Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
File: 99ffa238-9133-4fa5-ad84-49e67d34854a.roa (raw, json)
Hash identifier: KqMdArWSuLA5OAx5MYPsYmA5Ww+//Q9BHhyY3baUwkk=
Subject key identifier: F4:7A:CF:FC:3C:65:B5:AD:46:27:36:49:C2:1B:04:C1:6B:51:1C:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E05D4D7309572F92D799BAF5F57B0DEB9FE4595
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
Signing time: Mon 01 Sep 2025 21:20:57 +0000
ROA not before: Mon 01 Sep 2025 21:20:57 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02a::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:05:d4:d7:30:95:72:f9:2d:79:9b:af:5f:57:b0:de:b9:fe:45:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:20:57 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=a8ddfc64912da388779a69aacbffb2879707832b7b13c80ade3c1e0dab4fbaf9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:bf:df:9d:2b:8b:47:9e:38:d9:35:a2:d5:cb:
9b:e5:e1:a0:a5:8b:2d:6e:86:f8:68:5b:a5:90:a2:
f6:8b:69:5e:9c:64:94:ff:65:b3:3a:9b:9b:9e:dd:
7f:d9:61:a7:73:80:5a:f9:70:95:44:9d:a5:7b:8c:
e0:4a:35:0e:d4:21:40:70:9f:f7:d2:49:a4:ef:2f:
a1:7f:ee:be:f4:cb:84:8a:9a:c0:e0:5f:ff:14:52:
e6:ea:f6:1d:eb:92:a6:9f:fe:63:65:06:67:da:0a:
de:34:77:4d:99:16:8b:81:14:d9:17:2c:99:b4:a4:
6d:b3:8b:bf:f8:9c:00:2f:5b:92:b3:0a:ff:84:fc:
71:6e:4d:89:17:c3:29:11:8c:61:e2:e7:15:f9:fe:
44:a0:b2:10:7f:86:b0:3d:99:e8:82:71:0f:9b:6c:
63:00:c9:ce:4a:62:ca:d8:db:bf:f6:4f:d6:f0:c7:
9a:d6:13:86:42:58:b1:16:55:e8:1a:27:92:86:a3:
bb:c3:d0:03:91:4f:8d:c8:9c:b9:2b:30:c0:a7:12:
06:e2:f2:00:88:a2:6c:5c:a5:f3:99:ba:d2:03:57:
60:34:2e:89:6e:26:65:b5:2f:ec:75:ad:2c:85:83:
0c:3c:79:5d:df:e5:4b:02:39:a1:fd:ab:b2:43:7c:
93:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:7A:CF:FC:3C:65:B5:AD:46:27:36:49:C2:1B:04:C1:6B:51:1C:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02a::/36
Signature Algorithm: sha256WithRSAEncryption
6d:cf:f8:62:ae:bc:16:25:f2:b4:ff:34:3b:2b:d4:93:b2:90:
e6:06:dd:3d:1a:a3:72:27:ce:90:92:3b:83:db:81:ec:11:31:
f0:63:8e:f2:50:fc:2c:7d:a2:09:83:a0:c3:27:e9:1f:37:ce:
ee:df:e9:96:c0:8a:ec:82:d4:eb:cf:9b:cb:2a:ba:81:3d:12:
eb:58:ef:a5:ea:c6:6d:88:71:a7:a1:39:2c:45:6d:06:35:83:
3e:f6:07:af:87:25:b7:a1:73:6d:f4:7e:8c:b5:0f:3b:1e:ce:
95:c0:6d:4a:2e:bb:0f:dd:57:d8:be:77:df:68:19:07:92:69:
d1:8e:36:b9:22:68:43:f7:04:d9:01:6e:79:50:8d:12:a3:8a:
bf:04:e9:19:50:29:85:64:f3:14:ae:a0:fd:a5:ff:97:93:28:
27:f3:e3:64:19:a9:6f:e8:76:7f:e2:05:b2:dd:45:b3:a1:1d:
80:45:5a:7e:21:ff:9d:68:43:13:fc:0d:d6:36:fa:84:85:f0:
3d:ce:28:36:48:8d:83:0b:e9:1e:f1:64:de:ad:5e:db:0a:35:
1e:0f:bf:4c:e2:55:80:b2:8e:f4:91:b0:c7:3d:41:fc:6c:a7:
a7:c3:0b:e0:08:18:11:88:b7:8d:69:c5:17:4f:af:1f:f4:0c:
23:7f:88:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTgXU1zCVcvkteZuvX1ew3rn+RZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIwNTdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4ZGRmYzY0OTEyZGEzODg3NzlhNjlhYWNiZmZiMjg3OTcwNzgzMmI3YjEz
YzgwYWRlM2MxZTBkYWI0ZmJhZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6/350ri0eeONk1otXLm+XhoKWLLW6G+GhbpZCi9otpXpxklP9lszqbm57d
f9lhp3OAWvlwlUSdpXuM4Eo1DtQhQHCf99JJpO8voX/uvvTLhIqawOBf/xRS5ur2
HeuSpp/+Y2UGZ9oK3jR3TZkWi4EU2RcsmbSkbbOLv/icAC9bkrMK/4T8cW5NiRfD
KRGMYeLnFfn+RKCyEH+GsD2Z6IJxD5tsYwDJzkpiytjbv/ZP1vDHmtYThkJYsRZV
6Bonkoaju8PQA5FPjcicuSswwKcSBuLyAIiibFyl85m60gNXYDQuiW4mZbUv7HWt
LIWDDDx5Xd/lSwI5of2rskN8k0UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT0es/8
PGW1rUYnNknCGwTBa1EctDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTlmZmEyMzgtOTEzMy00ZmE1LWFkODQtNDllNjdkMzQ4NTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CoA
MA0GCSqGSIb3DQEBCwUAA4IBAQBtz/hirrwWJfK0/zQ7K9STspDmBt09GqNyJ86Q
kjuD24HsETHwY47yUPwsfaIJg6DDJ+kfN87u3+mWwIrsgtTrz5vLKrqBPRLrWO+l
6sZtiHGnoTksRW0GNYM+9gevhyW3oXNt9H6MtQ87Hs6VwG1KLrsP3VfYvnffaBkH
kmnRjja5ImhD9wTZAW55UI0So4q/BOkZUCmFZPMUrqD9pf+Xkygn8+NkGalv6HZ/
4gWy3UWzoR2ARVp+If+daEMT/A3WNvqEhfA9zig2SI2DC+ke8WTerV7bCjUeD79M
4lWAso70kbDHPUH8bKenwwvgCBgRiLeNacUXT68f9Awjf4hQ
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:28 2025 by rpki-client