Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
File: 92652652-28d6-49c1-8ea6-f5079f374345.roa (raw, json)
Hash identifier: p1PDRlBS7UNjezwd6sGwqUvTQt8NEKMmuYBiM+O7GhY=
Subject key identifier: 87:42:EA:04:CE:C8:AC:80:CE:DE:92:8F:F5:15:73:C9:49:D7:B0:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67D176B8CD5128276C0676AAC499DC094B748A02
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
Signing time: Mon 01 Sep 2025 20:11:21 +0000
ROA not before: Mon 01 Sep 2025 20:11:21 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:d1:76:b8:cd:51:28:27:6c:06:76:aa:c4:99:dc:09:4b:74:8a:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:11:21 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=faadc003c08e1a847b1fbd84beb06c28c35ca75971c2b1e7f4d3232272380c44, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:67:a1:c4:2c:5a:27:52:2d:94:e2:e4:2f:e3:
b7:d3:91:4b:c9:ae:b3:a5:d0:b9:9e:95:fb:10:42:
4a:a5:16:44:20:38:39:cc:06:a1:3e:f2:c3:71:ba:
36:7d:c7:58:a6:a8:13:6c:65:d5:23:ea:92:eb:eb:
2d:b4:cb:90:62:6e:da:70:1d:5a:78:e0:98:0d:bb:
36:54:d6:be:df:7d:90:61:a2:b3:5c:7f:e7:92:5d:
58:7f:63:5f:14:0e:73:a2:f0:36:ae:35:78:6c:04:
d1:97:42:53:7a:f3:4d:35:31:cc:d5:8d:cb:3a:3c:
66:3d:32:fb:0d:8d:81:83:7f:65:4b:a0:39:61:37:
63:96:0a:dd:54:4d:c6:2b:e3:01:58:51:b4:fb:87:
05:f7:87:d0:40:8d:f3:c9:34:7f:26:67:60:88:26:
31:5b:d8:6d:f7:15:aa:f3:b1:b2:09:43:b4:15:8c:
f9:17:70:45:39:e2:b4:70:2d:a4:48:fd:3e:62:66:
0b:2f:65:8b:71:b6:cc:1e:90:bb:49:1c:8d:f5:98:
e7:c9:19:b4:a7:79:30:a9:8b:56:be:e3:29:01:1f:
a0:d5:b6:b8:1f:78:5f:82:df:b9:92:b1:e1:74:31:
26:88:34:c4:5f:8a:37:9f:cd:37:b8:64:f7:43:8e:
75:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:42:EA:04:CE:C8:AC:80:CE:DE:92:8F:F5:15:73:C9:49:D7:B0:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/92652652-28d6-49c1-8ea6-f5079f374345.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4060::/48
Signature Algorithm: sha256WithRSAEncryption
6a:92:57:b4:48:69:2d:62:83:3c:48:3d:09:95:be:b9:8d:4b:
25:38:e8:bf:13:bc:f1:fb:22:f2:ff:52:58:73:7c:5f:81:86:
d7:53:f5:a1:93:6a:64:78:28:3d:d0:06:f1:77:53:4f:3b:f3:
bf:95:60:10:e0:42:d9:5c:44:90:3f:d0:27:9c:fa:af:c7:49:
e1:31:85:2d:bb:42:ea:73:15:64:ce:7b:a7:b3:b5:91:08:f4:
d7:7b:ae:3c:41:7f:a7:f8:10:ad:a6:c0:45:13:ad:d0:8a:99:
ac:2b:f8:a1:e8:71:45:2a:83:f8:a6:4a:25:a8:6e:a7:d8:c9:
fc:5e:71:7e:86:62:09:fd:1c:0d:6d:b2:e0:7c:8d:66:4b:a0:
ce:62:84:24:71:9d:82:bd:65:c1:e8:0c:84:7b:6b:93:4e:44:
4d:6b:71:8c:d6:24:70:15:8b:93:6f:57:07:c1:08:47:f7:30:
db:d0:4a:44:44:3d:84:09:db:6a:35:04:6b:ae:e4:cb:f7:e8:
58:db:1f:66:49:ad:2f:37:bf:52:75:34:f6:c3:99:3c:44:fc:
04:5a:41:0c:85:23:33:1d:2f:01:55:52:88:78:26:25:9d:cf:
f0:06:31:6c:1f:f0:c3:ec:e6:bd:e1:b9:4c:5a:5a:47:86:3a:
00:2b:cd:2b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZ9F2uM1RKCdsBnaqxJncCUt0igIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDExMjFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhYWRjMDAzYzA4ZTFhODQ3YjFmYmQ4NGJlYjA2YzI4YzM1Y2E3NTk3MWMy
YjFlN2Y0ZDMyMzIyNzIzODBjNDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKVnocQsWidSLZTi5C/jt9ORS8mus6XQuZ6V+xBCSqUWRCA4OcwGoT7yw3G6
Nn3HWKaoE2xl1SPqkuvrLbTLkGJu2nAdWnjgmA27NlTWvt99kGGis1x/55JdWH9j
XxQOc6LwNq41eGwE0ZdCU3rzTTUxzNWNyzo8Zj0y+w2NgYN/ZUugOWE3Y5YK3VRN
xivjAVhRtPuHBfeH0ECN88k0fyZnYIgmMVvYbfcVqvOxsglDtBWM+RdwRTnitHAt
pEj9PmJmCy9li3G2zB6Qu0kcjfWY58kZtKd5MKmLVr7jKQEfoNW2uB94X4LfuZKx
4XQxJog0xF+KN5/NN7hk90OOdZ0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSHQuoE
zsisgM7eko/1FXPJSdewJjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTI2NTI2NTItMjhkNi00OWMxLThlYTYtZjUwNzlmMzc0MzQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
YDANBgkqhkiG9w0BAQsFAAOCAQEAapJXtEhpLWKDPEg9CZW+uY1LJTjovxO88fsi
8v9SWHN8X4GG11P1oZNqZHgoPdAG8XdTTzvzv5VgEOBC2VxEkD/QJ5z6r8dJ4TGF
LbtC6nMVZM57p7O1kQj013uuPEF/p/gQrabARROt0IqZrCv4oehxRSqD+KZKJahu
p9jJ/F5xfoZiCf0cDW2y4HyNZkugzmKEJHGdgr1lwegMhHtrk05ETWtxjNYkcBWL
k29XB8EIR/cw29BKREQ9hAnbajUEa67ky/foWNsfZkmtLze/UnU09sOZPET8BFpB
DIUjMx0vAVVSiHgmJZ3P8AYxbB/ww+zmveG5TFpaR4Y6ACvNKw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:51 2025 by rpki-client