Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa
File: 7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa (raw, json)
Hash identifier: LIcDT2r2uXLjSdb5+PIrbooEBIFsSjHrBCEK6Yymyss=
Subject key identifier: 8A:D9:73:7D:1B:4C:07:FD:19:34:7A:0C:7F:70:38:DF:B7:4B:51:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65C197A85D1A311A7661F4C7D73782C81153255D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa
Signing time: Mon 01 Sep 2025 20:30:51 +0000
ROA not before: Mon 01 Sep 2025 20:30:51 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:c1:97:a8:5d:1a:31:1a:76:61:f4:c7:d7:37:82:c8:11:53:25:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:51 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=6c8b1f732706da4f11262dd75122d03c22a62a1d92ed6d42c04167c3660fb14b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2c:74:20:35:ee:07:2d:d2:03:ed:96:63:a4:
82:8e:20:62:93:8a:d7:a3:52:67:dd:09:95:79:e4:
e9:bb:c4:eb:3b:92:3e:2e:60:b8:55:11:c5:c7:95:
a3:5c:f1:f4:11:54:70:2d:33:5b:22:ec:c1:e5:48:
cc:5d:0a:7f:5c:bf:a2:98:00:ed:b8:dc:08:8b:ff:
07:7c:b5:cf:40:17:88:65:7a:d1:1e:0f:d1:f8:37:
a4:91:aa:5b:3a:76:36:bd:de:1f:60:2f:68:ea:94:
a8:3f:8c:5f:d0:74:72:3f:2e:ec:1f:13:56:b0:81:
07:65:9f:42:7c:1f:e5:f1:92:7b:dc:c3:0f:87:40:
59:8e:03:3d:cb:6b:51:99:ae:c1:1c:b6:7f:13:9b:
d2:26:51:14:ff:65:46:4d:99:76:69:a1:dd:ee:1b:
f5:8a:b2:b8:42:d8:cd:15:5c:45:40:00:b4:73:fd:
e4:45:98:d8:87:fb:4b:13:ef:2d:e5:79:b9:a8:24:
c0:e8:16:ad:af:57:ba:8c:26:ea:05:bd:c4:8c:55:
16:65:60:72:e3:83:fb:25:86:60:0d:9b:8b:88:89:
34:c0:e4:5e:fe:34:f8:8a:01:5e:b5:7f:66:d7:7f:
32:c7:12:0f:b2:7a:c6:f3:59:ec:d7:39:49:f5:b8:
36:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D9:73:7D:1B:4C:07:FD:19:34:7A:0C:7F:70:38:DF:B7:4B:51:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:9000::/40
Signature Algorithm: sha256WithRSAEncryption
5d:9c:c5:e4:7d:d4:50:32:7a:31:d7:04:5e:77:bf:34:73:42:
24:9e:aa:89:64:a9:31:03:80:76:fb:cd:86:b9:b7:b8:10:83:
8a:0f:12:f3:1b:b1:63:48:02:4d:d9:6f:21:df:b5:5e:54:10:
5c:8e:86:89:56:d8:d0:cd:11:8a:da:1b:8e:28:df:62:32:b6:
09:32:e2:3b:3e:fc:8e:20:78:c2:e1:02:61:d8:9c:d4:e2:ff:
75:6d:ca:32:62:39:79:56:14:03:80:6f:e4:ad:ee:2e:a6:be:
b1:f1:bb:af:43:41:0d:cb:72:61:3a:4e:57:5c:e9:ca:03:fb:
13:8d:04:6f:9b:65:51:47:40:e0:04:6f:29:50:54:a7:fe:ab:
8e:a5:34:e4:2a:c8:8f:84:44:d4:56:f3:ae:03:cf:26:23:be:
20:e2:c5:48:e8:eb:91:9d:7a:ff:b0:1e:9b:3b:5d:20:68:10:
0a:17:6d:1e:39:b8:bd:33:6f:4f:3b:0b:2e:2c:d6:12:47:30:
d2:66:fa:a1:1e:6e:da:e9:49:33:29:d4:a7:85:85:9f:88:66:
f3:8a:e3:dc:ac:d3:1c:ae:d7:c4:59:c6:4e:20:49:f5:ea:db:
ec:1f:dd:ca:b2:b3:cf:06:e6:9a:8b:fc:92:ad:d1:e6:b0:e6:
38:be:1d:61
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZcGXqF0aMRp2YfTH1zeCyBFTJV0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwNTFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjOGIxZjczMjcwNmRhNGYxMTI2MmRkNzUxMjJkMDNjMjJhNjJhMWQ5MmVk
NmQ0MmMwNDE2N2MzNjYwZmIxNGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgsdCA17gct0gPtlmOkgo4gYpOK16NSZ90JlXnk6bvE6zuSPi5guFURxceV
o1zx9BFUcC0zWyLsweVIzF0Kf1y/opgA7bjcCIv/B3y1z0AXiGV60R4P0fg3pJGq
Wzp2Nr3eH2AvaOqUqD+MX9B0cj8u7B8TVrCBB2WfQnwf5fGSe9zDD4dAWY4DPctr
UZmuwRy2fxOb0iZRFP9lRk2Zdmmh3e4b9YqyuELYzRVcRUAAtHP95EWY2If7SxPv
LeV5uagkwOgWra9Xuowm6gW9xIxVFmVgcuOD+yWGYA2bi4iJNMDkXv40+IoBXrV/
Ztd/MscSD7J6xvNZ7Nc5SfW4NtcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSK2XN9
G0wH/Rk0egx/cDjft0tR0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2Q5NmQzYWQtMGVlNy00NjMwLTlhNDktYTBkY2MyYjcxZGE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBdnMXkfdRQMnox1wRed780c0IknqqJZKkxA4B2
+82Gube4EIOKDxLzG7FjSAJN2W8h37VeVBBcjoaJVtjQzRGK2huOKN9iMrYJMuI7
PvyOIHjC4QJh2JzU4v91bcoyYjl5VhQDgG/kre4upr6x8buvQ0ENy3JhOk5XXOnK
A/sTjQRvm2VRR0DgBG8pUFSn/quOpTTkKsiPhETUVvOuA88mI74g4sVI6OuRnXr/
sB6bO10gaBAKF20eObi9M29POwsuLNYSRzDSZvqhHm7a6UkzKdSnhYWfiGbziuPc
rNMcrtfEWcZOIEn16tvsH93KsrPPBuaai/ySrdHmsOY4vh1h
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:08 2025 by rpki-client