Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99404275-57dd-4a36-8c29-529ab06d1d00.roa
File: 99404275-57dd-4a36-8c29-529ab06d1d00.roa (raw, json)
Hash identifier: stulv0i4NfuX5h/5t/ABSQsm7tRq/8DwwB/CORUZ4Zg=
Subject key identifier: 63:6C:72:F2:AD:DD:0F:C6:F7:02:7D:AD:49:7C:7F:7F:53:AD:12:43
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F2CDD5F85C6897A956D36B007F31700FA6E581E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99404275-57dd-4a36-8c29-529ab06d1d00.roa
Signing time: Mon 01 Sep 2025 20:51:07 +0000
ROA not before: Mon 01 Sep 2025 20:51:07 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:2c:dd:5f:85:c6:89:7a:95:6d:36:b0:07:f3:17:00:fa:6e:58:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:51:07 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=7ed220af6db563cad47c7ea79e26887c92dc6b1e1f86d975471faec28ac2be87, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f5:7d:0a:32:05:6f:43:ae:25:0e:65:c8:e6:
ce:f3:c9:30:5c:de:fa:38:8e:6f:8d:8c:6e:db:62:
ef:01:1f:33:19:26:09:3e:ab:bd:86:93:79:57:15:
84:58:c7:2d:67:e2:b1:13:b9:bf:7e:7a:16:d6:fa:
dd:22:b0:8a:63:57:d0:c9:14:9f:b2:bb:f8:01:67:
ef:2b:21:2b:d7:63:96:a0:e9:f5:ac:60:29:88:65:
c8:c2:ec:18:4c:1b:50:e1:38:f0:6c:30:6f:57:6d:
ad:4e:23:62:de:ad:cb:bf:65:56:ce:d4:19:d9:00:
34:f0:ea:72:d8:be:7c:1b:1f:ea:fb:03:d0:9f:1c:
19:96:28:5a:98:49:ef:24:b1:d7:89:b0:e5:b9:ff:
9f:1f:77:73:bc:8f:00:d2:c0:ba:bd:8b:97:df:24:
61:0b:1f:0d:9e:2e:61:5f:19:f6:70:e6:c8:ec:00:
cb:6e:34:41:97:0c:06:01:0c:01:32:02:af:43:58:
49:82:9a:de:28:ab:3e:81:9f:40:a6:d6:dd:a5:0a:
74:61:cb:d8:95:23:45:64:c7:3a:23:9f:6a:ca:e5:
ad:60:a2:c9:54:f6:7c:0b:94:5e:8e:b0:80:10:b1:
b3:f1:e6:06:b2:f8:28:ca:fc:e7:07:25:03:ba:0c:
d5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:6C:72:F2:AD:DD:0F:C6:F7:02:7D:AD:49:7C:7F:7F:53:AD:12:43
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99404275-57dd-4a36-8c29-529ab06d1d00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:b000::/40
Signature Algorithm: sha256WithRSAEncryption
73:e8:72:67:90:78:4c:48:12:42:9c:ef:72:37:ea:7e:4f:ef:
d4:87:6b:c8:5a:f4:3e:dd:9d:d4:31:b5:7f:d2:d3:d2:f6:8b:
1d:0d:c3:ee:5b:e7:d9:40:d9:ee:12:21:17:f2:60:42:cd:d4:
02:c0:a3:96:bb:5f:55:55:29:c5:1c:1d:3d:d2:d1:f4:06:9e:
a9:f6:44:f8:b1:36:1d:15:37:fc:f9:3c:d6:74:1d:83:0c:af:
86:ea:71:27:f6:ec:08:43:8c:55:28:a3:17:1d:0f:59:32:31:
80:7b:52:1b:23:87:aa:76:e3:f6:44:eb:ad:34:c2:5f:eb:8f:
2e:19:bc:b1:f3:ab:59:cc:85:b3:32:f4:74:78:8b:7c:20:c5:
a7:11:2b:89:ba:91:41:ef:ac:ab:3d:42:a2:e1:90:87:bb:13:
2c:fa:bf:28:20:99:0d:22:c8:b5:8e:39:39:3e:77:de:82:cf:
f5:34:a8:2a:62:1d:c2:d3:87:14:6c:d3:6a:ab:77:24:b3:35:
23:26:96:9c:0e:93:54:4a:84:6e:94:33:ad:32:11:78:11:b3:
8b:4f:bf:bb:7e:6d:99:1b:37:74:20:19:3f:ff:cb:45:00:cb:
37:a9:88:30:82:5e:dc:a5:40:8e:4c:8d:73:86:57:e6:eb:29:
a6:76:58:55
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDyzdX4XGiXqVbTawB/MXAPpuWB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUxMDdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlZDIyMGFmNmRiNTYzY2FkNDdjN2VhNzllMjY4ODdjOTJkYzZiMWUxZjg2
ZDk3NTQ3MWZhZWMyOGFjMmJlODcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJj1fQoyBW9DriUOZcjmzvPJMFze+jiOb42Mbtti7wEfMxkmCT6rvYaTeVcV
hFjHLWfisRO5v356Ftb63SKwimNX0MkUn7K7+AFn7yshK9djlqDp9axgKYhlyMLs
GEwbUOE48Gwwb1dtrU4jYt6ty79lVs7UGdkANPDqcti+fBsf6vsD0J8cGZYoWphJ
7ySx14mw5bn/nx93c7yPANLAur2Ll98kYQsfDZ4uYV8Z9nDmyOwAy240QZcMBgEM
ATICr0NYSYKa3iirPoGfQKbW3aUKdGHL2JUjRWTHOiOfasrlrWCiyVT2fAuUXo6w
gBCxs/HmBrL4KMr85wclA7oM1UECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRjbHLy
rd0PxvcCfa1JfH9/U60SQzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk0MDQyNzUtNTdkZC00YTM2LThjMjktNTI5YWIwNmQxZDAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dqw
MA0GCSqGSIb3DQEBCwUAA4IBAQBz6HJnkHhMSBJCnO9yN+p+T+/Uh2vIWvQ+3Z3U
MbV/0tPS9osdDcPuW+fZQNnuEiEX8mBCzdQCwKOWu19VVSnFHB090tH0Bp6p9kT4
sTYdFTf8+TzWdB2DDK+G6nEn9uwIQ4xVKKMXHQ9ZMjGAe1IbI4eqduP2ROutNMJf
648uGbyx86tZzIWzMvR0eIt8IMWnESuJupFB76yrPUKi4ZCHuxMs+r8oIJkNIsi1
jjk5Pnfegs/1NKgqYh3C04cUbNNqq3ckszUjJpacDpNUSoRulDOtMhF4EbOLT7+7
fm2ZGzd0IBk//8tFAMs3qYgwgl7cpUCOTI1zhlfm6ymmdlhV
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:10:22 2025 by rpki-client