Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
File: 87659113-4050-43f4-ade6-cfd7a3483d5c.roa (raw, json)
Hash identifier: n7+quVwCkM/stkaGOEfjHbnQzbi55EUw2txpGA3bwek=
Subject key identifier: AE:60:35:D6:A0:C9:9C:7B:4F:52:2B:93:7E:65:EC:4B:D1:27:48:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33466A536AF123EA19D6E3E40C405EA7CC82285E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
Signing time: Mon 01 Sep 2025 20:40:25 +0000
ROA not before: Mon 01 Sep 2025 20:40:25 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:46:6a:53:6a:f1:23:ea:19:d6:e3:e4:0c:40:5e:a7:cc:82:28:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:40:25 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=617e4a601df248b07fe0cec2e3c18d16d92b4c3c0b1d6f119ab862ca481eeab7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c0:92:95:45:ae:78:88:ea:21:c9:02:a5:d1:
af:60:2e:68:9b:25:fe:da:3f:76:70:a7:10:45:a7:
41:58:26:fc:d5:be:57:fc:82:77:8c:2a:1a:21:31:
d2:27:61:c2:50:63:52:5b:ec:f7:0c:2a:9a:9d:33:
39:94:22:d7:76:22:55:d3:30:ce:ac:e4:41:2e:66:
54:95:20:21:ec:41:51:7f:da:fe:41:63:99:90:26:
16:5d:2c:9a:54:0b:f8:fe:54:a7:e7:fe:26:37:4a:
0e:70:8b:fc:4b:65:79:9b:be:52:b5:e2:45:4b:5d:
a1:a9:92:6a:44:0c:9e:9f:5d:1f:51:23:28:52:d9:
c3:a9:f9:67:74:23:2d:c0:72:5e:71:c9:af:45:96:
cd:34:02:62:29:c9:f7:14:a5:a8:6e:c3:d1:65:2d:
5a:0b:20:12:e1:3d:53:4d:56:7b:35:92:7b:88:14:
6b:98:7b:5f:90:67:0c:a4:46:1d:85:30:2d:c8:29:
6e:a2:1c:b6:67:f5:a1:71:bc:af:37:72:f6:5d:c3:
05:e5:4a:60:13:c6:87:5a:76:d5:16:eb:0a:dc:84:
07:6a:c0:2c:f8:d1:09:1b:a7:cc:ae:a9:11:14:2b:
b9:5a:1f:6d:91:3e:d0:65:a4:51:b1:4e:e8:8b:bd:
b8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:60:35:D6:A0:C9:9C:7B:4F:52:2B:93:7E:65:EC:4B:D1:27:48:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87659113-4050-43f4-ade6-cfd7a3483d5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:8000::/40
Signature Algorithm: sha256WithRSAEncryption
47:c8:e1:f4:1c:15:88:8e:83:9d:53:1b:57:27:40:7e:41:ef:
aa:11:14:82:1b:fa:05:b1:2b:b0:27:5f:7c:53:99:84:19:09:
16:2a:82:96:12:8e:ae:03:1f:21:19:d6:f3:b5:91:ba:e6:f6:
24:50:f4:33:b9:76:66:e0:d5:f2:2c:dc:95:5e:a8:fc:e7:3d:
43:b8:e3:21:56:b7:e9:7f:b6:c4:57:ed:07:e1:5b:d4:b6:23:
3e:1b:a4:cd:5d:fb:e3:cb:2c:51:d0:a6:2b:b0:2a:61:92:d4:
40:d7:34:ff:88:45:65:70:cc:86:01:27:5f:ea:9d:b7:b0:e5:
47:fe:19:05:1b:02:cf:8f:e6:09:cb:48:58:ac:dd:1b:88:2f:
2e:da:6c:01:2a:9e:3c:6a:bf:29:0c:43:3f:f5:38:40:d1:7d:
85:a3:7f:9a:07:79:ed:ce:ba:20:52:8a:d7:1b:1c:5c:4e:85:
94:36:cf:e2:1d:27:a5:59:b0:93:5e:16:45:bd:30:31:36:3e:
0a:16:da:0f:b1:07:dc:72:2c:2e:c3:71:b7:f9:75:61:84:51:
7e:55:14:9d:ee:49:aa:1b:e0:ce:d5:87:92:2e:b0:93:f6:ab:
6b:f6:2e:e0:b3:07:0d:c0:79:3c:86:6e:5a:cb:00:45:8b:99:
fc:78:4e:2a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM0ZqU2rxI+oZ1uPkDEBep8yCKF4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQwMjVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxN2U0YTYwMWRmMjQ4YjA3ZmUwY2VjMmUzYzE4ZDE2ZDkyYjRjM2MwYjFk
NmYxMTlhYjg2MmNhNDgxZWVhYjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnAkpVFrniI6iHJAqXRr2AuaJsl/to/dnCnEEWnQVgm/NW+V/yCd4wqGiEx
0idhwlBjUlvs9wwqmp0zOZQi13YiVdMwzqzkQS5mVJUgIexBUX/a/kFjmZAmFl0s
mlQL+P5Up+f+JjdKDnCL/EtleZu+UrXiRUtdoamSakQMnp9dH1EjKFLZw6n5Z3Qj
LcByXnHJr0WWzTQCYinJ9xSlqG7D0WUtWgsgEuE9U01WezWSe4gUa5h7X5BnDKRG
HYUwLcgpbqIctmf1oXG8rzdy9l3DBeVKYBPGh1p21RbrCtyEB2rALPjRCRunzK6p
ERQruVofbZE+0GWkUbFO6Iu9uPcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSuYDXW
oMmce09SK5N+ZexL0SdIezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODc2NTkxMTMtNDA1MC00M2Y0LWFkZTYtY2ZkN2EzNDgzZDVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HiA
MA0GCSqGSIb3DQEBCwUAA4IBAQBHyOH0HBWIjoOdUxtXJ0B+Qe+qERSCG/oFsSuw
J198U5mEGQkWKoKWEo6uAx8hGdbztZG65vYkUPQzuXZm4NXyLNyVXqj85z1DuOMh
Vrfpf7bEV+0H4VvUtiM+G6TNXfvjyyxR0KYrsCphktRA1zT/iEVlcMyGASdf6p23
sOVH/hkFGwLPj+YJy0hYrN0biC8u2mwBKp48ar8pDEM/9ThA0X2Fo3+aB3ntzrog
UorXGxxcToWUNs/iHSelWbCTXhZFvTAxNj4KFtoPsQfcciwuw3G3+XVhhFF+VRSd
7kmqG+DO1YeSLrCT9qtr9i7gswcNwHk8hm5aywBFi5n8eE4q
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:25 2025 by rpki-client