Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
File: 8eb63ceb-3350-490c-9a1a-85b2563a8947.roa (raw, json)
Hash identifier: 6AIdywkq5hashJq8XNWZRE7EXx/PVhnRtqbFVhBuuMA=
Subject key identifier: 9E:DD:BD:D5:45:C7:15:97:BD:11:4A:44:A4:AF:0C:CC:8D:6C:5C:2D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30E0BE73CF30A40C1AFDE2B016468AC0C03974F9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
Signing time: Mon 01 Sep 2025 20:50:19 +0000
ROA not before: Mon 01 Sep 2025 20:50:19 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:e0:be:73:cf:30:a4:0c:1a:fd:e2:b0:16:46:8a:c0:c0:39:74:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:50:19 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=8e1ed84171f5ed86e28efd574b4bba7a44450855a8671af0417228f0a2b0c82f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:53:cc:39:0c:3e:ef:6f:01:b4:f0:6a:6e:04:
07:1b:3c:ad:83:85:18:19:72:58:41:1d:28:fa:78:
44:98:f1:8a:42:ab:cb:92:9d:c3:99:e3:bd:d3:fc:
99:a5:8f:02:d0:26:d8:99:f7:a6:bf:3a:34:53:69:
d3:53:3e:d0:7a:a2:e9:d3:03:99:9b:ca:40:cd:56:
24:44:5d:28:84:98:d4:f1:2c:4c:1d:97:de:24:20:
b2:06:f3:2d:e4:19:25:ee:19:41:1b:94:bd:3c:cc:
45:ac:7b:26:ac:58:3b:31:dc:ca:47:ef:7d:45:de:
ed:1b:68:75:67:e7:7b:ad:f7:d1:cb:29:c5:b8:76:
98:f0:14:cf:18:63:f0:e3:2b:51:a2:84:f6:f7:d6:
1e:52:8d:8b:96:7a:bf:5d:9f:72:85:ed:8c:f3:69:
43:f8:8c:64:2b:ea:17:03:02:76:23:ed:df:d8:58:
49:51:56:25:c0:cf:13:f8:77:e2:dd:cd:10:08:44:
f6:d7:ab:0e:24:62:3d:90:6f:ef:fa:07:c2:0b:7b:
11:09:25:3c:cf:bb:cb:67:18:8d:31:ba:7c:c1:05:
78:a5:87:91:2e:f8:6b:62:4f:8c:c7:b5:57:85:a0:
5f:0c:85:b6:b9:1d:f9:4b:59:51:e4:79:2e:a4:19:
e9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:DD:BD:D5:45:C7:15:97:BD:11:4A:44:A4:AF:0C:CC:8D:6C:5C:2D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:4000::/40
Signature Algorithm: sha256WithRSAEncryption
ba:31:55:cf:ce:fb:75:25:1d:28:9f:c4:7e:11:9b:86:9a:27:
58:4b:00:c4:ef:e1:95:ea:a0:f4:36:6c:3b:76:02:f5:b8:87:
50:fa:4a:f4:70:47:60:1d:a4:66:a0:75:df:d8:ec:c0:f3:be:
d9:e3:25:60:5d:bd:c7:47:f8:66:78:62:e0:c0:63:0b:32:cf:
74:4a:af:8b:02:a2:d5:29:3c:c1:8b:34:c2:0b:5d:d9:2b:63:
b5:7f:f0:99:a0:9d:49:ab:48:a2:b1:cf:b2:07:7f:46:cb:f8:
b6:04:f9:81:e9:22:bd:70:1d:73:9e:4b:a2:e4:5d:72:90:c3:
bc:93:72:75:77:e6:af:49:c2:0d:c0:fe:e5:20:1f:57:98:21:
f5:74:f2:28:ab:bc:2d:ea:71:b0:03:33:eb:02:20:f7:cb:02:
0e:8e:24:ee:d8:84:a3:03:ce:a6:17:27:ac:89:08:5e:fe:10:
43:98:e1:dd:19:b6:67:de:b8:bf:df:ac:45:66:18:9b:ac:ee:
7a:bc:d1:c6:c0:ee:0d:43:54:33:e2:cd:67:e0:f5:47:27:9e:
a5:b3:16:d5:7e:76:3b:2e:30:b4:ca:f7:ef:c8:de:61:a0:92:
8b:32:31:26:9b:e8:9e:5d:d5:8f:aa:46:41:91:83:b1:d8:95:
13:50:d5:12
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMOC+c88wpAwa/eKwFkaKwMA5dPkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUwMTlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlMWVkODQxNzFmNWVkODZlMjhlZmQ1NzRiNGJiYTdhNDQ0NTA4NTVhODY3
MWFmMDQxNzIyOGYwYTJiMGM4MmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIVTzDkMPu9vAbTwam4EBxs8rYOFGBlyWEEdKPp4RJjxikKry5Kdw5njvdP8
maWPAtAm2Jn3pr86NFNp01M+0Hqi6dMDmZvKQM1WJERdKISY1PEsTB2X3iQgsgbz
LeQZJe4ZQRuUvTzMRax7JqxYOzHcykfvfUXe7RtodWfne6330cspxbh2mPAUzxhj
8OMrUaKE9vfWHlKNi5Z6v12fcoXtjPNpQ/iMZCvqFwMCdiPt39hYSVFWJcDPE/h3
4t3NEAhE9terDiRiPZBv7/oHwgt7EQklPM+7y2cYjTG6fMEFeKWHkS74a2JPjMe1
V4WgXwyFtrkd+UtZUeR5LqQZ6QsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSe3b3V
RccVl70RSkSkrwzMjWxcLTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGViNjNjZWItMzM1MC00OTBjLTlhMWEtODViMjU2M2E4OTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFA
MA0GCSqGSIb3DQEBCwUAA4IBAQC6MVXPzvt1JR0on8R+EZuGmidYSwDE7+GV6qD0
Nmw7dgL1uIdQ+kr0cEdgHaRmoHXf2OzA877Z4yVgXb3HR/hmeGLgwGMLMs90Sq+L
AqLVKTzBizTCC13ZK2O1f/CZoJ1Jq0iisc+yB39Gy/i2BPmB6SK9cB1znkui5F1y
kMO8k3J1d+avScINwP7lIB9XmCH1dPIoq7wt6nGwAzPrAiD3ywIOjiTu2ISjA86m
FyesiQhe/hBDmOHdGbZn3ri/36xFZhibrO56vNHGwO4NQ1Qz4s1n4PVHJ56lsxbV
fnY7LjC0yvfvyN5hoJKLMjEmm+ieXdWPqkZBkYOx2JUTUNUS
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:41 2025 by rpki-client