Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa
File: 7ce413ad-560d-4eb8-915b-8c6e01d97910.roa (raw, json)
Hash identifier: dLQiE669Wj0Qn9S0/rRmdiZFqdZ0q56nlcrzRLn1k9g=
Subject key identifier: 1D:C8:BF:81:92:76:04:00:87:EA:AD:85:9B:66:6C:5D:75:B9:99:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B6D50CB7401712AA00131991FE0ED75323021D2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa
Signing time: Mon 01 Sep 2025 20:20:59 +0000
ROA not before: Mon 01 Sep 2025 20:20:59 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:6d:50:cb:74:01:71:2a:a0:01:31:99:1f:e0:ed:75:32:30:21:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:20:59 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=fb8b7b6fadd58fcae1dc99eefde93ee0ec8d45ba7053d46e67d3ec7942855d7e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:40:49:b3:23:08:9b:7b:17:84:dd:17:77:60:
35:3f:2f:c3:c0:d3:89:55:1f:3f:cf:a5:be:0f:ce:
c6:32:6e:d0:a7:f0:e4:d7:63:be:3b:29:1d:5e:6b:
79:ed:7b:1a:8e:e9:3b:39:ea:c9:5e:14:20:14:75:
81:d3:12:05:43:f2:30:1a:ac:16:10:19:6d:35:e7:
35:cd:d5:e8:92:0e:05:0c:84:2a:01:37:09:72:b6:
cb:23:f9:ca:d1:40:9c:19:c1:3f:ea:78:dd:25:65:
97:4a:e3:be:b4:10:50:74:e8:1f:b7:b2:89:bf:9f:
82:fa:56:a9:b2:b1:26:d9:ba:72:ab:71:9f:ea:a1:
f1:34:5e:24:57:b0:54:96:6a:36:d8:a0:3e:05:ee:
c6:19:af:6a:e6:09:20:61:8b:c5:1c:a2:63:1f:33:
de:d0:e5:7d:9d:94:c8:5f:fa:a0:6e:52:de:b7:57:
e0:f2:0f:99:f6:fe:26:3d:66:2b:9f:27:c7:ae:10:
22:da:ae:14:72:90:4d:46:ad:39:65:12:57:38:e2:
ff:c1:8d:40:2e:88:c5:dd:40:5d:a2:2f:10:5e:56:
98:b0:a8:bd:7b:c0:40:96:95:8f:b6:07:b5:6d:e2:
04:23:ff:73:e7:ef:d7:b0:b7:36:78:47:02:30:23:
19:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C8:BF:81:92:76:04:00:87:EA:AD:85:9B:66:6C:5D:75:B9:99:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:5000::/40
Signature Algorithm: sha256WithRSAEncryption
9b:54:84:7c:66:00:49:df:b5:b0:32:f0:9f:6d:22:f9:99:c8:
b6:72:b9:ac:fd:36:66:a7:ea:40:92:c3:0a:a0:2b:ee:4c:27:
2d:58:88:df:02:68:92:e9:ac:56:ce:be:9f:f1:c6:86:e3:03:
96:6c:0e:cc:e8:72:a0:4e:73:9a:cf:fa:d1:d4:37:08:f6:37:
15:cb:0a:a1:6e:e2:a4:a4:c1:1a:e3:ba:07:d5:96:9b:b0:20:
51:fd:63:c5:a2:ba:40:c2:21:63:c8:9d:8b:0d:53:d3:b1:64:
32:f2:50:6e:29:91:6f:45:15:08:1f:ef:9f:ff:2e:56:4b:ca:
95:f8:45:bb:7c:09:a3:b6:86:b9:68:ed:54:bf:f6:31:41:da:
c3:26:4b:4e:b2:eb:ce:ee:85:4f:d5:f3:58:2e:54:6f:fb:b9:
47:8a:ea:a5:23:0b:b3:13:64:a6:43:db:c9:fd:04:bc:0a:13:
da:91:b0:2a:f6:1e:3d:2d:45:a9:44:e8:a8:1e:8d:54:bc:03:
cf:94:32:85:42:f6:aa:a9:97:f1:5a:17:7a:77:44:46:9e:7a:
d8:c8:23:8e:84:40:c0:a9:ae:18:81:e8:c0:47:33:ec:15:3f:
41:d9:9a:d6:97:f2:32:c1:76:81:de:55:bf:2d:75:ee:e2:19:
04:f6:16:1c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUS21Qy3QBcSqgATGZH+DtdTIwIdIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIwNTlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiOGI3YjZmYWRkNThmY2FlMWRjOTllZWZkZTkzZWUwZWM4ZDQ1YmE3MDUz
ZDQ2ZTY3ZDNlYzc5NDI4NTVkN2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFASbMjCJt7F4TdF3dgNT8vw8DTiVUfP8+lvg/OxjJu0Kfw5NdjvjspHV5r
ee17Go7pOznqyV4UIBR1gdMSBUPyMBqsFhAZbTXnNc3V6JIOBQyEKgE3CXK2yyP5
ytFAnBnBP+p43SVll0rjvrQQUHToH7eyib+fgvpWqbKxJtm6cqtxn+qh8TReJFew
VJZqNtigPgXuxhmvauYJIGGLxRyiYx8z3tDlfZ2UyF/6oG5S3rdX4PIPmfb+Jj1m
K58nx64QItquFHKQTUatOWUSVzji/8GNQC6Ixd1AXaIvEF5WmLCovXvAQJaVj7YH
tW3iBCP/c+fv17C3NnhHAjAjGSMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQdyL+B
knYEAIfqrYWbZmxddbmZszAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2NlNDEzYWQtNTYwZC00ZWI4LTkxNWItOGM2ZTAxZDk3OTEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCbVIR8ZgBJ37WwMvCfbSL5mci2crms/TZmp+pA
ksMKoCvuTCctWIjfAmiS6axWzr6f8caG4wOWbA7M6HKgTnOaz/rR1DcI9jcVywqh
buKkpMEa47oH1ZabsCBR/WPForpAwiFjyJ2LDVPTsWQy8lBuKZFvRRUIH++f/y5W
S8qV+EW7fAmjtoa5aO1Uv/YxQdrDJktOsuvO7oVP1fNYLlRv+7lHiuqlIwuzE2Sm
Q9vJ/QS8ChPakbAq9h49LUWpROioHo1UvAPPlDKFQvaqqZfxWhd6d0RGnnrYyCOO
hEDAqa4YgejARzPsFT9B2ZrWl/IywXaB3lW/LXXu4hkE9hYc
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:32 2025 by rpki-client