Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa
File: 8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa (raw, json)
Hash identifier: SyUDcJS9F9TW1ySRi1qca3kZR+wZWr7vkiUqQ+AUzLQ=
Subject key identifier: 47:67:66:35:56:6F:8B:64:60:0A:83:E5:65:14:16:C1:1B:D0:01:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27B5B4C3F1BEFF442F73FC05971B425F345AF3E7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa
Signing time: Mon 01 Sep 2025 20:40:16 +0000
ROA not before: Mon 01 Sep 2025 20:40:16 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:b5:b4:c3:f1:be:ff:44:2f:73:fc:05:97:1b:42:5f:34:5a:f3:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:40:16 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=86affea0e42a07957258a0da3f72f849247ab5b99aec18255a04ddb1199893dc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:06:8d:c8:a6:f3:5b:4a:50:0c:e1:fa:18:5f:
8d:a1:42:5d:45:ac:4a:21:5a:8d:aa:89:c9:24:a9:
cc:d9:15:0d:8b:7d:db:37:e5:26:ab:40:bc:c3:4e:
96:f9:5c:d8:ba:49:ef:91:b0:02:d5:c6:51:2e:ef:
9d:ea:24:ca:60:f0:a6:24:6b:98:f3:8f:24:09:86:
83:7c:3d:a4:4a:aa:c2:22:6d:b0:2f:79:cd:53:4b:
66:6a:af:6d:54:b7:ba:07:61:02:20:68:ff:9c:e2:
9b:87:f6:b5:fe:d7:52:cb:52:64:95:61:5c:5f:96:
f4:cf:34:3b:6d:cc:00:d6:b7:fa:99:34:5b:be:30:
e8:31:61:79:37:42:cb:86:3a:73:50:a9:f7:79:52:
64:6c:a3:7d:d7:f8:bb:26:8d:93:30:dd:6a:f6:57:
0b:0a:8c:55:7c:6d:fc:ed:aa:bc:4c:e9:98:d0:ce:
37:88:40:df:86:32:59:dd:92:1a:d1:68:bd:38:0d:
78:f8:c1:c4:6a:9f:36:c7:27:f9:d2:64:f8:f9:5d:
2d:2e:bf:bb:0f:0b:de:7e:a0:c6:5d:f6:54:dd:3f:
48:e5:19:d7:5e:d8:a7:66:7f:bf:31:b0:b2:d7:94:
a6:f7:fd:4a:1b:54:58:73:8a:81:5a:4a:50:46:14:
0d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:67:66:35:56:6F:8B:64:60:0A:83:E5:65:14:16:C1:1B:D0:01:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:e000::/40
Signature Algorithm: sha256WithRSAEncryption
81:59:44:f7:2d:aa:41:63:d9:78:bc:b2:7b:2d:7a:0e:bb:1f:
bd:f2:35:d4:f6:6c:e4:11:d4:6c:0c:8c:8d:74:5a:94:b8:7b:
97:0c:a5:61:1d:e6:56:29:1b:38:7c:05:49:eb:2f:1d:1a:c5:
cf:39:9e:76:a0:c4:b1:30:1f:1f:67:96:d7:07:d3:e7:1d:ec:
be:f9:83:a6:04:1f:38:13:82:23:7d:5e:99:b3:c0:fe:22:53:
be:d3:90:13:5d:2f:c3:9f:57:6e:4a:ee:89:d3:ac:15:ea:cd:
56:bc:9c:20:b7:93:26:f2:12:34:f2:5f:b1:b2:4c:99:37:df:
eb:93:d2:b3:d0:8f:dc:aa:a2:7f:99:cf:2b:b6:74:59:b0:fa:
77:80:4b:80:59:f6:d5:38:4e:43:31:52:0a:4a:5f:e7:67:ab:
bd:4b:47:2e:a9:e1:3d:56:b6:9e:21:e4:a1:48:e0:61:51:9f:
14:81:84:ec:68:ed:af:33:38:68:52:2d:ec:39:ea:ea:c2:bb:
3b:7a:54:40:39:16:78:eb:84:30:2b:ff:cb:7d:6a:f4:54:30:
5e:ea:c5:cc:55:e5:0d:b7:0b:07:bb:2d:32:2e:42:81:59:5f:
dd:89:d4:00:40:ff:91:10:ff:1e:05:ae:26:c4:84:5a:a2:c5:
07:d7:d0:61
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJ7W0w/G+/0Qvc/wFlxtCXzRa8+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQwMTZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2YWZmZWEwZTQyYTA3OTU3MjU4YTBkYTNmNzJmODQ5MjQ3YWI1Yjk5YWVj
MTgyNTVhMDRkZGIxMTk5ODkzZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkGjcim81tKUAzh+hhfjaFCXUWsSiFajaqJySSpzNkVDYt92zflJqtAvMNO
lvlc2LpJ75GwAtXGUS7vneokymDwpiRrmPOPJAmGg3w9pEqqwiJtsC95zVNLZmqv
bVS3ugdhAiBo/5zim4f2tf7XUstSZJVhXF+W9M80O23MANa3+pk0W74w6DFheTdC
y4Y6c1Cp93lSZGyjfdf4uyaNkzDdavZXCwqMVXxt/O2qvEzpmNDON4hA34YyWd2S
GtFovTgNePjBxGqfNscn+dJk+PldLS6/uw8L3n6gxl32VN0/SOUZ117Yp2Z/vzGw
steUpvf9ShtUWHOKgVpKUEYUDUsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRHZ2Y1
Vm+LZGAKg+VlFBbBG9ABgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGRjN2Q1YmEtYjFlOS00YzFjLWExOTAtMjE0NzMxYjcxYjQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dbg
MA0GCSqGSIb3DQEBCwUAA4IBAQCBWUT3LapBY9l4vLJ7LXoOux+98jXU9mzkEdRs
DIyNdFqUuHuXDKVhHeZWKRs4fAVJ6y8dGsXPOZ52oMSxMB8fZ5bXB9PnHey++YOm
BB84E4IjfV6Zs8D+IlO+05ATXS/Dn1duSu6J06wV6s1WvJwgt5Mm8hI08l+xskyZ
N9/rk9Kz0I/cqqJ/mc8rtnRZsPp3gEuAWfbVOE5DMVIKSl/nZ6u9S0cuqeE9Vrae
IeShSOBhUZ8UgYTsaO2vMzhoUi3sOerqwrs7elRAORZ464QwK//LfWr0VDBe6sXM
VeUNtwsHuy0yLkKBWV/didQAQP+REP8eBa4mxIRaosUH19Bh
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:06 2025 by rpki-client