Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
File: 7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa (raw, json)
Hash identifier: CrNfM5YYvzWUPBfyV2oR4ujWNRN50FjEAxr2hX6GU7I=
Subject key identifier: F8:A3:7D:E1:6B:C2:C0:92:08:C0:42:71:6A:0F:CB:D9:6F:6A:18:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1755BBD0DFE0061091C2A2379A9B2BE4558167A6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
Signing time: Mon 01 Sep 2025 21:01:15 +0000
ROA not before: Mon 01 Sep 2025 21:01:15 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:55:bb:d0:df:e0:06:10:91:c2:a2:37:9a:9b:2b:e4:55:81:67:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:01:15 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=560fc5e42a8f679c432763fe85437b5affed62c8d7c2c288060082bd390e0f92, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:58:f4:37:1f:32:ac:75:b6:ae:4e:5b:c8:ff:
ac:e7:b0:b4:d4:6e:f9:70:ea:c6:21:f8:54:7f:2e:
06:9b:ef:3a:15:f5:6d:a5:a5:60:9d:75:c5:64:ab:
31:b2:ab:86:b8:e5:de:f5:f3:4a:32:fe:99:83:34:
16:be:0e:72:12:34:ef:e6:a5:fc:b7:5f:28:95:ef:
8a:8f:5d:f2:b7:63:3d:c9:6a:e7:ef:1d:95:29:9f:
8a:e7:d1:b7:da:04:f5:1f:10:4c:d5:e5:09:9a:31:
52:37:9d:7c:81:f4:e2:de:47:4d:ac:87:c6:74:4a:
bb:ad:15:0c:09:0d:6a:ac:88:41:28:90:9f:ab:54:
ed:7e:ed:12:07:fb:65:01:32:c9:77:6f:56:78:d0:
8f:b6:00:1a:5f:80:f5:b7:e8:73:5f:f2:5a:23:fa:
f7:a1:0f:aa:a7:7a:7e:16:4b:de:ea:f9:40:5b:78:
8f:fd:bc:40:e4:24:45:c8:67:6b:f0:b3:ea:2e:6d:
99:33:1f:39:fd:c6:57:74:8e:ae:b1:aa:b0:f7:62:
85:93:7e:39:6f:7d:c9:58:6c:19:88:65:0f:72:d7:
e9:32:aa:2d:72:c8:42:82:76:9b:ca:67:55:05:bf:
18:3c:1c:94:fb:72:6d:f4:51:ba:83:30:44:91:76:
f5:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A3:7D:E1:6B:C2:C0:92:08:C0:42:71:6A:0F:CB:D9:6F:6A:18:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038::/32
Signature Algorithm: sha256WithRSAEncryption
9f:a5:c5:4d:2f:cd:8c:0c:46:14:89:a9:bd:44:bf:39:d5:3a:
bd:fc:26:49:bc:0b:d0:b3:62:84:24:c1:34:fc:ea:f2:1c:38:
dd:2a:2b:a9:b6:b6:3c:2d:8f:6d:7a:1d:86:98:75:8b:01:d7:
19:05:d9:55:0f:f1:d4:6e:ca:6b:89:3f:31:b7:34:23:22:eb:
b4:fb:1a:da:ee:16:58:3d:9f:28:66:40:50:3a:0f:c8:e2:a6:
a5:61:13:54:69:b6:7f:3b:7c:07:e4:60:38:b6:f6:aa:3a:b4:
d7:a9:5b:9e:60:f7:49:e9:3f:20:3b:6b:99:0c:b5:38:22:f4:
e6:e5:2f:15:09:89:60:00:6d:2f:67:d1:57:9e:36:8d:89:81:
35:49:39:d6:5e:21:1d:43:ab:a1:7b:3c:49:58:69:80:dc:61:
b8:6b:85:c6:9c:a3:6f:65:fb:cf:98:f0:0f:f3:de:9a:9f:58:
4b:06:ef:dc:e2:40:cb:f5:10:4e:92:86:11:35:d8:d8:88:1e:
82:26:4c:88:f8:09:ca:b5:23:0e:3d:3e:5d:14:99:b5:80:2e:
50:58:f7:21:bf:93:4c:e2:e0:30:02:3e:d1:64:a8:bc:e5:03:
b4:74:23:22:0d:a6:50:08:4e:f7:d7:27:db:c4:49:2f:67:b9:
65:d9:95:6c
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUF1W70N/gBhCRwqI3mpsr5FWBZ6YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAxMTVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2MGZjNWU0MmE4ZjY3OWM0MzI3NjNmZTg1NDM3YjVhZmZlZDYyYzhkN2My
YzI4ODA2MDA4MmJkMzkwZTBmOTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5Y9DcfMqx1tq5OW8j/rOewtNRu+XDqxiH4VH8uBpvvOhX1baWlYJ11xWSr
MbKrhrjl3vXzSjL+mYM0Fr4OchI07+al/LdfKJXvio9d8rdjPclq5+8dlSmfiufR
t9oE9R8QTNXlCZoxUjedfIH04t5HTayHxnRKu60VDAkNaqyIQSiQn6tU7X7tEgf7
ZQEyyXdvVnjQj7YAGl+A9bfoc1/yWiP696EPqqd6fhZL3ur5QFt4j/28QOQkRchn
a/Cz6i5tmTMfOf3GV3SOrrGqsPdihZN+OW99yVhsGYhlD3LX6TKqLXLIQoJ2m8pn
VQW/GDwclPtybfRRuoMwRJF29UMCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBT4o33h
a8LAkgjAQnFqD8vZb2oYpDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RjZjAxNGYtYWY4OC00YWI5LTk5NzYtNzQ2ZWQ4ZGVjMWE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Dgw
DQYJKoZIhvcNAQELBQADggEBAJ+lxU0vzYwMRhSJqb1EvznVOr38Jkm8C9CzYoQk
wTT86vIcON0qK6m2tjwtj216HYaYdYsB1xkF2VUP8dRuymuJPzG3NCMi67T7Gtru
Flg9nyhmQFA6D8jipqVhE1Rptn87fAfkYDi29qo6tNepW55g90npPyA7a5kMtTgi
9OblLxUJiWAAbS9n0VeeNo2JgTVJOdZeIR1Dq6F7PElYaYDcYbhrhcaco29l+8+Y
8A/z3pqfWEsG79ziQMv1EE6ShhE12NiIHoImTIj4Ccq1Iw49Pl0UmbWALlBY9yG/
k0zi4DACPtFkqLzlA7R0IyINplAITvfXJ9vESS9nuWXZlWw=
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:25 2025 by rpki-client