Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
File: 94b69c02-a117-42df-89a0-b463fa809f2d.roa (raw, json)
Hash identifier: xU++/ZaLv8W1DvAsUMjNigU9sKUhZ+mtNGvVnA9KIJk=
Subject key identifier: D3:3A:C6:9F:DB:87:45:BC:4A:5C:4E:65:2E:07:BA:1E:E6:D9:7A:B2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49FEC3C00F5B5CF77A6FA319222C23B14D0EFAB5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
Signing time: Mon 01 Sep 2025 20:51:00 +0000
ROA not before: Mon 01 Sep 2025 20:51:00 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:fe:c3:c0:0f:5b:5c:f7:7a:6f:a3:19:22:2c:23:b1:4d:0e:fa:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:51:00 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=bd22ecbf5e7d4f4cb1f891bccebaf10220b7947e512177cc67793fcf3a1a4cb1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5f:c8:97:f9:d2:d0:2c:aa:38:20:f2:33:be:
0e:8e:98:e2:14:55:29:13:9b:a7:74:e2:39:e0:ed:
25:67:6c:3c:c6:4d:f3:b3:62:28:fa:e8:97:b5:d9:
39:15:03:03:09:d9:1e:16:17:63:a8:ab:57:ac:da:
35:8d:3a:3c:d5:2e:a0:66:64:67:dc:f1:21:e4:ff:
9d:54:61:33:08:d9:39:7f:25:8e:10:46:5c:2c:d4:
f9:9d:dc:52:90:57:fa:2c:09:08:1a:d3:4a:96:fa:
17:2f:d8:13:c3:f6:ce:a2:c3:b6:8f:7f:d3:10:70:
80:1d:2b:66:ff:e0:7e:7c:46:d6:8f:01:73:02:b8:
0b:78:70:de:5c:51:01:cb:3c:b7:2d:96:c8:ed:45:
ba:63:36:20:73:14:4e:06:ff:7e:44:f1:5f:78:91:
9c:ca:85:67:74:c3:12:73:fe:a3:5e:ac:7f:58:e6:
e5:bf:3b:a7:51:c8:e5:1f:1f:68:0e:06:d4:63:24:
fb:ec:e6:a3:86:e9:ae:d2:b5:66:b9:bc:59:cf:7f:
6a:66:ce:35:e8:7c:34:49:dc:ca:49:b9:81:a5:70:
42:9f:64:70:87:06:a4:41:21:f3:06:51:a5:18:4a:
56:67:a8:83:1f:e7:8c:77:53:49:31:06:14:58:e3:
50:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:3A:C6:9F:DB:87:45:BC:4A:5C:4E:65:2E:07:BA:1E:E6:D9:7A:B2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:2000::/40
Signature Algorithm: sha256WithRSAEncryption
5a:38:18:f9:a8:d5:64:06:3c:4d:3f:6f:93:cd:a0:78:48:93:
0d:36:29:1c:c1:83:73:f4:26:ab:f0:cf:a6:2a:6c:98:09:4e:
5e:00:cb:ba:af:89:a2:54:07:b3:3e:3f:89:28:6f:31:d0:ee:
ee:b8:56:a0:9f:4d:e9:1d:22:f0:53:3c:07:5d:5f:a3:6f:e9:
8c:dc:f0:07:ba:ae:bb:1e:cb:a2:76:21:88:da:6d:12:12:63:
1d:97:8d:8c:2b:c7:c6:51:a5:e2:49:e3:63:cf:0a:7d:30:83:
c4:32:1e:8a:c3:7b:ab:70:6a:5d:ca:5e:46:1a:0f:e9:2c:89:
67:54:a6:e7:d0:c6:33:89:81:b8:de:d5:89:0f:54:e9:ec:3f:
2e:2e:c4:14:e2:1b:97:95:b6:7b:fa:dd:67:d7:aa:44:ad:52:
ef:52:11:97:59:5a:23:57:69:5b:88:6d:25:8c:97:9e:46:c5:
86:07:97:34:76:3d:3e:10:05:8b:66:63:92:7b:8d:4c:2b:38:
92:17:86:01:16:74:15:3f:ec:bc:3d:7c:bf:b9:1a:57:d6:34:
25:6e:b9:d2:7e:07:51:00:9c:c6:a0:ab:14:3a:cf:af:1b:25:
b3:91:99:aa:4e:2a:c9:58:46:f3:48:39:e6:e7:d8:a4:01:aa:
34:1d:31:ba
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSf7DwA9bXPd6b6MZIiwjsU0O+rUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUxMDBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkMjJlY2JmNWU3ZDRmNGNiMWY4OTFiY2NlYmFmMTAyMjBiNzk0N2U1MTIx
NzdjYzY3NzkzZmNmM2ExYTRjYjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlfyJf50tAsqjgg8jO+Do6Y4hRVKRObp3TiOeDtJWdsPMZN87NiKProl7XZ
ORUDAwnZHhYXY6irV6zaNY06PNUuoGZkZ9zxIeT/nVRhMwjZOX8ljhBGXCzU+Z3c
UpBX+iwJCBrTSpb6Fy/YE8P2zqLDto9/0xBwgB0rZv/gfnxG1o8BcwK4C3hw3lxR
Acs8ty2WyO1FumM2IHMUTgb/fkTxX3iRnMqFZ3TDEnP+o16sf1jm5b87p1HI5R8f
aA4G1GMk++zmo4bprtK1Zrm8Wc9/ambONeh8NEncykm5gaVwQp9kcIcGpEEh8wZR
pRhKVmeogx/njHdTSTEGFFjjUCUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTTOsaf
24dFvEpcTmUuB7oe5tl6sjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRiNjljMDItYTExNy00MmRmLTg5YTAtYjQ2M2ZhODA5ZjJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYg
MA0GCSqGSIb3DQEBCwUAA4IBAQBaOBj5qNVkBjxNP2+TzaB4SJMNNikcwYNz9Car
8M+mKmyYCU5eAMu6r4miVAezPj+JKG8x0O7uuFagn03pHSLwUzwHXV+jb+mM3PAH
uq67HsuidiGI2m0SEmMdl42MK8fGUaXiSeNjzwp9MIPEMh6Kw3urcGpdyl5GGg/p
LIlnVKbn0MYziYG43tWJD1Tp7D8uLsQU4huXlbZ7+t1n16pErVLvUhGXWVojV2lb
iG0ljJeeRsWGB5c0dj0+EAWLZmOSe41MKziSF4YBFnQVP+y8PXy/uRpX1jQlbrnS
fgdRAJzGoKsUOs+vGyWzkZmqTirJWEbzSDnm59ikAao0HTG6
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:05 2025 by rpki-client