Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
File: 9902e563-fe64-4a01-9616-0424a53839fb.roa (raw, json)
Hash identifier: ZrPIJ0i3qwTZGa9iCDoSS0mnUYxKiWX2lrf8xxOEv7k=
Subject key identifier: 64:83:CF:06:43:87:1C:45:EC:DA:40:E9:46:EC:B7:E5:D5:F5:F5:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2591908C9E6B552666A693878D37E54A377D51CD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
Signing time: Mon 01 Sep 2025 20:01:04 +0000
ROA not before: Mon 01 Sep 2025 20:01:04 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:91:90:8c:9e:6b:55:26:66:a6:93:87:8d:37:e5:4a:37:7d:51:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:01:04 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=8b08fa0e2c97e2079103c492039661cede2d360d76db4ad1919dda54c69722de, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8b:54:62:ba:7d:3e:11:0d:44:87:b9:19:d3:
e1:ea:8c:cd:c3:43:6f:51:c7:46:f9:52:80:02:1b:
63:08:cc:9f:a4:ff:bc:4e:0e:23:1d:79:e2:0d:5b:
d3:52:ad:0f:f9:d2:0e:a3:a6:9a:60:ee:f9:c0:5a:
2e:6b:0d:91:d1:28:71:e2:49:58:d5:3b:e1:2f:d5:
33:55:cc:de:83:d0:0e:c2:16:42:90:2f:9d:f2:60:
0f:58:31:d5:0a:d5:a2:7a:09:dc:2a:f1:68:d8:1f:
35:49:98:d7:8a:fd:2c:d7:40:9a:38:b4:af:33:ea:
a6:a0:e9:4a:dd:0a:f5:6f:82:fd:80:09:60:45:b8:
6a:76:2f:77:9b:d3:9f:3e:15:06:47:fa:1a:32:ef:
cb:50:bb:6f:1e:75:2b:d1:6b:1e:f0:d5:6e:68:48:
21:42:39:25:7a:1c:1b:5a:ae:37:e9:51:63:26:5e:
54:03:79:5f:4f:95:75:29:3c:19:e1:91:c1:ae:63:
7b:7d:26:f0:c2:9c:da:92:64:6d:90:da:18:5a:c3:
3d:4a:0c:05:a3:ea:16:5b:50:b3:b7:61:56:49:0c:
0a:36:f9:c9:18:b8:1d:86:54:a5:85:47:bb:ea:f1:
1d:95:36:11:9d:c3:ee:b0:49:8a:33:f6:3d:bf:8a:
ed:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:83:CF:06:43:87:1C:45:EC:DA:40:E9:46:EC:B7:E5:D5:F5:F5:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
1e:fb:06:e8:8f:9c:5f:b0:6f:26:e1:d4:a0:38:8e:03:ec:85:
12:86:a9:12:b2:10:21:bf:a1:e3:3c:e0:86:45:7c:0f:4e:65:
4f:3a:9d:a2:89:da:11:58:66:9e:3e:c0:a7:30:6b:ae:f4:20:
a5:96:d0:c0:3c:6f:5b:84:74:41:51:fb:87:06:86:59:ea:11:
48:c1:29:db:e6:af:45:6d:c6:53:77:ff:59:69:f6:58:2b:22:
c8:a7:75:f0:da:a9:35:af:56:5e:2f:4d:63:ab:11:b9:12:7a:
3a:ee:2f:6f:bb:81:80:12:da:06:72:ab:fb:4f:4c:f3:00:65:
fc:73:54:c9:26:c2:4d:3f:d2:0a:49:d6:f5:40:7b:74:50:f3:
1c:1e:73:e5:fa:57:a4:49:4a:ce:b2:67:f8:dc:0d:27:c8:30:
36:50:62:b8:a3:27:f6:b0:19:56:f4:e6:04:89:b7:6c:09:b6:
ed:5e:e7:13:73:37:24:8c:d5:bd:db:87:7a:a6:b7:83:7b:29:
25:2e:01:a5:a3:ff:59:7b:4e:1c:51:de:19:37:8d:c2:fc:65:
4f:da:b4:1a:c6:58:19:d1:ac:4e:34:22:91:ea:4c:05:30:a3:
d1:84:8e:41:12:fe:f0:61:13:3a:17:85:bb:73:97:ea:e5:9c:
67:46:76:8d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJZGQjJ5rVSZmppOHjTflSjd9Uc0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDAxMDRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiMDhmYTBlMmM5N2UyMDc5MTAzYzQ5MjAzOTY2MWNlZGUyZDM2MGQ3NmRi
NGFkMTkxOWRkYTU0YzY5NzIyZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2LVGK6fT4RDUSHuRnT4eqMzcNDb1HHRvlSgAIbYwjMn6T/vE4OIx154g1b
01KtD/nSDqOmmmDu+cBaLmsNkdEoceJJWNU74S/VM1XM3oPQDsIWQpAvnfJgD1gx
1QrVonoJ3CrxaNgfNUmY14r9LNdAmji0rzPqpqDpSt0K9W+C/YAJYEW4anYvd5vT
nz4VBkf6GjLvy1C7bx51K9FrHvDVbmhIIUI5JXocG1quN+lRYyZeVAN5X0+VdSk8
GeGRwa5je30m8MKc2pJkbZDaGFrDPUoMBaPqFltQs7dhVkkMCjb5yRi4HYZUpYVH
u+rxHZU2EZ3D7rBJijP2Pb+K7RkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRkg88G
Q4ccRezaQOlG7Lfl1fX1jDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTkwMmU1NjMtZmU2NC00YTAxLTk2MTYtMDQyNGE1MzgzOWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
wDANBgkqhkiG9w0BAQsFAAOCAQEAHvsG6I+cX7BvJuHUoDiOA+yFEoapErIQIb+h
4zzghkV8D05lTzqdoonaEVhmnj7ApzBrrvQgpZbQwDxvW4R0QVH7hwaGWeoRSMEp
2+avRW3GU3f/WWn2WCsiyKd18NqpNa9WXi9NY6sRuRJ6Ou4vb7uBgBLaBnKr+09M
8wBl/HNUySbCTT/SCknW9UB7dFDzHB5z5fpXpElKzrJn+NwNJ8gwNlBiuKMn9rAZ
VvTmBIm3bAm27V7nE3M3JIzVvduHeqa3g3spJS4BpaP/WXtOHFHeGTeNwvxlT9q0
GsZYGdGsTjQikepMBTCj0YSOQRL+8GETOheFu3OX6uWcZ0Z2jQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:09:21 2025 by rpki-client