Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a33fb27e-b368-403f-89e6-08d05302535f.roa
File: a33fb27e-b368-403f-89e6-08d05302535f.roa (raw, json)
Hash identifier: dwWX6b0mx0FxsknDKqTdP1bRFGe35uZMvsXyIatXdpE=
Subject key identifier: 6E:41:A8:09:BD:10:88:39:6A:8D:85:79:56:A4:90:0C:0D:5D:EE:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 773CDFE5B69C054BE3EC3207DEEAA570FF70FA8A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a33fb27e-b368-403f-89e6-08d05302535f.roa
Signing time: Mon 01 Sep 2025 20:30:22 +0000
ROA not before: Mon 01 Sep 2025 20:30:22 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:40e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:3c:df:e5:b6:9c:05:4b:e3:ec:32:07:de:ea:a5:70:ff:70:fa:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:22 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=12184016da9ccd9d7f05a2ea9d2fe46f29894ae0988fb37497865c11be0175e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:51:d7:33:ed:47:9f:36:35:33:52:e0:43:e6:
bb:df:a2:c6:b5:50:7c:3d:68:53:45:5e:14:61:2f:
7e:9d:53:7f:f2:31:b8:4d:7e:29:99:79:d7:00:a5:
5a:16:7f:7b:a9:77:71:b9:6f:96:6a:c0:1a:4d:1b:
95:c8:22:49:f0:3c:0f:9f:3f:88:e6:49:29:2a:c3:
0f:92:0b:45:a4:38:53:91:3a:00:6b:93:84:4a:07:
58:36:7d:3e:43:8b:e8:b1:82:69:07:b2:ef:87:85:
e4:b1:7a:f5:e1:bb:5b:1b:a4:46:aa:06:14:9e:9e:
25:5e:fe:b4:a3:02:47:ea:7b:34:75:e7:ea:a4:13:
d2:ab:19:8a:b3:d0:45:ca:75:e9:5c:d7:31:62:e1:
ba:40:3f:9f:b7:3d:88:4a:68:4e:b2:d6:1d:e9:fc:
38:1e:9f:d3:46:20:86:3f:ec:7b:ee:64:62:74:98:
5a:b2:79:84:65:c2:ac:37:25:06:1a:73:05:41:cb:
70:b3:27:26:61:19:72:14:b3:c9:a4:3f:22:ff:c5:
ea:4d:52:4a:e7:0c:98:f8:4f:01:41:02:dc:c1:49:
8b:1a:4e:63:ac:7c:3a:aa:ee:e9:67:0c:64:bb:15:
5d:e5:26:fd:43:27:1f:8c:39:ea:16:4a:39:59:48:
93:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:41:A8:09:BD:10:88:39:6A:8D:85:79:56:A4:90:0C:0D:5D:EE:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a33fb27e-b368-403f-89e6-08d05302535f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:40e0::/48
Signature Algorithm: sha256WithRSAEncryption
a6:97:ce:02:cc:65:af:2f:45:05:5e:ac:d0:91:19:d5:2d:28:
5b:5c:f6:fc:0b:62:e8:6b:4d:94:2e:d1:67:60:f9:7f:39:1b:
b8:47:ab:38:14:f4:b6:e0:a0:60:04:a9:fc:b1:02:8f:fc:fb:
3b:c7:2c:f9:c8:d7:78:be:f4:dd:18:da:1d:e8:59:de:9a:54:
aa:2f:7a:a7:48:2c:cb:7e:1d:bc:01:b5:31:66:da:42:10:8c:
83:e5:d8:f5:a8:b1:25:87:f3:fd:5c:f0:a2:9c:1b:a2:fc:44:
2a:c8:e8:da:e1:c3:e3:bf:f0:0c:b9:4f:eb:b2:d1:cd:ec:c8:
ca:2e:e9:33:12:a1:e6:42:e7:d2:94:1e:10:10:2d:a9:cc:42:
83:e5:a5:d1:05:83:f7:37:26:19:94:7b:42:48:1a:eb:36:c5:
a8:7c:d7:06:ef:09:4f:22:f6:9e:1c:7b:a3:3d:ba:bf:d5:06:
14:6c:20:05:aa:26:ae:8a:15:54:1d:24:b1:6a:35:18:e5:af:
51:ee:85:45:06:e1:59:90:06:a4:25:73:e0:0d:b7:42:0d:29:
81:28:4a:3e:f8:31:b3:93:14:f0:bb:1b:cc:83:d1:de:b6:fe:
b6:8f:66:28:5b:d5:53:11:19:84:9f:46:f7:b9:4c:0a:4a:50:
73:93:6c:4c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdzzf5bacBUvj7DIH3uqlcP9w+oowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwMjJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyMTg0MDE2ZGE5Y2NkOWQ3ZjA1YTJlYTlkMmZlNDZmMjk4OTRhZTA5ODhm
YjM3NDk3ODY1YzExYmUwMTc1ZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNR1zPtR582NTNS4EPmu9+ixrVQfD1oU0VeFGEvfp1Tf/IxuE1+KZl51wCl
WhZ/e6l3cblvlmrAGk0blcgiSfA8D58/iOZJKSrDD5ILRaQ4U5E6AGuThEoHWDZ9
PkOL6LGCaQey74eF5LF69eG7WxukRqoGFJ6eJV7+tKMCR+p7NHXn6qQT0qsZirPQ
Rcp16VzXMWLhukA/n7c9iEpoTrLWHen8OB6f00Yghj/se+5kYnSYWrJ5hGXCrDcl
BhpzBUHLcLMnJmEZchSzyaQ/Iv/F6k1SSucMmPhPAUEC3MFJixpOY6x8Oqru6WcM
ZLsVXeUm/UMnH4w56hZKOVlIk9kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRuQagJ
vRCIOWqNhXlWpJAMDV3uWDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTMzZmIyN2UtYjM2OC00MDNmLTg5ZTYtMDhkMDUzMDI1MzVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
4DANBgkqhkiG9w0BAQsFAAOCAQEAppfOAsxlry9FBV6s0JEZ1S0oW1z2/Ati6GtN
lC7RZ2D5fzkbuEerOBT0tuCgYASp/LECj/z7O8cs+cjXeL703RjaHehZ3ppUqi96
p0gsy34dvAG1MWbaQhCMg+XY9aixJYfz/VzwopwbovxEKsjo2uHD47/wDLlP67LR
zezIyi7pMxKh5kLn0pQeEBAtqcxCg+Wl0QWD9zcmGZR7Qkga6zbFqHzXBu8JTyL2
nhx7oz26v9UGFGwgBaomrooVVB0ksWo1GOWvUe6FRQbhWZAGpCVz4A23Qg0pgShK
Pvgxs5MU8LsbzIPR3rb+to9mKFvVUxEZhJ9G97lMCkpQc5NsTA==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:17 2025 by rpki-client