Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
File: 84822380-4084-4c46-8745-4e82faaddd84.roa (raw, json)
Hash identifier: qtBq/iISfdZ49R802QJHi/a/5HmDK+60d+um4qKe4/U=
Subject key identifier: 8C:0C:2E:88:40:F8:B5:E4:EA:8B:73:4A:55:31:05:14:9B:B5:D1:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 637444EAA0B500E99382783276A5DBA72DEC2F42
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
Signing time: Mon 01 Sep 2025 21:10:18 +0000
ROA not before: Mon 01 Sep 2025 21:10:18 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:74:44:ea:a0:b5:00:e9:93:82:78:32:76:a5:db:a7:2d:ec:2f:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:10:18 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=d3a4b5dbbcd080b6b5d69f3afe0fc8e5f4beced0dcc7c36a371db04286ea5857, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b8:ff:55:9e:2b:59:26:cd:0f:b8:64:04:99:
75:78:67:d8:47:b8:2c:cf:e6:b5:ad:60:41:e9:7e:
a3:44:e7:dc:23:e7:68:02:6f:e4:6e:90:54:93:50:
db:e0:0a:05:e0:28:34:c6:3e:f1:1f:25:7a:81:2d:
64:26:54:91:cd:2e:71:6b:7c:40:8f:d7:52:16:35:
37:6d:1f:13:56:52:91:fe:06:33:22:bb:f6:f0:df:
74:01:b0:57:a6:f2:f9:c5:5a:d7:ce:98:8f:fa:bd:
ce:1b:af:06:71:42:a1:06:8f:5b:4b:b7:40:21:55:
05:7b:11:c8:92:5e:6a:f8:f1:b5:e1:ef:98:06:9c:
6a:08:b5:ea:24:67:d5:7c:89:aa:7f:b3:af:d7:4a:
c3:67:8f:67:25:39:9d:44:5b:82:fa:05:8a:07:5d:
01:cc:94:a3:3e:fa:0d:3d:a8:20:a4:de:c7:5c:7c:
6d:f8:e8:57:d4:f0:0a:d6:f9:4b:bc:f4:3f:a7:e3:
34:83:5a:56:6d:fa:1e:5a:42:57:0a:bf:77:17:c5:
5a:82:47:0b:70:3d:36:8c:63:48:98:f3:32:08:61:
a0:52:fe:8f:3a:71:bf:35:f5:de:18:1f:31:57:05:
cb:8e:58:c7:0c:e2:6c:15:8c:52:dd:a9:e0:2a:1a:
2a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:0C:2E:88:40:F8:B5:E4:EA:8B:73:4A:55:31:05:14:9B:B5:D1:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84822380-4084-4c46-8745-4e82faaddd84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:800::/38
Signature Algorithm: sha256WithRSAEncryption
4f:3a:bf:7f:95:da:2a:f1:c1:57:01:7e:75:87:7f:c1:59:e5:
1f:22:a2:ae:0f:22:90:2b:20:d4:85:74:98:a9:97:19:fd:c4:
e7:c4:a6:12:a3:74:de:4b:50:83:89:53:5d:2b:4f:74:7b:d3:
2d:99:12:5a:9e:dd:3d:b2:9d:bc:96:03:ae:2a:ab:f7:7d:ba:
24:ab:de:d8:32:bd:ce:13:af:b7:89:00:c3:3e:eb:e5:17:87:
29:86:a7:c4:1a:f6:71:d5:62:6b:42:52:8c:fd:44:6c:cb:67:
c3:78:e2:67:e5:47:db:05:92:cb:2f:09:7f:fd:38:2f:30:fc:
4f:dc:67:e0:ce:f9:83:ed:44:d0:58:7b:62:a6:01:fc:f4:ac:
4e:96:16:1c:74:6a:56:2d:73:5b:f1:26:1f:cb:55:77:d8:ae:
c1:e8:74:b4:65:d7:57:6c:9e:02:6d:9e:b4:a3:61:37:e6:92:
fc:30:74:76:8f:d0:ae:6c:09:f7:1d:ad:af:fb:50:79:c7:4f:
e1:30:f7:0d:55:1e:bb:52:7d:15:1a:7b:31:b8:3f:ee:82:75:
02:d9:5d:5c:97:d2:4d:5f:8a:07:72:66:d6:31:22:86:5d:e5:
81:b6:ba:9d:31:16:66:a5:08:38:10:03:19:7d:33:55:68:2a:
a1:c8:b2:95
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY3RE6qC1AOmTgngydqXbpy3sL0IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTEwMThaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzYTRiNWRiYmNkMDgwYjZiNWQ2OWYzYWZlMGZjOGU1ZjRiZWNlZDBkY2M3
YzM2YTM3MWRiMDQyODZlYTU4NTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN+4/1WeK1kmzQ+4ZASZdXhn2Ee4LM/mta1gQel+o0Tn3CPnaAJv5G6QVJNQ
2+AKBeAoNMY+8R8leoEtZCZUkc0ucWt8QI/XUhY1N20fE1ZSkf4GMyK79vDfdAGw
V6by+cVa186Yj/q9zhuvBnFCoQaPW0u3QCFVBXsRyJJeavjxteHvmAacagi16iRn
1XyJqn+zr9dKw2ePZyU5nURbgvoFigddAcyUoz76DT2oIKTex1x8bfjoV9TwCtb5
S7z0P6fjNINaVm36HlpCVwq/dxfFWoJHC3A9NoxjSJjzMghhoFL+jzpxvzX13hgf
MVcFy45YxwzibBWMUt2p4CoaKskCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSMDC6I
QPi15OqLc0pVMQUUm7XRCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODQ4MjIzODAtNDA4NC00YzQ2LTg3NDUtNGU4MmZhYWRkZDg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQI
MA0GCSqGSIb3DQEBCwUAA4IBAQBPOr9/ldoq8cFXAX51h3/BWeUfIqKuDyKQKyDU
hXSYqZcZ/cTnxKYSo3TeS1CDiVNdK090e9MtmRJant09sp28lgOuKqv3fbokq97Y
Mr3OE6+3iQDDPuvlF4cphqfEGvZx1WJrQlKM/URsy2fDeOJn5UfbBZLLLwl//Tgv
MPxP3GfgzvmD7UTQWHtipgH89KxOlhYcdGpWLXNb8SYfy1V32K7B6HS0ZddXbJ4C
bZ60o2E35pL8MHR2j9CubAn3Ha2v+1B5x0/hMPcNVR67Un0VGnsxuD/ugnUC2V1c
l9JNX4oHcmbWMSKGXeWBtrqdMRZmpQg4EAMZfTNVaCqhyLKV
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:10:24 2025 by rpki-client