Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
File: a37b3e49-cec5-4def-b3ef-5356277d82ab.roa (raw, json)
Hash identifier: blbcSTe2fj8kgbQDz0xOoyn5V8R/dKjKK4GjlktE8kU=
Subject key identifier: 49:DA:68:39:8A:95:E2:B8:3A:2E:20:47:23:27:98:B2:0B:32:53:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 770B1F1BB6CA9BC76D0BCCF1D42787B91370DE4B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
Signing time: Mon 01 Sep 2025 21:01:17 +0000
ROA not before: Mon 01 Sep 2025 21:01:17 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:0b:1f:1b:b6:ca:9b:c7:6d:0b:cc:f1:d4:27:87:b9:13:70:de:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:01:17 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=04140eab9152227d88c38c2dea49a6fa3d32d0b4649599506e5df88dbea360e7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2c:0b:12:bb:6a:b1:6d:53:02:82:4e:71:1a:
c4:3f:04:ac:d1:eb:8c:06:92:c8:d2:51:d2:97:e3:
e8:ee:d1:ce:cb:f2:5c:ed:21:48:8e:7e:06:72:a6:
a3:99:a8:fb:65:e0:05:17:2f:04:29:c9:be:4d:6f:
87:5a:93:43:36:eb:18:b6:ee:db:cf:e4:2c:da:fd:
c1:f5:a4:37:ef:33:eb:61:ee:da:12:dd:41:53:50:
e7:5b:09:b1:fc:cf:ce:1a:a2:25:41:47:1e:3c:ca:
55:88:41:a4:b4:61:78:dc:26:23:6a:21:82:c0:47:
40:f1:50:8e:77:c0:a5:0b:d6:f3:ea:12:35:74:b9:
bf:f8:62:53:2d:8e:e6:55:47:2f:67:e2:e3:81:36:
3f:65:dd:6e:0d:21:c1:67:ee:a3:13:c5:4a:00:50:
81:70:d7:33:39:31:d0:ef:55:66:dc:4b:7f:5a:78:
9d:8f:74:7b:be:0e:81:a0:10:11:f2:a6:fc:b9:35:
28:36:80:44:8d:d1:73:fe:f0:21:3c:6e:55:6c:c7:
68:78:3d:61:ec:2c:af:c0:6e:7a:e8:35:56:3e:97:
a7:45:48:b3:fe:1f:e2:61:fd:cd:ff:f6:37:40:ac:
c9:47:b3:95:fe:19:ae:90:44:51:25:3c:b8:6b:54:
83:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:DA:68:39:8A:95:E2:B8:3A:2E:20:47:23:27:98:B2:0B:32:53:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:1000::/40
Signature Algorithm: sha256WithRSAEncryption
2a:c4:a9:59:15:c0:53:90:22:51:ab:10:0f:27:da:8f:6e:dd:
f5:cd:5a:7b:25:49:1b:6d:9e:ed:d6:2e:fc:31:3c:03:4c:41:
76:63:c6:70:2f:2b:21:c8:e3:d6:3e:0d:73:da:90:8d:38:d4:
65:42:1c:b2:cf:10:7b:b4:2c:db:e4:6c:2b:d7:5a:32:be:83:
1f:ba:c6:90:fc:7e:12:49:89:8b:f9:23:62:f0:54:2a:6c:a2:
7a:44:25:bd:f1:78:ab:d5:83:18:01:85:be:04:65:b9:ec:27:
52:30:22:95:cf:ec:33:f2:03:9b:b2:18:8a:f6:17:cd:ae:e4:
2d:d9:29:b7:f5:00:90:b5:58:e8:c9:dc:e2:db:59:ed:a0:73:
a8:31:36:a1:54:ad:12:27:58:e3:9a:58:54:3f:b3:42:25:61:
7a:67:32:3c:af:c6:58:41:74:25:71:cb:d4:49:f4:af:1a:e9:
79:1a:99:87:b0:c8:9b:c3:43:90:ce:70:f3:96:6c:9c:19:15:
45:22:53:79:78:41:fd:07:bb:96:50:99:be:10:77:fb:78:88:
8a:61:ca:02:ff:40:1a:40:d4:a3:35:a3:0b:b7:a5:0b:90:0f:
d2:94:95:ae:9b:7e:4d:87:ba:a2:00:88:2a:f8:c1:fe:87:56:
b1:c1:a0:44
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdwsfG7bKm8dtC8zx1CeHuRNw3kswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAxMTdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0MTQwZWFiOTE1MjIyN2Q4OGMzOGMyZGVhNDlhNmZhM2QzMmQwYjQ2NDk1
OTk1MDZlNWRmODhkYmVhMzYwZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8sCxK7arFtUwKCTnEaxD8ErNHrjAaSyNJR0pfj6O7RzsvyXO0hSI5+BnKm
o5mo+2XgBRcvBCnJvk1vh1qTQzbrGLbu28/kLNr9wfWkN+8z62Hu2hLdQVNQ51sJ
sfzPzhqiJUFHHjzKVYhBpLRheNwmI2ohgsBHQPFQjnfApQvW8+oSNXS5v/hiUy2O
5lVHL2fi44E2P2Xdbg0hwWfuoxPFSgBQgXDXMzkx0O9VZtxLf1p4nY90e74OgaAQ
EfKm/Lk1KDaARI3Rc/7wITxuVWzHaHg9Yewsr8Bueug1Vj6Xp0VIs/4f4mH9zf/2
N0CsyUezlf4ZrpBEUSU8uGtUg3UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRJ2mg5
ipXiuDouIEcjJ5iyCzJT4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTM3YjNlNDktY2VjNS00ZGVmLWIzZWYtNTM1NjI3N2Q4MmFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAqxKlZFcBTkCJRqxAPJ9qPbt31zVp7JUkbbZ7t
1i78MTwDTEF2Y8ZwLyshyOPWPg1z2pCNONRlQhyyzxB7tCzb5Gwr11oyvoMfusaQ
/H4SSYmL+SNi8FQqbKJ6RCW98Xir1YMYAYW+BGW57CdSMCKVz+wz8gObshiK9hfN
ruQt2Sm39QCQtVjoydzi21ntoHOoMTahVK0SJ1jjmlhUP7NCJWF6ZzI8r8ZYQXQl
ccvUSfSvGul5GpmHsMibw0OQznDzlmycGRVFIlN5eEH9B7uWUJm+EHf7eIiKYcoC
/0AaQNSjNaMLt6ULkA/SlJWum35Nh7qiAIgq+MH+h1axwaBE
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:07 2025 by rpki-client