Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa
File: 868cbba8-4804-4fbd-b9b8-7e9402c44956.roa (raw, json)
Hash identifier: pYMomDoRZiYaKYZHNVzCmhQ9MbruEbxD+aG+Dup5e5o=
Subject key identifier: 1F:07:D0:A1:F3:DA:F7:D2:DE:87:E9:A4:72:E0:6F:0D:A5:11:63:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3EEFF842376463A28529DF21DE8153AFF2510EE1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa
Signing time: Mon 01 Sep 2025 21:00:53 +0000
ROA not before: Mon 01 Sep 2025 21:00:53 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:ef:f8:42:37:64:63:a2:85:29:df:21:de:81:53:af:f2:51:0e:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:00:53 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=8f234e13fd65af5619ba1a9b6f2e6ebb9dee58ae71609739ddf5ae7f6e897934, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a8:20:47:44:73:e6:dc:48:39:60:fa:6c:52:
26:eb:c7:7d:b9:c4:0d:e4:1f:14:a8:5c:ee:c9:53:
a0:89:9f:8b:dc:32:fc:55:bb:cd:ba:02:da:b4:29:
de:19:c2:ec:1b:f4:89:38:07:b7:d3:4e:61:1f:4a:
a7:0e:22:eb:ef:fc:25:86:b1:c0:61:3e:22:60:db:
a1:47:f2:ec:7d:72:d3:ab:93:f9:89:62:85:07:8a:
df:32:84:96:ad:d4:30:73:33:a7:4a:8e:5f:54:4f:
5d:22:74:29:88:4b:ab:0e:09:05:fb:1d:d8:03:45:
ea:4b:c2:c3:01:c3:f3:37:c9:88:71:60:0b:26:82:
06:5e:cb:ff:b4:59:51:2b:42:da:95:c9:53:82:85:
93:df:32:4d:83:2b:49:7d:03:06:c6:ad:c2:e6:86:
05:58:e1:08:85:8e:b0:11:a5:77:e9:ec:d2:03:6a:
8a:05:94:7c:b0:d7:3c:cb:a3:b6:c4:ee:72:a6:0c:
eb:8f:67:9f:61:e5:a0:0d:19:13:d7:17:31:24:11:
0b:14:05:6f:2b:87:77:b2:e3:84:3c:0e:ed:d3:5c:
d2:1b:c5:69:ac:69:1c:ad:b1:bf:4b:6d:eb:df:01:
1c:ef:a2:a2:70:00:24:7b:0a:a1:f8:2d:2d:7f:79:
44:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:07:D0:A1:F3:DA:F7:D2:DE:87:E9:A4:72:E0:6F:0D:A5:11:63:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:9000::/40
Signature Algorithm: sha256WithRSAEncryption
55:b3:b5:c5:54:6f:3d:e0:74:fb:1c:c5:c4:c4:90:00:35:13:
1b:8f:8b:bb:71:f0:31:49:94:78:37:e1:8d:aa:d8:ac:f7:21:
2c:87:66:c1:01:28:4c:bd:1e:d4:5c:26:71:26:49:0a:8e:c7:
75:1b:0a:33:2c:f9:76:95:51:09:4d:24:c6:ab:0f:b3:6e:33:
87:19:8a:56:c6:ef:b8:d2:e0:61:5f:de:5b:ea:f5:75:09:08:
64:97:66:a9:2c:a1:52:bd:f9:d8:4a:b2:9f:f7:57:2a:e1:03:
d7:53:60:fe:af:51:e6:b8:a6:92:03:1f:d2:3b:4d:3d:da:47:
30:66:f4:b3:11:a1:e6:27:90:d3:8d:ff:7e:61:1a:c6:4b:52:
ec:f4:3b:1a:d3:c1:d0:bf:a8:9d:bb:6d:fe:72:35:be:59:17:
a6:df:de:75:ef:7e:6a:b4:b8:9c:bf:ed:6b:8a:d9:5f:0c:45:
4b:39:cf:7f:67:c3:43:8b:5a:12:86:72:e0:9c:83:cc:6c:09:
35:58:a0:d5:8b:75:b1:79:81:54:a5:96:28:e2:7c:d2:9d:7e:
54:2f:47:58:bd:46:34:1b:19:28:08:fb:8d:b7:f9:b1:3d:66:
b5:10:b6:ed:6e:5e:23:8b:84:87:b6:c6:7a:81:86:34:26:d4:
fa:16:12:7f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPu/4QjdkY6KFKd8h3oFTr/JRDuEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAwNTNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmMjM0ZTEzZmQ2NWFmNTYxOWJhMWE5YjZmMmU2ZWJiOWRlZTU4YWU3MTYw
OTczOWRkZjVhZTdmNmU4OTc5MzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSoIEdEc+bcSDlg+mxSJuvHfbnEDeQfFKhc7slToImfi9wy/FW7zboC2rQp
3hnC7Bv0iTgHt9NOYR9Kpw4i6+/8JYaxwGE+ImDboUfy7H1y06uT+YlihQeK3zKE
lq3UMHMzp0qOX1RPXSJ0KYhLqw4JBfsd2ANF6kvCwwHD8zfJiHFgCyaCBl7L/7RZ
UStC2pXJU4KFk98yTYMrSX0DBsatwuaGBVjhCIWOsBGld+ns0gNqigWUfLDXPMuj
tsTucqYM649nn2HloA0ZE9cXMSQRCxQFbyuHd7LjhDwO7dNc0hvFaaxpHK2xv0tt
698BHO+ionAAJHsKofgtLX95RLkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQfB9Ch
89r30t6H6aRy4G8NpRFjAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODY4Y2JiYTgtNDgwNC00ZmJkLWI5YjgtN2U5NDAyYzQ0OTU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBVs7XFVG894HT7HMXExJAANRMbj4u7cfAxSZR4
N+GNqtis9yEsh2bBAShMvR7UXCZxJkkKjsd1GwozLPl2lVEJTSTGqw+zbjOHGYpW
xu+40uBhX95b6vV1CQhkl2apLKFSvfnYSrKf91cq4QPXU2D+r1HmuKaSAx/SO009
2kcwZvSzEaHmJ5DTjf9+YRrGS1Ls9Dsa08HQv6idu23+cjW+WRem3951735qtLic
v+1ritlfDEVLOc9/Z8NDi1oShnLgnIPMbAk1WKDVi3WxeYFUpZYo4nzSnX5UL0dY
vUY0GxkoCPuNt/mxPWa1ELbtbl4ji4SHtsZ6gYY0JtT6FhJ/
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:30 2025 by rpki-client