Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d5fdc3a-1bfd-4677-9e52-a12c872852f2.roa
File: 9d5fdc3a-1bfd-4677-9e52-a12c872852f2.roa (raw, json)
Hash identifier: WPx1FFo2l5/Gw2awwOy/yiijUwDy3btk0bQrO5aFegw=
Subject key identifier: 35:6D:C1:D7:1E:B7:B3:A3:8B:DC:56:87:C2:A7:93:0F:32:F5:C5:6A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F42F4C98D894A730DD99976E443E38BBE98DE99
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d5fdc3a-1bfd-4677-9e52-a12c872852f2.roa
Signing time: Mon 01 Sep 2025 21:11:20 +0000
ROA not before: Mon 01 Sep 2025 21:11:20 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:42:f4:c9:8d:89:4a:73:0d:d9:99:76:e4:43:e3:8b:be:98:de:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:11:20 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=3d10502a8e7a1dcabb94eaf672d0f4620c1775ffecc6ca3b7d0474223d375fc0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bb:08:3c:7e:8c:ba:81:aa:75:19:85:b3:01:
1d:47:b4:c5:53:2f:7e:5f:84:76:ec:b7:15:74:09:
72:18:3f:13:7e:69:b4:18:28:0a:d1:72:d5:2d:f7:
f6:f5:f9:09:07:c3:53:f7:ce:38:12:8d:1e:5b:59:
8f:49:ef:45:58:19:c7:03:f4:43:e5:54:95:45:9c:
70:e6:51:9d:0f:f7:51:d8:49:86:f4:90:f8:2f:4d:
39:1e:58:bf:1a:35:4e:00:c0:70:18:3f:e2:c6:56:
cb:2d:71:76:71:3d:2d:0a:5b:17:e6:5d:71:6f:86:
fd:5a:3e:e5:7c:ea:3d:e3:69:5c:a3:3b:d5:d9:6b:
fb:7a:d4:ee:af:75:84:8a:55:e9:b4:b9:a3:4d:8d:
7b:3e:a2:dc:88:46:ff:7c:29:81:1b:08:e5:7a:f5:
4a:ee:09:32:1a:e9:04:80:fe:8c:10:ad:d2:9c:86:
3c:66:a7:ee:a6:4c:4b:e3:95:db:43:d9:17:29:01:
8f:85:19:cb:03:c0:d7:f6:97:53:1d:d0:e2:da:ac:
59:21:95:8a:d6:db:17:7c:cf:01:fd:c5:41:fb:ab:
56:c2:6b:7c:65:0f:f3:c9:1c:50:89:94:39:8c:6f:
19:a6:4b:f1:57:73:3e:70:7a:e2:1b:41:27:f7:0f:
1c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:6D:C1:D7:1E:B7:B3:A3:8B:DC:56:87:C2:A7:93:0F:32:F5:C5:6A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d5fdc3a-1bfd-4677-9e52-a12c872852f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011::/36
Signature Algorithm: sha256WithRSAEncryption
6c:65:d8:aa:de:c3:78:f7:5f:2f:5b:7b:18:2d:56:17:95:bb:
ba:a7:96:39:35:39:48:c2:1b:5d:70:d6:54:dd:59:55:c3:fc:
ca:b0:fb:a4:46:9b:8f:4c:11:71:0f:25:b8:20:f4:81:f0:cf:
58:1e:00:55:45:dc:ab:92:ff:1c:8b:43:97:47:92:84:36:ea:
7a:f3:38:1a:64:3a:68:e3:27:9f:55:af:68:d9:68:44:4e:c9:
44:bd:d8:c6:fb:c6:3c:c7:49:69:a7:f2:f8:c6:55:c5:a0:9b:
52:8d:8c:34:b4:d7:9c:40:da:d2:fd:d5:1d:0c:55:de:a3:8c:
70:bb:d6:4b:c5:09:f6:f6:54:0f:0a:24:96:68:27:e3:ee:04:
b2:e9:92:d2:f8:c5:55:76:8f:a7:dd:4e:ea:f1:06:1c:45:52:
b0:0b:06:4f:b2:c2:b9:3b:c3:42:5e:09:3e:eb:9c:73:bb:01:
3d:17:4a:a9:b8:2e:18:78:8c:25:a9:ff:2c:7b:a6:90:8d:30:
23:a8:6a:db:70:10:0f:c5:d6:ec:51:9d:09:23:12:f5:32:93:
f6:b8:68:08:ff:95:93:d8:98:2b:58:66:fc:e4:70:e4:81:06:
86:b1:aa:85:a1:f6:5d:b3:b1:6a:39:a3:be:c2:66:e6:4b:15:
3a:79:18:43
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX0L0yY2JSnMN2Zl25EPji76Y3pkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTExMjBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkMTA1MDJhOGU3YTFkY2FiYjk0ZWFmNjcyZDBmNDYyMGMxNzc1ZmZlY2M2
Y2EzYjdkMDQ3NDIyM2QzNzVmYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKi7CDx+jLqBqnUZhbMBHUe0xVMvfl+Eduy3FXQJchg/E35ptBgoCtFy1S33
9vX5CQfDU/fOOBKNHltZj0nvRVgZxwP0Q+VUlUWccOZRnQ/3UdhJhvSQ+C9NOR5Y
vxo1TgDAcBg/4sZWyy1xdnE9LQpbF+ZdcW+G/Vo+5XzqPeNpXKM71dlr+3rU7q91
hIpV6bS5o02Nez6i3IhG/3wpgRsI5Xr1Su4JMhrpBID+jBCt0pyGPGan7qZMS+OV
20PZFykBj4UZywPA1/aXUx3Q4tqsWSGVitbbF3zPAf3FQfurVsJrfGUP88kcUImU
OYxvGaZL8VdzPnB64htBJ/cPHNUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ1bcHX
Hrezo4vcVofCp5MPMvXFajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQ1ZmRjM2EtMWJmZC00Njc3LTllNTItYTEyYzg3Mjg1MmYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BEA
MA0GCSqGSIb3DQEBCwUAA4IBAQBsZdiq3sN4918vW3sYLVYXlbu6p5Y5NTlIwhtd
cNZU3VlVw/zKsPukRpuPTBFxDyW4IPSB8M9YHgBVRdyrkv8ci0OXR5KENup68zga
ZDpo4yefVa9o2WhETslEvdjG+8Y8x0lpp/L4xlXFoJtSjYw0tNecQNrS/dUdDFXe
o4xwu9ZLxQn29lQPCiSWaCfj7gSy6ZLS+MVVdo+n3U7q8QYcRVKwCwZPssK5O8NC
Xgk+65xzuwE9F0qpuC4YeIwlqf8se6aQjTAjqGrbcBAPxdbsUZ0JIxL1MpP2uGgI
/5WT2JgrWGb85HDkgQaGsaqFofZds7FqOaO+wmbmSxU6eRhD
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:26 2025 by rpki-client