Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
File: 8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa (raw, json)
Hash identifier: wY83cjloc7+bs2aqPTbbibrxif5tMZTa78wGDXdpuxQ=
Subject key identifier: 8E:F8:37:8D:34:08:3A:99:13:D6:A1:EE:B0:FD:62:D6:E6:89:05:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B05232AC42FC9E6CEA69D9978D290DFFF2AC208
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
Signing time: Mon 01 Sep 2025 21:21:08 +0000
ROA not before: Mon 01 Sep 2025 21:21:08 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d028::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:05:23:2a:c4:2f:c9:e6:ce:a6:9d:99:78:d2:90:df:ff:2a:c2:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:21:08 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=e4935899f193ce45692a9a8835906401210bd376f0238d02012dd6b6aa630ce4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:27:41:18:60:f9:ec:88:eb:31:65:d3:ad:11:
f4:b4:cf:7a:61:c5:2f:ed:fa:4e:25:c9:8b:58:e9:
72:df:3c:23:85:3f:fb:7e:87:80:22:34:1b:35:b4:
31:ee:0a:0e:fc:c8:cf:3d:f3:6b:78:6c:4d:9d:d1:
55:85:bd:3b:7c:54:38:ef:91:fb:52:b4:b5:5a:60:
85:3b:91:55:0f:5c:ff:85:0e:34:0c:59:ed:ea:dd:
ee:45:04:c9:48:cd:8d:9c:6b:17:13:3d:5a:3c:d3:
cd:24:44:73:ad:a5:02:8f:df:12:5b:c0:e9:25:42:
e0:04:3f:3b:b1:4c:e9:38:89:d0:6a:7c:3e:dc:0e:
1b:7f:97:07:f5:6f:a3:41:06:60:3b:6d:e3:ba:48:
2d:ac:0b:02:81:83:c6:10:9c:95:3d:6c:57:58:e9:
2c:82:5e:ad:74:9e:39:71:9e:9a:94:28:fd:d1:b8:
c9:d0:01:f7:af:93:c9:99:df:04:bf:a4:a2:75:2d:
b9:f9:83:f4:5d:62:b3:61:79:38:6c:be:d1:85:50:
c2:04:7b:72:84:ca:59:5a:54:8c:12:61:b1:6e:af:
af:83:de:2e:88:8a:72:3c:3f:38:bf:79:cf:7a:f4:
30:4e:39:c6:ea:ce:a1:2e:11:5a:3e:44:e1:a9:cc:
8e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:F8:37:8D:34:08:3A:99:13:D6:A1:EE:B0:FD:62:D6:E6:89:05:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d028::/36
Signature Algorithm: sha256WithRSAEncryption
1a:81:82:62:72:60:37:0a:57:67:0e:d7:1a:e1:d1:4a:dc:91:
be:f3:47:6a:1b:73:83:6a:7c:21:55:f0:56:09:dc:19:53:47:
c8:b3:d7:7e:b9:89:77:b2:f8:87:0a:2a:f4:d9:96:84:f3:d5:
6c:aa:0d:2e:bd:22:4b:c9:02:c1:be:1c:92:58:eb:5b:4b:fa:
e4:c8:f3:50:28:1d:7b:f5:ad:07:87:3b:02:b3:e7:ba:cc:45:
b8:34:66:e0:13:21:0b:0d:67:f0:54:b3:e9:84:81:61:cc:37:
f5:16:a2:b9:16:72:f2:a4:4e:22:94:ef:f6:02:d7:eb:27:e5:
f6:9d:61:11:e8:74:60:82:df:6c:55:f4:ee:33:df:15:c3:ba:
de:c8:9a:3a:3e:b0:35:4e:11:63:51:36:ef:94:b9:63:48:71:
3f:a4:43:16:71:fb:f4:60:3e:86:70:74:ef:ed:86:39:e7:1e:
ab:87:4d:a6:7a:61:cb:74:ef:22:0e:65:1a:24:42:f4:b8:10:
1b:63:db:bb:a2:3c:f2:81:4c:96:b8:0d:6a:cc:0f:9c:fc:9c:
62:56:54:38:bf:45:cd:1c:d3:26:52:dd:eb:c1:8e:d7:de:94:
79:6b:49:73:73:51:48:a3:8f:14:98:b0:ef:72:af:61:43:7f:
8e:f3:32:d1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOwUjKsQvyebOpp2ZeNKQ3/8qwggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIxMDhaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0OTM1ODk5ZjE5M2NlNDU2OTJhOWE4ODM1OTA2NDAxMjEwYmQzNzZmMDIz
OGQwMjAxMmRkNmI2YWE2MzBjZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANAnQRhg+eyI6zFl060R9LTPemHFL+36TiXJi1jpct88I4U/+36HgCI0GzW0
Me4KDvzIzz3za3hsTZ3RVYW9O3xUOO+R+1K0tVpghTuRVQ9c/4UONAxZ7erd7kUE
yUjNjZxrFxM9WjzTzSREc62lAo/fElvA6SVC4AQ/O7FM6TiJ0Gp8PtwOG3+XB/Vv
o0EGYDtt47pILawLAoGDxhCclT1sV1jpLIJerXSeOXGempQo/dG4ydAB96+TyZnf
BL+konUtufmD9F1is2F5OGy+0YVQwgR7coTKWVpUjBJhsW6vr4PeLoiKcjw/OL95
z3r0ME45xurOoS4RWj5E4anMju8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSO+DeN
NAg6mRPWoe6w/WLW5okFBzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODAxNWZkYzQtZTc5ZC00NDAwLWE3ODYtYzcwYWIzZjEwZDJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CgA
MA0GCSqGSIb3DQEBCwUAA4IBAQAagYJicmA3CldnDtca4dFK3JG+80dqG3ODanwh
VfBWCdwZU0fIs9d+uYl3sviHCir02ZaE89Vsqg0uvSJLyQLBvhySWOtbS/rkyPNQ
KB179a0HhzsCs+e6zEW4NGbgEyELDWfwVLPphIFhzDf1FqK5FnLypE4ilO/2Atfr
J+X2nWER6HRggt9sVfTuM98Vw7reyJo6PrA1ThFjUTbvlLljSHE/pEMWcfv0YD6G
cHTv7YY55x6rh02memHLdO8iDmUaJEL0uBAbY9u7ojzygUyWuA1qzA+c/JxiVlQ4
v0XNHNMmUt3rwY7X3pR5a0lzc1FIo48UmLDvcq9hQ3+O8zLR
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:09 2025 by rpki-client