Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
File: 99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa (raw, json)
Hash identifier: m8JwiMoQl8Df/xBCpubbmNZu/vXHr9Tk7bPKL1YvrEI=
Subject key identifier: A1:B0:F7:2A:E1:94:BF:E0:80:CB:D5:BC:A9:B4:87:45:5A:45:56:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E16EB90DCE9E2B6A691B360E42242DCB7432F4A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
Signing time: Tue 02 Sep 2025 00:40:30 +0000
ROA not before: Tue 02 Sep 2025 00:40:30 +0000
ROA not after: Tue 07 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:16:eb:90:dc:e9:e2:b6:a6:91:b3:60:e4:22:42:dc:b7:43:2f:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 2 00:40:30 2025 GMT
Not After : Oct 7 23:59:59 2025 GMT
Subject: serialNumber=507af41bf63506671f6269d1e0e6db312c60d05624489354d09d1796c5f412c5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9b:c1:3b:78:b1:65:61:4b:1a:45:72:f0:f8:
23:af:90:5e:fc:cb:fc:72:3a:46:7e:9f:d6:c2:6b:
aa:47:05:62:6d:f4:f3:5a:68:43:ce:76:7b:c9:d8:
b5:4a:5b:af:17:64:b6:e4:15:19:d1:1d:bf:ed:8c:
5c:7a:f8:52:9c:61:31:fb:11:d6:8e:8e:22:15:dc:
92:bc:5c:b9:dc:46:db:df:1f:40:23:c7:61:2e:4e:
6b:99:05:2d:18:2a:7d:f7:7d:73:de:3e:38:51:66:
d0:16:0c:01:56:05:fe:ab:46:58:70:0c:af:f3:57:
c7:57:a1:0a:da:5e:58:97:c9:ba:c3:17:af:87:08:
97:fd:04:f6:02:14:91:cc:c3:c8:47:a6:5a:fa:30:
5f:5e:97:75:db:e7:f0:b2:df:2b:4b:a6:c1:3c:9b:
7c:fa:be:5c:ea:71:d3:28:ca:48:72:9f:5e:75:c9:
f3:53:f0:20:ec:f6:e7:d2:31:88:75:93:de:7d:bc:
22:00:05:5a:81:bd:5d:96:1f:84:14:f2:1d:59:c6:
f7:8f:e5:88:20:45:20:50:9c:63:bb:0a:6b:9c:76:
50:4f:17:6c:9a:9f:d3:c5:92:91:48:0f:6b:02:84:
a4:25:e2:46:28:84:bb:83:8d:f8:b1:ca:72:04:fe:
7d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B0:F7:2A:E1:94:BF:E0:80:CB:D5:BC:A9:B4:87:45:5A:45:56:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1000::/38
Signature Algorithm: sha256WithRSAEncryption
09:6c:d7:c8:fd:d0:34:36:a7:a0:ee:f0:3b:d0:b4:1a:27:4c:
25:56:17:e5:29:b4:18:51:63:fd:bc:eb:0e:c5:a5:83:07:87:
62:5b:6e:e4:d1:2b:d7:b3:5d:a2:44:14:b7:06:bf:84:2e:5b:
6f:5f:24:21:50:60:19:03:81:dc:8e:bf:60:0e:de:a4:ad:0c:
f3:e4:2d:6d:d5:1d:0f:ac:40:d3:41:26:a7:63:0a:5c:7c:c4:
88:ea:4f:28:dd:18:0c:9c:ce:cd:8a:d6:4c:ea:e0:72:42:91:
f3:36:91:af:b3:ea:93:b6:ad:8d:04:4e:7e:f7:e8:17:62:d5:
cf:cd:6b:bb:38:1f:07:fe:20:00:15:6b:d6:86:4d:1e:40:4f:
50:f0:f4:3c:48:12:b6:39:cf:83:d8:80:0f:68:7e:96:2d:29:
15:de:e5:7a:a6:94:72:16:64:2b:fc:e3:74:cc:68:36:a3:17:
8e:91:f3:0c:68:70:27:40:ad:7e:5f:71:92:f1:f2:12:ef:c2:
29:63:59:3b:f4:f5:31:81:07:da:ea:76:28:5b:10:b9:b7:65:
66:24:1e:6b:de:ef:ce:78:42:1e:b9:60:e9:b1:b2:15:e9:9a:
1e:b6:84:38:b1:16:e4:96:42:29:3c:57:76:38:99:0e:0d:46:
e1:59:82:3e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDhbrkNzp4ramkbNg5CJC3LdDL0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDIwMDQwMzBaFw0yNTEwMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwN2FmNDFiZjYzNTA2NjcxZjYyNjlkMWUwZTZkYjMxMmM2MGQwNTYyNDQ4
OTM1NGQwOWQxNzk2YzVmNDEyYzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJqbwTt4sWVhSxpFcvD4I6+QXvzL/HI6Rn6f1sJrqkcFYm3081poQ852e8nY
tUpbrxdktuQVGdEdv+2MXHr4UpxhMfsR1o6OIhXckrxcudxG298fQCPHYS5Oa5kF
LRgqffd9c94+OFFm0BYMAVYF/qtGWHAMr/NXx1ehCtpeWJfJusMXr4cIl/0E9gIU
kczDyEemWvowX16Xddvn8LLfK0umwTybfPq+XOpx0yjKSHKfXnXJ81PwIOz259Ix
iHWT3n28IgAFWoG9XZYfhBTyHVnG94/liCBFIFCcY7sKa5x2UE8XbJqf08WSkUgP
awKEpCXiRiiEu4ON+LHKcgT+fRUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBShsPcq
4ZS/4IDL1byptIdFWkVWVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTliYzUyZjMtYjRmNS00NGViLTlhNTMtYzc0ZGEzZTk3MTNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAJbNfI/dA0Nqeg7vA70LQaJ0wlVhflKbQYUWP9
vOsOxaWDB4diW27k0SvXs12iRBS3Br+ELltvXyQhUGAZA4Hcjr9gDt6krQzz5C1t
1R0PrEDTQSanYwpcfMSI6k8o3RgMnM7NitZM6uByQpHzNpGvs+qTtq2NBE5+9+gX
YtXPzWu7OB8H/iAAFWvWhk0eQE9Q8PQ8SBK2Oc+D2IAPaH6WLSkV3uV6ppRyFmQr
/ON0zGg2oxeOkfMMaHAnQK1+X3GS8fIS78IpY1k79PUxgQfa6nYoWxC5t2VmJB5r
3u/OeEIeuWDpsbIV6ZoetoQ4sRbklkIpPFd2OJkODUbhWYI+
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:45 2025 by rpki-client