Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
File: 979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa (raw, json)
Hash identifier: mgGbNqRFFjDx7e6QMzyM7iF/OUWRJe73rpBJEClZtTo=
Subject key identifier: 4D:42:68:81:D4:88:F1:64:C1:06:31:80:C4:75:CB:03:D7:A5:94:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4A261D640BA37130A7902DB39310CE1E51947A8A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
Signing time: Mon 01 Sep 2025 19:51:34 +0000
ROA not before: Mon 01 Sep 2025 19:51:34 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:26:1d:64:0b:a3:71:30:a7:90:2d:b3:93:10:ce:1e:51:94:7a:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:51:34 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=5ce0f9f3eddc8e232288e817765864dc437ba519804c67465988d49e1c810e62, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3a:f0:f4:f3:5b:33:53:5f:9d:82:73:d8:5f:
8f:af:3e:72:be:4d:a5:43:54:47:ab:b2:98:6c:c3:
ae:d7:99:0f:35:1e:69:8c:eb:a5:3d:9b:62:84:4d:
b7:a6:55:00:24:ec:bd:65:52:d7:21:d9:dd:3a:4f:
03:7b:17:51:f0:16:80:8a:05:32:20:99:d5:e1:19:
91:5e:2c:ab:37:c6:a8:09:a9:d5:2e:44:33:c4:d5:
65:62:34:c9:74:7d:13:81:4d:16:09:24:88:da:ed:
ec:e3:8f:43:45:75:04:e2:8f:cc:84:8b:f5:73:a6:
94:07:16:7c:81:9e:fd:94:3e:4e:18:6e:d8:a8:9d:
8a:bc:8e:38:ca:e8:ba:5d:f3:e0:1f:43:1c:88:f8:
25:54:53:bb:63:fc:e4:1a:7e:da:5f:94:51:2b:da:
9f:dd:3e:af:e6:4e:eb:bb:9d:a7:28:02:af:17:67:
39:4d:5e:5a:65:06:2a:c3:08:3b:23:b3:f6:55:20:
9e:ad:3c:f8:19:dc:f6:0c:c9:29:39:23:94:bb:e1:
25:8c:38:2f:9e:c9:a9:ba:35:76:8a:06:17:5b:19:
c0:57:92:8d:21:ee:58:c4:17:dc:84:07:5f:dd:ac:
bc:22:11:8a:b6:8f:35:ee:57:95:80:88:b8:c0:c1:
01:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:42:68:81:D4:88:F1:64:C1:06:31:80:C4:75:CB:03:D7:A5:94:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/979bc73f-7d87-4cfa-93bd-0378cf1d6aef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8040::/48
Signature Algorithm: sha256WithRSAEncryption
84:0e:ca:ea:e6:cd:6b:bc:01:ca:55:9a:24:00:df:59:3e:e5:
05:13:27:a3:4e:34:72:e8:53:81:e8:6d:a4:0c:99:43:dc:96:
e1:41:c5:54:35:e3:aa:1f:be:ed:20:de:c4:0b:bc:8b:34:cc:
47:c8:e6:5a:66:47:18:29:5b:26:a3:55:75:ed:49:a3:09:5b:
89:47:b0:24:b8:66:16:94:bf:28:98:7b:64:cd:51:8f:3c:95:
1a:a6:46:77:8d:53:97:c5:f0:0b:ea:ba:0c:65:b3:82:68:8f:
da:23:d9:1e:d4:ed:15:4e:45:0f:d2:28:5e:1b:b8:62:06:cc:
0c:e4:e8:36:69:da:73:36:59:d3:ee:e0:39:69:da:5e:12:b1:
ae:41:6c:ba:1b:95:80:d3:20:ad:d4:3c:34:65:ca:ce:4b:cb:
3f:c8:cc:b9:dd:57:2e:69:2c:10:ae:8a:5c:9f:ac:99:02:48:
77:88:d4:bb:9c:df:06:71:a9:d9:53:fd:3b:4a:a4:81:ee:54:
54:48:f6:7a:8d:e1:62:dd:03:fd:e9:02:64:91:e1:e8:c6:b2:
72:00:46:a3:c2:d5:32:21:f8:1d:74:8d:d5:77:4a:2f:c7:92:
f3:32:56:af:3a:53:e2:4a:0f:03:2b:61:21:e7:74:d1:09:b5:
c3:b3:1c:70
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSiYdZAujcTCnkC2zkxDOHlGUeoowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTUxMzRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjZTBmOWYzZWRkYzhlMjMyMjg4ZTgxNzc2NTg2NGRjNDM3YmE1MTk4MDRj
Njc0NjU5ODhkNDllMWM4MTBlNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALI68PTzWzNTX52Cc9hfj68+cr5NpUNUR6uymGzDrteZDzUeaYzrpT2bYoRN
t6ZVACTsvWVS1yHZ3TpPA3sXUfAWgIoFMiCZ1eEZkV4sqzfGqAmp1S5EM8TVZWI0
yXR9E4FNFgkkiNrt7OOPQ0V1BOKPzISL9XOmlAcWfIGe/ZQ+Thhu2KidiryOOMro
ul3z4B9DHIj4JVRTu2P85Bp+2l+UUSvan90+r+ZO67udpygCrxdnOU1eWmUGKsMI
OyOz9lUgnq08+Bnc9gzJKTkjlLvhJYw4L57Jqbo1dooGF1sZwFeSjSHuWMQX3IQH
X92svCIRiraPNe5XlYCIuMDBAZUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRNQmiB
1IjxZMEGMYDEdcsD16WUmjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTc5YmM3M2YtN2Q4Ny00Y2ZhLTkzYmQtMDM3OGNmMWQ2YWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
QDANBgkqhkiG9w0BAQsFAAOCAQEAhA7K6ubNa7wBylWaJADfWT7lBRMno040cuhT
gehtpAyZQ9yW4UHFVDXjqh++7SDexAu8izTMR8jmWmZHGClbJqNVde1JowlbiUew
JLhmFpS/KJh7ZM1RjzyVGqZGd41Tl8XwC+q6DGWzgmiP2iPZHtTtFU5FD9IoXhu4
YgbMDOToNmnaczZZ0+7gOWnaXhKxrkFsuhuVgNMgrdQ8NGXKzkvLP8jMud1XLmks
EK6KXJ+smQJId4jUu5zfBnGp2VP9O0qkge5UVEj2eo3hYt0D/ekCZJHh6MaycgBG
o8LVMiH4HXSN1XdKL8eS8zJWrzpT4koPAythIed00Qm1w7MccA==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:09:23 2025 by rpki-client