Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9945cd2e-c13e-46b8-83ad-2175ff7c3188.roa
File: 9945cd2e-c13e-46b8-83ad-2175ff7c3188.roa (raw, json)
Hash identifier: q4H++MAjrpTFfG9QNnp4CJYXswucYM4UV14ga+1GR3Y=
Subject key identifier: 5C:22:9A:33:9E:45:60:3E:7E:37:B2:18:6F:92:AB:F8:42:81:A0:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4217520A9873B14C7D7CCC3A3B30DF91DA9CBCF1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9945cd2e-c13e-46b8-83ad-2175ff7c3188.roa
Signing time: Mon 25 Aug 2025 16:37:02 +0000
ROA not before: Mon 25 Aug 2025 16:37:02 +0000
ROA not after: Mon 29 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06c:4000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:17:52:0a:98:73:b1:4c:7d:7c:cc:3a:3b:30:df:91:da:9c:bc:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 25 16:37:02 2025 GMT
Not After : Sep 29 23:59:59 2025 GMT
Subject: serialNumber=129f2dfd977461313c8b7e5d73ec51c7ec430ee416f453918955757559108a2c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ed:e4:77:a0:c7:b5:de:91:36:bf:08:07:58:
f0:5e:54:4b:29:f5:ab:aa:ce:4e:dd:bd:99:0d:7c:
bf:87:b6:f0:60:06:a8:3b:3f:ae:27:be:30:ea:a2:
4f:28:77:80:60:3e:fc:08:2f:17:4a:49:aa:a3:1c:
44:73:3f:08:35:4d:6f:85:65:67:73:a1:07:90:92:
44:df:f3:c8:97:a6:e2:f3:4d:fa:a0:67:0d:1f:80:
5e:1d:e1:2c:71:2f:00:5c:12:4b:5b:4d:f9:88:e5:
8d:82:69:73:1d:24:a6:12:62:64:35:a1:50:c0:13:
a2:66:87:4b:85:ae:a3:f5:4e:cb:43:4e:88:7e:18:
53:11:f7:0b:c9:c8:cf:92:db:df:30:16:06:b8:6f:
cd:af:b5:21:5c:f7:2d:65:81:fc:2b:81:42:15:ae:
9c:6d:7c:b0:fd:d1:22:01:a5:a0:81:ea:40:c4:9c:
74:26:ae:e3:d3:65:a6:c7:21:5f:79:a8:e6:b5:2f:
96:85:04:9d:e5:74:d4:8d:d7:61:b2:94:de:85:8d:
02:13:e0:88:33:09:49:e3:b5:c4:62:67:ac:92:63:
2b:61:88:6f:74:25:5a:a5:4a:52:3f:3d:ff:9f:2a:
f3:80:19:de:13:ca:42:bf:fc:18:3e:20:67:85:eb:
2f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:22:9A:33:9E:45:60:3E:7E:37:B2:18:6F:92:AB:F8:42:81:A0:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9945cd2e-c13e-46b8-83ad-2175ff7c3188.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06c:4000::/48
Signature Algorithm: sha256WithRSAEncryption
10:c5:4a:f0:c1:0b:fc:b6:3c:9c:cc:01:9d:a9:14:df:8c:70:
91:e3:67:cf:83:d2:e8:2f:30:1a:b0:98:67:d1:41:e6:e8:0a:
f9:2a:8e:96:13:7b:58:88:60:3c:23:5b:f9:22:af:a4:f8:f6:
de:b1:1b:ae:25:1f:0c:2e:df:7f:e4:07:3d:51:94:f8:41:a1:
64:7d:05:b9:a7:12:01:f4:c4:95:33:03:e6:4c:42:04:49:2c:
0f:83:0a:ff:60:99:3e:a2:50:87:d0:a4:39:53:c2:81:70:e4:
71:82:27:69:ec:68:d0:c4:86:64:88:01:31:8b:c4:e8:7f:25:
96:a1:29:43:d7:e3:be:ed:1d:f5:f8:74:90:e1:a3:c2:b8:cc:
5f:62:a1:2e:a5:ef:f7:e6:9d:16:a2:4e:a6:a7:3f:1c:a6:c2:
44:3d:6b:a3:26:37:5b:5d:bb:3b:e4:00:a6:18:74:8d:ca:29:
35:5b:40:6f:a2:34:21:17:1b:18:5f:38:fb:89:04:22:20:90:
90:5c:cc:06:c5:7a:4c:ce:7c:12:a2:12:90:ee:b3:e6:73:14:
67:7a:53:c2:24:b2:31:6f:5f:49:b3:8d:7c:82:aa:58:b5:32:
e6:86:56:3b:46:1e:0f:db:7d:90:4a:61:bb:fb:43:6d:ef:a8:
42:a7:da:f9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQhdSCphzsUx9fMw6OzDfkdqcvPEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjUxNjM3MDJaFw0yNTA5MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyOWYyZGZkOTc3NDYxMzEzYzhiN2U1ZDczZWM1MWM3ZWM0MzBlZTQxNmY0
NTM5MTg5NTU3NTc1NTkxMDhhMmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN7t5Hegx7XekTa/CAdY8F5USyn1q6rOTt29mQ18v4e28GAGqDs/rie+MOqi
Tyh3gGA+/AgvF0pJqqMcRHM/CDVNb4VlZ3OhB5CSRN/zyJem4vNN+qBnDR+AXh3h
LHEvAFwSS1tN+YjljYJpcx0kphJiZDWhUMATomaHS4Wuo/VOy0NOiH4YUxH3C8nI
z5Lb3zAWBrhvza+1IVz3LWWB/CuBQhWunG18sP3RIgGloIHqQMScdCau49Nlpsch
X3mo5rUvloUEneV01I3XYbKU3oWNAhPgiDMJSeO1xGJnrJJjK2GIb3QlWqVKUj89
/58q84AZ3hPKQr/8GD4gZ4XrL/UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRcIpoz
nkVgPn43shhvkqv4QoGgADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk0NWNkMmUtYzEzZS00NmI4LTgzYWQtMjE3NWZmN2MzMTg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GxA
ADANBgkqhkiG9w0BAQsFAAOCAQEAEMVK8MEL/LY8nMwBnakU34xwkeNnz4PS6C8w
GrCYZ9FB5ugK+SqOlhN7WIhgPCNb+SKvpPj23rEbriUfDC7ff+QHPVGU+EGhZH0F
uacSAfTElTMD5kxCBEksD4MK/2CZPqJQh9CkOVPCgXDkcYInaexo0MSGZIgBMYvE
6H8llqEpQ9fjvu0d9fh0kOGjwrjMX2KhLqXv9+adFqJOpqc/HKbCRD1royY3W127
O+QAphh0jcopNVtAb6I0IRcbGF84+4kEIiCQkFzMBsV6TM58EqISkO6z5nMUZ3pT
wiSyMW9fSbONfIKqWLUy5oZWO0YeD9t9kEphu/tDbe+oQqfa+Q==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:32 2025 by rpki-client