Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa
File: 9d030354-5f4d-47d4-9f96-310c9a509d02.roa (raw, json)
Hash identifier: 5vJgNmjqQHTVR8LpKOBVq1ZVXIZMoRLd+/vqfDbkv2s=
Subject key identifier: 10:82:64:2A:2B:B4:1A:17:E1:0B:16:F5:A5:74:4B:68:CD:FD:E8:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33C03A78C0F87C988C01D731CE787233B6832EC2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa
Signing time: Tue 26 Aug 2025 17:11:28 +0000
ROA not before: Tue 26 Aug 2025 17:11:28 +0000
ROA not after: Tue 30 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:c0:3a:78:c0:f8:7c:98:8c:01:d7:31:ce:78:72:33:b6:83:2e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 26 17:11:28 2025 GMT
Not After : Sep 30 23:59:59 2025 GMT
Subject: serialNumber=e773522603a6b75f8686e51e472f93b247413b21b52aa8dfbe50f256783fdc33, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2d:cc:9f:24:db:f0:65:62:35:ee:d6:d2:b5:
21:1b:99:81:65:4e:65:04:cc:43:78:d4:b8:e0:f9:
4a:90:8c:13:7d:f4:03:0b:39:d2:41:bc:dc:f6:86:
22:4c:ea:30:98:87:fe:87:9c:49:c5:56:52:b7:b8:
84:d7:56:76:58:ae:17:35:81:5f:a3:81:b3:73:28:
59:18:e9:80:1d:e3:92:0e:93:dd:bd:46:72:ce:f4:
3e:84:26:97:4c:e6:01:9f:8b:05:9b:ff:ed:ab:aa:
85:32:0e:fe:6f:6c:8b:8a:50:f6:fc:a9:23:52:b2:
3e:75:74:b8:97:46:04:11:20:00:f9:16:da:98:f5:
ce:f7:17:6f:49:15:e0:c2:ba:da:ae:a2:0e:ec:17:
c4:e8:09:74:cd:8b:52:f0:e7:c6:71:e2:b7:27:35:
2c:e8:72:0b:6d:e5:82:3b:d5:4a:81:89:16:ca:27:
67:46:61:27:52:b0:17:ba:33:a0:47:16:cd:dc:5a:
73:5d:1e:c5:1d:a9:97:82:3b:ad:49:01:4c:26:99:
c1:31:e1:84:65:54:ee:7c:8a:9a:ec:39:53:7e:be:
ea:e7:6d:12:88:ea:db:fc:5e:d3:9d:44:77:45:2e:
8f:bb:ef:0d:8c:96:2a:94:5b:d2:6e:f3:a6:63:72:
b5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:82:64:2A:2B:B4:1A:17:E1:0B:16:F5:A5:74:4B:68:CD:FD:E8:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d030354-5f4d-47d4-9f96-310c9a509d02.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:800::/40
Signature Algorithm: sha256WithRSAEncryption
6d:ca:40:d0:5d:7b:54:97:ff:c1:99:54:99:25:4f:fa:fc:4c:
7a:9a:d9:db:4e:aa:c0:87:cd:57:81:9e:e0:69:d0:90:cf:bb:
11:31:71:22:42:49:a9:f4:19:67:1e:2c:56:89:3c:db:de:b6:
30:96:c1:06:44:ab:32:fb:ff:d3:d7:60:52:99:07:f1:f9:41:
69:98:25:b1:c3:ec:05:58:de:10:a4:25:7e:5d:3c:05:1e:d9:
5d:16:cb:8c:e9:8f:f0:f7:6e:12:dc:df:1c:bb:da:0f:70:10:
de:f2:c2:a0:ef:df:51:0f:6a:68:f1:1a:01:90:55:37:c8:e6:
b4:60:df:dd:56:52:8d:af:6d:3b:1b:ba:aa:db:60:b0:b9:d5:
93:e1:cf:65:e7:c4:06:86:b4:bb:9b:b8:d4:8b:80:be:43:35:
44:e3:a4:fe:b9:12:9d:45:59:06:a6:14:78:e6:e8:79:e2:54:
c8:8b:a2:bd:d2:bc:52:5b:f1:22:34:68:cd:82:40:c8:e9:c9:
fa:63:35:1c:a1:46:a2:ee:83:c5:47:bb:b1:fd:70:3c:e8:f0:
4c:bc:d4:ce:fe:65:98:2d:a2:22:cb:eb:4a:e4:e7:e2:ef:b2:
9f:ee:1c:42:f9:7a:40:e6:06:37:0b:a4:e8:6c:bb:21:62:6b:
dc:90:f8:29
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM8A6eMD4fJiMAdcxznhyM7aDLsIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjYxNzExMjhaFw0yNTA5MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3NzM1MjI2MDNhNmI3NWY4Njg2ZTUxZTQ3MmY5M2IyNDc0MTNiMjFiNTJh
YThkZmJlNTBmMjU2NzgzZmRjMzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0tzJ8k2/BlYjXu1tK1IRuZgWVOZQTMQ3jUuOD5SpCME330Aws50kG83PaG
IkzqMJiH/oecScVWUre4hNdWdliuFzWBX6OBs3MoWRjpgB3jkg6T3b1Gcs70PoQm
l0zmAZ+LBZv/7auqhTIO/m9si4pQ9vypI1KyPnV0uJdGBBEgAPkW2pj1zvcXb0kV
4MK62q6iDuwXxOgJdM2LUvDnxnHityc1LOhyC23lgjvVSoGJFsonZ0ZhJ1KwF7oz
oEcWzdxac10exR2pl4I7rUkBTCaZwTHhhGVU7nyKmuw5U36+6udtEojq2/xe051E
d0Uuj7vvDYyWKpRb0m7zpmNytSkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQQgmQq
K7QaF+ELFvWldEtozf3oeDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQwMzAzNTQtNWY0ZC00N2Q0LTlmOTYtMzEwYzlhNTA5ZDAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAI
MA0GCSqGSIb3DQEBCwUAA4IBAQBtykDQXXtUl//BmVSZJU/6/Ex6mtnbTqrAh81X
gZ7gadCQz7sRMXEiQkmp9BlnHixWiTzb3rYwlsEGRKsy+//T12BSmQfx+UFpmCWx
w+wFWN4QpCV+XTwFHtldFsuM6Y/w924S3N8cu9oPcBDe8sKg799RD2po8RoBkFU3
yOa0YN/dVlKNr207G7qq22CwudWT4c9l58QGhrS7m7jUi4C+QzVE46T+uRKdRVkG
phR45uh54lTIi6K90rxSW/EiNGjNgkDI6cn6YzUcoUai7oPFR7ux/XA86PBMvNTO
/mWYLaIiy+tK5Ofi77Kf7hxC+XpA5gY3C6TobLshYmvckPgp
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:10:23 2025 by rpki-client