Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
File: 96632b04-b91d-4e29-8e82-14fddf17bed9.roa (raw, json)
Hash identifier: DG6uaECNTOeZeG4YV2EA4yydhMGHfalwuH2rjt5yC78=
Subject key identifier: 56:51:63:E1:13:75:72:46:DB:78:0E:A4:1F:DF:8E:92:21:8F:99:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 047CF6E2CAA678F412634701E90B22E136FCE29C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
Signing time: Mon 01 Sep 2025 20:21:19 +0000
ROA not before: Mon 01 Sep 2025 20:21:19 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:7c:f6:e2:ca:a6:78:f4:12:63:47:01:e9:0b:22:e1:36:fc:e2:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:21:19 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=6abdc9f9ac85bc147342367f85fd259251c6e4a84b72e37e540b42ff1c76216a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:bd:e8:14:c1:39:be:25:bc:1c:f3:16:69:b2:
ef:7d:77:b2:ef:ca:31:82:1d:6c:77:90:16:96:04:
4a:c8:cc:b5:ce:64:3d:f8:93:9d:fd:c6:25:3c:86:
d9:79:7a:44:79:8c:62:56:d2:84:e4:f1:a0:7a:bb:
f4:ef:0c:13:f1:2d:db:00:7d:57:55:e9:67:eb:72:
d0:d1:36:c9:43:59:69:c8:0e:f0:4e:36:6a:26:a6:
87:f8:3d:25:b5:43:c5:7e:11:2f:3d:eb:73:85:0b:
0f:1c:cc:02:79:9b:29:99:12:fa:3d:06:22:b3:82:
23:ae:e6:9c:e4:6d:3b:be:56:4d:41:e5:03:e9:f8:
fa:21:48:c2:09:98:01:66:84:ad:89:ff:6b:64:3e:
a6:42:15:87:d5:8e:36:2d:b6:c8:f9:96:8b:27:0c:
00:b6:0a:08:41:ca:15:22:b9:9c:ac:74:7b:a1:ce:
03:4f:4c:12:85:0b:fa:76:80:16:d9:07:ce:26:31:
17:21:98:12:d1:99:67:b2:b5:33:01:14:62:31:0b:
34:3b:f2:39:ef:11:4f:46:a4:6c:df:01:8f:41:e5:
64:56:c5:14:01:63:05:13:16:41:0c:68:bf:0e:9d:
88:05:55:01:1b:ba:a3:46:d0:13:49:5f:c1:3c:9c:
9c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:51:63:E1:13:75:72:46:DB:78:0E:A4:1F:DF:8E:92:21:8F:99:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8060::/48
Signature Algorithm: sha256WithRSAEncryption
3e:73:b5:fb:f4:52:40:e1:11:ac:81:92:fa:08:bb:0a:7e:04:
1d:d6:f5:d1:a8:9d:82:bd:09:9b:5c:df:75:bb:dd:79:9d:08:
33:cf:fe:07:8c:dc:1e:05:35:6f:84:d4:5f:28:90:c9:7a:6c:
71:d2:e8:9c:2c:c7:21:75:60:0b:45:66:11:ac:02:16:b9:48:
21:79:6f:51:8d:3d:77:04:3e:cf:62:94:09:9a:66:f4:30:52:
a4:6e:ae:36:e1:e9:87:05:7a:07:34:58:ce:78:4a:0b:37:88:
b3:ac:37:8e:0d:da:3b:29:e5:6f:90:c7:da:80:11:a5:0a:0f:
34:b1:4c:59:dc:68:b6:39:d8:81:1e:b8:d0:91:fc:81:4e:c4:
b4:10:80:07:78:0d:99:ed:9a:1d:7f:83:fd:54:91:c6:e6:66:
9e:2c:a2:01:05:e9:55:90:ac:4d:1b:42:5b:28:31:2d:8c:75:
5c:af:55:63:4a:12:58:51:1c:61:a3:ca:09:52:72:e6:ff:bc:
2f:06:df:23:70:47:c5:39:55:3e:f1:23:4f:33:f9:95:f0:6a:
ac:7a:db:c5:2d:b4:21:4a:3b:1c:10:86:01:a3:ee:e5:07:8a:
73:ff:f4:20:7e:3d:80:ec:73:16:e9:9b:75:e9:f0:bf:b2:27:
d7:47:b7:e3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBHz24sqmePQSY0cB6Qsi4Tb84pwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIxMTlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhYmRjOWY5YWM4NWJjMTQ3MzQyMzY3Zjg1ZmQyNTkyNTFjNmU0YTg0Yjcy
ZTM3ZTU0MGI0MmZmMWM3NjIxNmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANK96BTBOb4lvBzzFmmy7313su/KMYIdbHeQFpYESsjMtc5kPfiTnf3GJTyG
2Xl6RHmMYlbShOTxoHq79O8ME/Et2wB9V1XpZ+ty0NE2yUNZacgO8E42aiamh/g9
JbVDxX4RLz3rc4ULDxzMAnmbKZkS+j0GIrOCI67mnORtO75WTUHlA+n4+iFIwgmY
AWaErYn/a2Q+pkIVh9WONi22yPmWiycMALYKCEHKFSK5nKx0e6HOA09MEoUL+naA
FtkHziYxFyGYEtGZZ7K1MwEUYjELNDvyOe8RT0akbN8Bj0HlZFbFFAFjBRMWQQxo
vw6diAVVARu6o0bQE0lfwTycnHkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRWUWPh
E3VyRtt4DqQf346SIY+ZPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTY2MzJiMDQtYjkxZC00ZTI5LThlODItMTRmZGRmMTdiZWQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
YDANBgkqhkiG9w0BAQsFAAOCAQEAPnO1+/RSQOERrIGS+gi7Cn4EHdb10aidgr0J
m1zfdbvdeZ0IM8/+B4zcHgU1b4TUXyiQyXpscdLonCzHIXVgC0VmEawCFrlIIXlv
UY09dwQ+z2KUCZpm9DBSpG6uNuHphwV6BzRYznhKCzeIs6w3jg3aOynlb5DH2oAR
pQoPNLFMWdxotjnYgR640JH8gU7EtBCAB3gNme2aHX+D/VSRxuZmniyiAQXpVZCs
TRtCWygxLYx1XK9VY0oSWFEcYaPKCVJy5v+8LwbfI3BHxTlVPvEjTzP5lfBqrHrb
xS20IUo7HBCGAaPu5QeKc//0IH49gOxzFumbdenwv7In10e34w==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:02 2025 by rpki-client