Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
File: 9fb96617-2d2f-468d-b766-35c52d9f2681.roa (raw, json)
Hash identifier: N9BkSRvfpodDZwBjy+FZyuGpRzM9KpePgfNpJ33YPhg=
Subject key identifier: CB:C2:FF:B4:B5:C6:EC:0D:22:02:25:7B:7B:53:2C:5C:31:F3:41:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17F4A04701B1B35C07157D32162A1CC57A8ADA52
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
Signing time: Mon 01 Sep 2025 21:01:29 +0000
ROA not before: Mon 01 Sep 2025 21:01:29 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:f4:a0:47:01:b1:b3:5c:07:15:7d:32:16:2a:1c:c5:7a:8a:da:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:01:29 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=303af6a904e5972528c31604c9315a34e92158c62d9e37fd2e19bbb6658f732b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:36:a2:df:29:dc:14:92:21:20:47:af:74:fa:
04:3c:aa:f7:10:30:01:30:42:e1:fc:62:2a:cd:89:
bf:82:8b:8e:e8:66:07:59:d4:b6:98:07:85:f0:a2:
63:79:b8:66:b2:13:68:bc:b7:de:ad:95:7e:77:57:
d8:ad:d0:e2:1c:0f:0b:79:7f:0f:47:ff:5b:2e:5a:
74:7a:c7:65:49:62:b6:ff:5c:f6:09:50:c9:ec:1a:
a7:c9:ce:30:5b:24:ff:bb:a3:86:b7:15:98:32:1f:
96:08:3e:50:d2:e4:13:56:d8:dc:f0:19:16:c0:ba:
26:c7:f2:dc:9c:c9:f2:09:d9:4a:b7:8d:5c:d3:54:
30:78:68:aa:c7:fb:a4:e5:3d:d4:58:ea:8f:a1:20:
02:33:e3:2f:14:d3:2b:db:cb:c3:e3:80:1e:d2:80:
a1:0f:4a:e4:2b:6c:f3:5d:9a:b8:f8:fb:7e:f0:4b:
ab:c5:e1:4a:bc:e1:8e:38:dc:1c:68:f8:97:02:6a:
e0:9f:21:22:34:dc:2b:e6:df:84:77:c8:ef:2f:28:
ac:01:46:b2:0f:d8:2b:db:4a:5f:e3:c7:2c:d7:31:
bb:a4:8b:44:4d:f3:fc:6e:4f:c3:94:f3:a9:0c:c6:
c0:90:8b:9d:19:a2:2c:f1:18:29:e9:55:ad:15:9d:
b1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C2:FF:B4:B5:C6:EC:0D:22:02:25:7B:7B:53:2C:5C:31:F3:41:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015:800::/38
Signature Algorithm: sha256WithRSAEncryption
00:dd:98:44:b9:ea:9c:bc:97:aa:f0:36:39:ce:58:db:cb:55:
ee:b8:fe:68:ef:d1:e3:36:5b:00:e3:57:c8:54:ef:1a:fc:46:
c5:d8:17:76:cc:1d:39:0c:d4:09:88:b0:3a:40:d0:6f:b5:cb:
e0:cb:30:a9:a8:be:2c:ad:3a:e2:f7:53:06:13:90:04:8b:70:
81:04:58:9f:3c:56:a7:08:a0:4f:88:ad:8a:e6:fe:00:2c:38:
00:e3:c3:2b:c0:39:ca:e7:21:6b:bd:61:7e:01:f2:e4:2f:01:
7c:56:18:3a:16:50:5f:37:75:8a:c3:0b:08:c6:14:80:1b:64:
81:0f:38:fd:b1:8a:89:8d:22:04:65:6b:77:7d:a0:2c:b9:19:
8e:cf:0f:fc:61:e5:0c:3b:64:00:32:1d:c1:73:f9:3a:a2:c6:
8d:f9:d7:b5:3d:e7:36:55:ad:9f:e7:62:f0:d5:86:77:f7:2a:
6c:3b:8e:11:db:9a:8f:1d:d2:77:3b:09:48:12:86:a4:06:c3:
5d:4e:7d:63:03:59:4e:a0:83:7b:67:67:fb:1c:e7:d8:3a:3a:
ab:de:13:c2:f5:f2:33:8b:b7:00:a9:60:96:bd:7d:73:33:d7:
d2:5b:0d:c3:82:94:8a:40:0b:8d:8b:40:73:ef:72:b4:c9:19:
66:ce:af:b5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF/SgRwGxs1wHFX0yFiocxXqK2lIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAxMjlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwM2FmNmE5MDRlNTk3MjUyOGMzMTYwNGM5MzE1YTM0ZTkyMTU4YzYyZDll
MzdmZDJlMTliYmI2NjU4ZjczMmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALI2ot8p3BSSISBHr3T6BDyq9xAwATBC4fxiKs2Jv4KLjuhmB1nUtpgHhfCi
Y3m4ZrITaLy33q2VfndX2K3Q4hwPC3l/D0f/Wy5adHrHZUlitv9c9glQyewap8nO
MFsk/7ujhrcVmDIflgg+UNLkE1bY3PAZFsC6Jsfy3JzJ8gnZSreNXNNUMHhoqsf7
pOU91Fjqj6EgAjPjLxTTK9vLw+OAHtKAoQ9K5Cts812auPj7fvBLq8XhSrzhjjjc
HGj4lwJq4J8hIjTcK+bfhHfI7y8orAFGsg/YK9tKX+PHLNcxu6SLRE3z/G5Pw5Tz
qQzGwJCLnRmiLPEYKelVrRWdsT8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTLwv+0
tcbsDSICJXt7UyxcMfNBuTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZiOTY2MTctMmQyZi00NjhkLWI3NjYtMzVjNTJkOWYyNjgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUI
MA0GCSqGSIb3DQEBCwUAA4IBAQAA3ZhEueqcvJeq8DY5zljby1XuuP5o79HjNlsA
41fIVO8a/EbF2Bd2zB05DNQJiLA6QNBvtcvgyzCpqL4srTri91MGE5AEi3CBBFif
PFanCKBPiK2K5v4ALDgA48MrwDnK5yFrvWF+AfLkLwF8Vhg6FlBfN3WKwwsIxhSA
G2SBDzj9sYqJjSIEZWt3faAsuRmOzw/8YeUMO2QAMh3Bc/k6osaN+de1Pec2Va2f
52Lw1YZ39ypsO44R25qPHdJ3OwlIEoakBsNdTn1jA1lOoIN7Z2f7HOfYOjqr3hPC
9fIzi7cAqWCWvX1zM9fSWw3DgpSKQAuNi0Bz73K0yRlmzq+1
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:04 2025 by rpki-client