Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa
File: 9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa (raw, json)
Hash identifier: 51qOJvcUBDYnn79lcB7cZYSGt2Y7E5SzeZofPy2hoZE=
Subject key identifier: 7F:EE:7C:23:A9:BC:AC:FF:3E:7B:2B:37:9C:FE:96:50:CC:1E:C0:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4FF1393904A78E735DE1D79D1B85F02891107E76
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa
Signing time: Mon 01 Sep 2025 21:21:28 +0000
ROA not before: Mon 01 Sep 2025 21:21:28 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:f1:39:39:04:a7:8e:73:5d:e1:d7:9d:1b:85:f0:28:91:10:7e:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:21:28 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=f34482c8bc4063873d5377b78e605158f10ed16f0736d8e56d39a8f3150bfd5c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9a:56:00:c2:30:19:49:0b:08:62:97:06:ba:
1b:41:98:ea:12:76:1a:e1:e4:ca:ba:ca:ec:84:d8:
99:8d:2c:25:f8:04:33:5f:6d:96:e8:76:d5:a9:4b:
04:93:50:81:72:b4:6f:d9:c3:e2:83:b8:5a:7a:d3:
a0:6d:c0:35:18:62:46:8a:bd:7d:63:0d:1d:ef:4c:
a9:aa:ee:3e:b6:df:f7:f5:4c:af:c6:2e:2d:9e:38:
92:d6:c7:fb:98:ed:c4:cd:ab:fd:42:37:1e:16:8a:
f4:40:19:db:26:93:e0:79:7e:3a:95:71:2b:b9:34:
59:f9:ea:95:b9:c1:17:6e:51:00:a9:14:01:9a:64:
92:ab:a1:f3:12:67:12:cd:38:1d:2b:cf:b0:be:1b:
78:83:c5:b8:9d:43:bc:03:14:3d:b8:5e:f4:db:1f:
29:e1:6b:02:cc:2d:74:29:55:4e:d0:cf:da:ce:5b:
1e:e4:15:6c:12:de:c9:08:1f:1b:0d:8a:f6:ad:75:
be:ea:4c:58:68:95:48:15:1b:57:51:1c:3c:93:c5:
13:d5:f6:7f:87:e6:4e:29:f5:e8:31:e0:df:7f:9b:
04:d3:ca:34:6c:63:7f:f0:0a:6d:c7:2d:19:d3:ec:
99:83:35:ff:03:d0:5b:0e:24:5b:16:8c:98:b0:4d:
7c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:EE:7C:23:A9:BC:AC:FF:3E:7B:2B:37:9C:FE:96:50:CC:1E:C0:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9119a01e-2bb4-4d69-9325-5f4aa8fb8be8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070::/32
Signature Algorithm: sha256WithRSAEncryption
06:97:c6:b1:50:89:3d:8d:e7:03:fb:f1:67:89:e0:6d:5f:de:
83:01:bc:6f:e8:ce:98:48:d7:01:6f:69:10:b9:1d:b5:b5:6b:
2c:a1:3c:74:9a:7f:6e:9f:8c:ee:60:05:ab:ab:a5:4d:92:08:
19:8c:5d:b0:e2:d7:60:f4:57:1c:f1:91:4a:d4:03:00:04:46:
ae:bf:5b:ce:d5:14:56:16:2e:13:0a:42:a5:c9:ea:37:ce:17:
b5:79:7e:c1:91:4e:2b:c1:9f:87:4d:f4:37:60:ee:f2:ed:62:
f3:69:f5:17:7a:0a:04:c7:f5:e1:15:18:4a:29:1c:af:39:05:
91:38:de:39:78:ee:7e:72:58:d2:f4:c4:a4:ab:b5:01:79:78:
7c:90:6a:14:ef:72:44:b9:51:d6:75:f6:94:2d:bc:d0:27:49:
b0:8a:03:3c:b5:88:35:07:f4:b9:75:d6:03:06:18:f8:af:de:
f9:b6:92:98:52:79:f7:54:52:d4:9b:38:da:07:f9:39:ca:e0:
5b:f5:2c:0b:1c:bb:30:fa:0c:88:60:7c:fa:df:34:11:d5:8c:
b6:de:03:7c:ff:aa:76:15:63:97:ad:22:6c:6b:67:ac:93:de:
6c:f1:c2:61:d6:80:e9:11:58:ef:31:6b:77:7f:f3:4c:77:ab:
bb:36:bc:30
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUT/E5OQSnjnNd4dedG4XwKJEQfnYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIxMjhaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzNDQ4MmM4YmM0MDYzODczZDUzNzdiNzhlNjA1MTU4ZjEwZWQxNmYwNzM2
ZDhlNTZkMzlhOGYzMTUwYmZkNWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6aVgDCMBlJCwhilwa6G0GY6hJ2GuHkyrrK7ITYmY0sJfgEM19tluh21alL
BJNQgXK0b9nD4oO4WnrToG3ANRhiRoq9fWMNHe9MqaruPrbf9/VMr8YuLZ44ktbH
+5jtxM2r/UI3HhaK9EAZ2yaT4Hl+OpVxK7k0WfnqlbnBF25RAKkUAZpkkquh8xJn
Es04HSvPsL4beIPFuJ1DvAMUPbhe9NsfKeFrAswtdClVTtDP2s5bHuQVbBLeyQgf
Gw2K9q11vupMWGiVSBUbV1EcPJPFE9X2f4fmTin16DHg33+bBNPKNGxjf/AKbcct
GdPsmYM1/wPQWw4kWxaMmLBNfHcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBR/7nwj
qbys/z57Kzec/pZQzB7ArDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTExOWEwMWUtMmJiNC00ZDY5LTkzMjUtNWY0YWE4ZmI4YmU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HAw
DQYJKoZIhvcNAQELBQADggEBAAaXxrFQiT2N5wP78WeJ4G1f3oMBvG/ozphI1wFv
aRC5HbW1ayyhPHSaf26fjO5gBaurpU2SCBmMXbDi12D0VxzxkUrUAwAERq6/W87V
FFYWLhMKQqXJ6jfOF7V5fsGRTivBn4dN9Ddg7vLtYvNp9Rd6CgTH9eEVGEopHK85
BZE43jl47n5yWNL0xKSrtQF5eHyQahTvckS5UdZ19pQtvNAnSbCKAzy1iDUH9Ll1
1gMGGPiv3vm2kphSefdUUtSbONoH+TnK4Fv1LAscuzD6DIhgfPrfNBHVjLbeA3z/
qnYVY5etImxrZ6yT3mzxwmHWgOkRWO8xa3d/80x3q7s2vDA=
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:08 2025 by rpki-client