Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
File: 819bfec2-19de-4cdb-ba40-657fff6a743e.roa (raw, json)
Hash identifier: Tz8FFGwkBaXSX5d014kXb/4h7zgnfhlvhg1B6YW9awA=
Subject key identifier: B8:02:33:9B:57:38:82:4A:E0:86:F8:48:21:CE:C9:BC:7D:92:28:BF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67D1F57DBF4DDC2B80F3545C7D747871839280D9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
Signing time: Mon 01 Sep 2025 20:20:58 +0000
ROA not before: Mon 01 Sep 2025 20:20:58 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:d1:f5:7d:bf:4d:dc:2b:80:f3:54:5c:7d:74:78:71:83:92:80:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:20:58 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=54764a4116a33e859e80a4d5d4bc5830608138499c0286dfa7d8fda6cf64c165, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:86:3a:c9:79:86:4c:4a:80:dd:3f:50:be:9c:
3d:06:cd:30:6e:09:1a:07:76:98:a1:a4:13:20:80:
9b:e0:e3:0d:77:bf:49:cc:97:c0:79:91:57:d2:0c:
7a:b2:5d:5c:62:ef:90:77:70:21:09:fd:32:43:ea:
b0:ad:fc:16:ca:0c:e2:75:1f:f6:36:b4:04:da:d8:
69:65:c6:a5:8d:b7:48:92:22:53:84:2f:13:4c:0f:
0a:a9:81:48:18:6e:4e:67:ba:53:65:0e:ab:b9:9c:
36:6e:ea:19:1c:54:f8:d5:5a:7b:5d:87:77:02:96:
13:7c:3f:6f:92:3e:65:e6:7a:39:ce:6c:46:94:fb:
af:03:f4:e3:3f:6e:74:7b:11:1d:b4:39:8f:b2:64:
5e:79:f5:b4:79:3b:dd:51:8f:0d:88:08:e0:7b:40:
2d:fc:6b:9b:c9:cf:4d:91:cc:9b:83:1d:70:db:d0:
c9:7f:c8:e5:27:f1:9f:ab:ba:89:5c:7b:fd:95:75:
fa:3f:1b:2b:46:0f:fc:f7:97:97:f6:2a:19:f6:66:
ea:e4:02:1a:dd:b3:14:4f:15:14:5e:72:12:a0:06:
24:bc:26:13:88:d3:7f:b8:9e:60:fe:77:5c:35:9a:
6c:dd:dd:b3:cf:cc:84:23:ed:cf:75:86:6d:87:31:
4c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:02:33:9B:57:38:82:4A:E0:86:F8:48:21:CE:C9:BC:7D:92:28:BF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:9000::/40
Signature Algorithm: sha256WithRSAEncryption
62:44:a9:a3:a5:4f:30:ee:8b:d1:e1:39:f1:ed:90:33:bc:46:
8d:96:f9:00:4a:28:f4:ff:01:7e:10:56:83:52:de:fe:15:9e:
75:a3:93:a0:97:ba:88:3e:39:e4:af:50:49:76:81:88:a8:cb:
6f:8a:52:89:34:54:e1:3e:c8:a8:30:a3:44:94:98:9d:17:72:
37:2f:a1:0d:d5:73:e8:08:51:b7:55:73:c4:ef:a5:67:b3:95:
66:4b:0f:3e:5c:c5:75:5d:9b:29:45:5c:c5:f3:a7:aa:6e:b0:
13:ef:98:03:13:57:6d:7d:0a:02:8c:16:0d:47:80:80:f6:92:
52:16:48:a1:e8:e5:bb:9e:72:45:76:06:bc:46:5a:12:de:af:
1c:4b:4d:03:91:56:ef:2e:fb:7f:0b:49:41:f4:30:7a:f4:d8:
d8:c0:da:17:ff:9a:1c:4f:6c:c4:5f:e2:aa:be:57:20:72:27:
72:8a:ff:0c:7c:c6:f9:b2:63:f6:d3:8a:ee:33:63:be:2b:82:
ae:66:d4:3e:e7:3e:c8:76:c8:13:b6:48:97:d7:cc:44:c3:ab:
0a:b5:31:29:b7:2e:e3:35:3d:18:29:ed:46:ae:ab:67:b1:d1:
bc:a1:04:0f:c9:18:fc:35:11:74:1e:68:b7:79:90:ea:89:22:
a1:a9:85:5c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZ9H1fb9N3CuA81RcfXR4cYOSgNkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIwNThaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0NzY0YTQxMTZhMzNlODU5ZTgwYTRkNWQ0YmM1ODMwNjA4MTM4NDk5YzAy
ODZkZmE3ZDhmZGE2Y2Y2NGMxNjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGGOsl5hkxKgN0/UL6cPQbNMG4JGgd2mKGkEyCAm+DjDXe/ScyXwHmRV9IM
erJdXGLvkHdwIQn9MkPqsK38FsoM4nUf9ja0BNrYaWXGpY23SJIiU4QvE0wPCqmB
SBhuTme6U2UOq7mcNm7qGRxU+NVae12HdwKWE3w/b5I+ZeZ6Oc5sRpT7rwP04z9u
dHsRHbQ5j7JkXnn1tHk73VGPDYgI4HtALfxrm8nPTZHMm4MdcNvQyX/I5Sfxn6u6
iVx7/ZV1+j8bK0YP/PeXl/YqGfZm6uQCGt2zFE8VFF5yEqAGJLwmE4jTf7ieYP53
XDWabN3ds8/MhCPtz3WGbYcxTLUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS4AjOb
VziCSuCG+Eghzsm8fZIovzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODE5YmZlYzItMTlkZS00Y2RiLWJhNDAtNjU3ZmZmNmE3NDNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBiRKmjpU8w7ovR4Tnx7ZAzvEaNlvkASij0/wF+
EFaDUt7+FZ51o5Ogl7qIPjnkr1BJdoGIqMtvilKJNFThPsioMKNElJidF3I3L6EN
1XPoCFG3VXPE76Vns5VmSw8+XMV1XZspRVzF86eqbrAT75gDE1dtfQoCjBYNR4CA
9pJSFkih6OW7nnJFdga8RloS3q8cS00DkVbvLvt/C0lB9DB69NjYwNoX/5ocT2zE
X+Kqvlcgcidyiv8MfMb5smP204ruM2O+K4KuZtQ+5z7IdsgTtkiX18xEw6sKtTEp
ty7jNT0YKe1GrqtnsdG8oQQPyRj8NRF0Hmi3eZDqiSKhqYVc
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:03 2025 by rpki-client