjIzMTNkYTdj
NWQxMmY5NjhlODAzMDBhZDcyZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJjcjfWhCYO/7mS9NZXDmQcX+dtpm0a7f0xPMpQiCRUzyLuaJDpl7+YJsSns
eQkvNbrHTixmSa/hqrvaK9W58RUN+WiQumUp0Ge33KBviJjvZ/67rQdVxDqZ1dWA
ePqhVPi1buLmMFU1BtgNCuqT6fW7m4b4RuE0Ux1Z14fj+lkmv8JdEnCcaS9zhjr9
oaVHVv8NeuKyRMwhNVO8Syh0B8pOEo6mr/ttszYDk/H2LWsux76AyI1IHpBQDGkj
78FMgCMWkTp/qY5tE3RxBmqAEwv8hRs8YFknAyo3eb0ydWFWj9UiVY68hYoYlwAf
qnKOLVxz9icbwI3Ey+nsmcZelPMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQFJNwG
2BUZJL5ckwxoQiMPMXn2kTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2E1Yzg5OWUtMTU2NC00MzI5LTg5MzktNzAwNGQ3Yjc1NGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAG4rdqLVRxmVMiI57PnA6Q8PwCRzLn2p5g6q8m
u3bee4S7MXsUobKkXelwG3Mq5Q5rEpK3gtV1kEuZvuUS9BVg3g5YmcDzxUjhUNZp
HKvZUWmi5iVESKI9yvVhq7ejkCpz9Umr/EDZeKfKo0X1KZkb02vB9rWvAXjp6WTu
0QNKrSPdA1+omPCiWXQQjG9cPaiiScW5af5WOf+7fvOuvh3cS/PpCm5hrMLbFPNO
kM+etJmFv+Fq0ZjHGjvXx6k0lDfd/Hzjaxe+KU9grPKP3w2IldB8mN7h5VaAEImO
dB6dLbFg7KsN3/m8JWFw2KB3EVn+XuHa5qzm5HdgVZOkTpzY
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:10:21 2025 by rpki-client