Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
File: 7dbe70b9-8807-4382-b0db-753dfbe69012.roa (raw, json)
Hash identifier: zhNNsinxFkHwrm/lA+yjNHi1JJEl/jw1XcgnquKXKw8=
Subject key identifier: CD:2B:4D:91:E7:29:53:C8:13:F1:B9:FB:62:0C:67:E9:C9:D9:37:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61A23FC77C90AB1A3082A2EB86CEEE6651016F0C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
Signing time: Mon 01 Sep 2025 21:20:19 +0000
ROA not before: Mon 01 Sep 2025 21:20:19 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:a2:3f:c7:7c:90:ab:1a:30:82:a2:eb:86:ce:ee:66:51:01:6f:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:20:19 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=c3e6f2793270fe62c177eaac7373273578a893acb143ae1dc11d165098825e11, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:bf:a3:64:40:80:70:11:27:d9:6f:e0:4b:34:
29:e0:78:57:92:d0:b8:87:19:99:37:7c:55:53:73:
1d:58:79:cb:da:6e:6b:ca:af:e5:cc:72:e1:9b:4e:
2f:1a:dc:c2:4c:f8:c3:44:09:3b:4e:2b:d8:10:04:
40:28:03:b5:6a:d0:cf:9c:7a:da:e3:b2:da:08:43:
59:02:f0:70:ab:0e:0c:a1:b6:f2:8c:72:47:f0:12:
19:85:9f:a1:95:bb:3a:3a:20:45:ec:60:ae:ca:21:
66:df:75:f5:a0:54:49:b5:c6:22:92:7b:69:91:26:
3d:9a:7b:e9:c3:3e:97:26:99:25:94:fa:ef:f5:b4:
ef:1c:15:cc:c0:8c:3f:53:db:24:21:5d:fa:a6:4a:
a3:c3:66:af:ac:70:40:f4:4f:a3:67:5c:a9:86:d9:
a2:9e:7e:8d:28:67:ca:65:e3:51:d9:a2:d2:6d:53:
ce:61:4a:2c:67:33:0b:c7:5f:cb:47:71:04:9c:41:
88:52:43:e6:d6:96:eb:d7:03:3d:d7:15:9a:9a:2a:
89:13:18:c0:23:55:86:03:7f:12:0b:ea:02:f7:ed:
6b:14:dd:99:8d:d9:62:0c:36:4e:28:fb:66:60:32:
3a:c5:3f:41:36:61:95:66:e5:6b:55:87:c2:65:91:
6b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:2B:4D:91:E7:29:53:C8:13:F1:B9:FB:62:0C:67:E9:C9:D9:37:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dbe70b9-8807-4382-b0db-753dfbe69012.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/37
Signature Algorithm: sha256WithRSAEncryption
5d:87:90:16:3f:a2:2b:78:6c:c6:b3:61:e4:ff:68:77:df:d6:
de:66:07:b6:27:3a:6f:62:25:00:7f:0f:b3:cc:33:13:f8:46:
38:88:30:7f:eb:fc:c5:1f:55:a7:ae:76:44:f6:a5:3f:07:94:
85:6a:03:b4:fb:91:c0:ae:05:d8:3f:9d:09:62:f8:9a:c9:04:
9e:7d:63:a5:f9:e5:77:55:23:ac:e7:f4:3a:0c:71:53:49:fa:
83:54:05:75:f6:0f:f7:a3:83:f1:47:9f:ff:64:2a:c2:0c:8f:
71:34:28:7e:f5:a5:34:f4:e4:c6:c8:a5:d1:05:4a:29:ff:4c:
4f:37:15:f2:86:8d:c1:f2:1a:ca:6b:d5:f4:47:59:55:6a:9a:
6c:e1:bc:aa:df:c5:f8:0f:b8:46:52:7f:79:14:ad:15:f9:59:
45:3d:f9:88:8e:fd:42:b8:6b:8a:4d:05:2f:e7:c9:d9:f1:45:
c4:f8:a4:cb:16:83:4c:f1:0e:2c:a9:5c:a5:11:b0:c6:d3:99:
fa:d9:e4:88:33:f7:88:f7:e4:1d:e2:bc:e0:4c:a9:22:2f:cd:
c7:14:3a:3a:c0:df:2d:82:5e:39:83:0c:39:b3:24:86:1f:ca:
85:d8:5d:b4:ba:6d:1c:36:fe:22:39:a8:35:8a:43:da:50:b3:
e9:35:3f:68
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYaI/x3yQqxowgqLrhs7uZlEBbwwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIwMTlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzZTZmMjc5MzI3MGZlNjJjMTc3ZWFhYzczNzMyNzM1NzhhODkzYWNiMTQz
YWUxZGMxMWQxNjUwOTg4MjVlMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMe/o2RAgHARJ9lv4Es0KeB4V5LQuIcZmTd8VVNzHVh5y9pua8qv5cxy4ZtO
Lxrcwkz4w0QJO04r2BAEQCgDtWrQz5x62uOy2ghDWQLwcKsODKG28oxyR/ASGYWf
oZW7OjogRexgrsohZt919aBUSbXGIpJ7aZEmPZp76cM+lyaZJZT67/W07xwVzMCM
P1PbJCFd+qZKo8Nmr6xwQPRPo2dcqYbZop5+jShnymXjUdmi0m1TzmFKLGczC8df
y0dxBJxBiFJD5taW69cDPdcVmpoqiRMYwCNVhgN/EgvqAvftaxTdmY3ZYgw2Tij7
ZmAyOsU/QTZhlWbla1WHwmWRa3UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTNK02R
5ylTyBPxuftiDGfpydk3vTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RiZTcwYjktODgwNy00MzgyLWIwZGItNzUzZGZiZTY5MDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0BsA
MA0GCSqGSIb3DQEBCwUAA4IBAQBdh5AWP6IreGzGs2Hk/2h339beZge2JzpvYiUA
fw+zzDMT+EY4iDB/6/zFH1WnrnZE9qU/B5SFagO0+5HArgXYP50JYviayQSefWOl
+eV3VSOs5/Q6DHFTSfqDVAV19g/3o4PxR5//ZCrCDI9xNCh+9aU09OTGyKXRBUop
/0xPNxXyho3B8hrKa9X0R1lVapps4byq38X4D7hGUn95FK0V+VlFPfmIjv1CuGuK
TQUv58nZ8UXE+KTLFoNM8Q4sqVylEbDG05n62eSIM/eI9+Qd4rzgTKkiL83HFDo6
wN8tgl45gww5sySGH8qF2F20um0cNv4iOag1ikPaULPpNT9o
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:03 2025 by rpki-client