Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2c4c28c-0df9-40d4-bf4d-926104b691f4.roa
File: a2c4c28c-0df9-40d4-bf4d-926104b691f4.roa (raw, json)
Hash identifier: 0DPQ4dNl+3yuWMoMuHk6VaB7wHy0LZtetbDGlFyUJ2U=
Subject key identifier: 21:4D:57:7E:43:C9:33:10:8C:FB:F1:11:89:CA:44:3A:33:97:B9:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76A986067C867184FD77929B8E5F1A29EAA1C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2c4c28c-0df9-40d4-bf4d-926104b691f4.roa
Signing time: Mon 01 Sep 2025 20:30:45 +0000
ROA not before: Mon 01 Sep 2025 20:30:45 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:a9:86:06:7c:86:71:84:fd:77:92:9b:8e:5f:1a:29:ea:a1:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:45 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=73e31a16720591dad77c39884d4fe9115305033b7f0401471e6fd22bb7b23b7f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ca:2b:9b:68:70:a5:ec:5d:93:62:3f:07:e0:
3b:90:2d:ca:0b:4c:d6:d0:18:cf:fd:e3:70:75:82:
fa:9e:7b:43:4e:39:1e:17:65:70:64:23:bd:63:fc:
42:6c:3e:a1:3f:6f:d7:f0:0a:24:48:b1:b8:cf:54:
fe:96:29:3b:39:2b:8f:e0:8e:c8:ae:e5:26:1c:60:
7f:e8:94:a5:01:39:b6:af:1f:62:dd:f9:69:36:22:
7c:6b:8c:1a:e0:61:e0:57:7f:63:10:3d:1c:89:31:
a6:4f:8e:65:5f:00:18:ca:c9:e4:a8:7f:d2:05:41:
76:5e:85:62:2d:1a:50:e4:11:4e:8f:6d:f8:2c:8b:
b7:46:a8:b9:b4:89:50:1c:52:8f:2f:d1:fe:7c:8a:
ef:23:30:4d:2f:b6:77:7b:85:61:44:6d:1e:58:c9:
72:82:ad:2e:a9:13:75:e8:d6:23:1e:ab:51:92:de:
16:e3:24:c0:2e:ba:47:44:76:8f:27:29:0a:81:56:
cc:82:43:42:4c:c2:87:c3:2f:ba:e6:d8:ca:05:d8:
b1:1a:91:0e:ec:32:66:fe:8a:50:7f:dc:27:39:c4:
e5:a4:00:3f:cf:f2:39:b8:4c:2d:e7:cb:7e:e5:e0:
6a:96:98:dd:95:d7:76:a3:f1:81:4b:f3:5e:40:7a:
03:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:4D:57:7E:43:C9:33:10:8C:FB:F1:11:89:CA:44:3A:33:97:B9:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a2c4c28c-0df9-40d4-bf4d-926104b691f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
8c:52:e3:df:76:3b:49:d6:c7:16:50:25:43:61:92:b7:cc:6e:
e9:32:1c:0e:18:7a:b4:c7:9d:27:98:3c:42:35:72:d3:41:d5:
d4:0d:4b:9e:44:f7:ef:95:cc:49:4c:ca:8f:d1:fe:c4:11:fe:
1b:92:d4:e5:11:ed:42:9a:85:45:e4:13:a3:b8:fb:72:b5:86:
cf:1e:9a:ae:f5:8d:bc:4d:a3:d4:6c:ec:b9:b4:b0:4e:57:82:
25:c6:e3:cc:da:f9:d1:df:2b:19:14:df:e2:e1:e0:b8:e3:f4:
73:99:c9:80:d4:bb:4f:2d:a1:6f:b1:e9:6e:eb:ff:18:a9:8d:
da:4d:e2:a0:6d:b0:a9:68:e5:5f:42:b9:69:2f:58:4f:e2:3c:
8b:3f:3c:dc:f1:e6:6b:e5:b8:3b:ca:c6:0d:85:b0:8a:47:3f:
f3:bd:eb:8a:87:7c:26:cc:b6:b3:3a:0c:8f:0a:40:93:f6:d8:
b6:13:84:3f:cf:54:fb:7f:ae:9f:fa:5e:75:52:01:dd:eb:f1:
6a:fa:e4:38:e8:4c:37:1a:96:98:ea:e6:ba:88:83:e3:a4:41:
f0:a0:f3:a7:af:3c:5e:f3:94:77:c5:7f:5a:f7:e1:b1:34:14:
50:45:f7:f6:fb:30:8a:3a:58:f2:b2:53:a8:e9:d7:e4:2a:cb:
9a:c0:64:5b
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgITdqmGBnyGcYT9d5Kbjl8aKeqhyDANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0
OTk3MGJjMB4XDTI1MDkwMTIwMzA0NVoXDTI1MTAwNjIzNTk1OVowejFJMEcGA1UE
BRNANzNlMzFhMTY3MjA1OTFkYWQ3N2MzOTg4NGQ0ZmU5MTE1MzA1MDMzYjdmMDQw
MTQ3MWU2ZmQyMmJiN2IyM2I3ZjEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3
LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn8orm2hwpexdk2I/B+A7kC3KC0zW0BjP/eNwdYL6nntDTjkeF2VwZCO9Y/xC
bD6hP2/X8AokSLG4z1T+lik7OSuP4I7IruUmHGB/6JSlATm2rx9i3flpNiJ8a4wa
4GHgV39jED0ciTGmT45lXwAYysnkqH/SBUF2XoViLRpQ5BFOj234LIu3Rqi5tIlQ
HFKPL9H+fIrvIzBNL7Z3e4VhRG0eWMlygq0uqRN16NYjHqtRkt4W4yTALrpHRHaP
JykKgVbMgkNCTMKHwy+65tjKBdixGpEO7DJm/opQf9wnOcTlpAA/z/I5uEwt58t+
5eBqlpjdldd2o/GBS/NeQHoDnQIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFCFNV35D
yTMQjPvxEYnKRDozl7mBMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu
ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC9h
MmM0YzI4Yy0wZGY5LTQwZDQtYmY0ZC05MjYxMDRiNjkxZjQucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli
ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQOkAw
DQYJKoZIhvcNAQELBQADggEBAIxS4992O0nWxxZQJUNhkrfMbukyHA4YerTHnSeY
PEI1ctNB1dQNS55E9++VzElMyo/R/sQR/huS1OUR7UKahUXkE6O4+3K1hs8emq71
jbxNo9Rs7Lm0sE5XgiXG48za+dHfKxkU3+Lh4Ljj9HOZyYDUu08toW+x6W7r/xip
jdpN4qBtsKlo5V9CuWkvWE/iPIs/PNzx5mvluDvKxg2FsIpHP/O964qHfCbMtrM6
DI8KQJP22LYThD/PVPt/rp/6XnVSAd3r8Wr65DjoTDcalpjq5rqIg+OkQfCg86ev
PF7zlHfFf1r34bE0FFBF9/b7MIo6WPKyU6jp1+Qqy5rAZFs=
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:05 2025 by rpki-client