Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
File: a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa (raw, json)
Hash identifier: RiFDTVNYJp9HmiRJxdZ2TlR4J40cIEa3twrtZkH32yo=
Subject key identifier: 58:43:B4:01:85:0D:49:14:D6:72:1D:E1:C8:6C:BB:0D:8B:13:70:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01D4A568FEE2D44D367D7F1A28AE8DC5CD12AD61
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
Signing time: Mon 01 Sep 2025 20:41:25 +0000
ROA not before: Mon 01 Sep 2025 20:41:25 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:d4:a5:68:fe:e2:d4:4d:36:7d:7f:1a:28:ae:8d:c5:cd:12:ad:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:41:25 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=6b1520e4b93d846c867bd68a2f911f3a61f88d2056883f692100bca1487146d2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b1:e1:c4:6d:c1:09:00:64:7b:e8:e5:47:60:
28:bf:7d:b1:8e:78:65:a2:67:00:39:4b:b8:2b:2b:
64:c3:72:b6:ba:24:f1:11:95:38:82:41:fa:2b:04:
0e:1b:44:74:02:45:4d:25:97:f4:e8:a4:c9:1d:ed:
90:73:97:52:28:09:e4:dd:44:8c:d3:b7:90:aa:4d:
25:70:e2:c7:0f:85:1e:bd:8a:8e:83:04:e8:f5:9b:
e3:67:84:97:73:94:e7:af:f1:b9:bf:27:a1:10:c4:
ad:8a:da:50:ef:13:01:6a:e2:9f:22:87:93:cb:a3:
68:5a:34:b4:e5:2d:14:2a:e3:45:2a:85:83:f7:7b:
ee:9d:8f:05:9e:2b:dc:b9:e8:e0:87:cf:eb:80:27:
eb:51:a6:b0:49:6d:9f:38:24:36:fa:14:bb:e5:9d:
28:d0:04:fc:47:81:d0:69:fe:c0:07:bb:a7:d9:f8:
ca:5b:24:8f:18:0c:cd:00:df:12:9b:00:f5:38:fd:
90:f3:98:46:0b:d4:f7:df:21:db:87:1e:05:42:52:
e8:51:b5:6f:8c:f3:56:8f:e2:05:f1:cb:d4:38:2f:
e1:9e:0d:f9:80:70:d5:fb:4b:f1:aa:2c:06:4c:e0:
d2:c9:b3:1c:4f:c5:d0:26:b8:a7:c2:67:3e:96:96:
64:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:43:B4:01:85:0D:49:14:D6:72:1D:E1:C8:6C:BB:0D:8B:13:70:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:9000::/40
Signature Algorithm: sha256WithRSAEncryption
64:b5:41:fd:cb:c7:e2:6d:44:bf:8e:fd:2c:ff:fb:fb:32:94:
40:a3:85:2b:2f:ea:0a:f4:f2:5b:f8:a0:dd:a8:c3:ef:30:25:
62:45:39:89:04:0b:22:20:94:b0:e4:88:4e:fa:b9:a4:79:82:
ed:54:2e:dc:21:53:19:7c:9e:d8:6e:69:2e:ff:f2:42:3f:32:
18:61:c5:ac:27:43:61:dd:24:dd:3b:9a:04:89:09:c4:47:50:
95:67:bb:5e:b4:e5:7d:99:4f:17:33:d3:15:66:8b:ee:5a:f3:
aa:87:0e:16:ba:31:7a:14:e2:80:1e:31:a8:3f:a0:d9:aa:f4:
2b:18:96:f3:28:db:c2:b9:4c:2e:02:5e:62:07:b3:73:83:b2:
b8:7e:d5:ac:f1:9f:5c:01:ba:2f:61:45:45:71:14:78:34:c5:
91:46:9a:13:f9:85:03:73:fd:4f:95:96:31:99:9b:c8:91:f1:
5a:c3:98:c3:2e:9d:22:ff:0f:ee:72:6a:9d:46:01:77:d3:28:
b8:a2:25:76:20:5c:c4:d7:bd:e7:59:5b:6c:f7:ab:dd:2b:68:
8e:a9:2e:39:5f:1a:f6:7b:d1:d0:34:71:44:a6:09:8b:24:0a:
8c:1c:e8:f2:b7:84:b0:96:8e:49:90:04:36:ae:fb:a5:09:82:
9a:33:8d:a8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAdSlaP7i1E02fX8aKK6Nxc0SrWEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQxMjVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiMTUyMGU0YjkzZDg0NmM4NjdiZDY4YTJmOTExZjNhNjFmODhkMjA1Njg4
M2Y2OTIxMDBiY2ExNDg3MTQ2ZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJyx4cRtwQkAZHvo5UdgKL99sY54ZaJnADlLuCsrZMNytrok8RGVOIJB+isE
DhtEdAJFTSWX9OikyR3tkHOXUigJ5N1EjNO3kKpNJXDixw+FHr2KjoME6PWb42eE
l3OU56/xub8noRDErYraUO8TAWrinyKHk8ujaFo0tOUtFCrjRSqFg/d77p2PBZ4r
3Lno4IfP64An61GmsEltnzgkNvoUu+WdKNAE/EeB0Gn+wAe7p9n4ylskjxgMzQDf
EpsA9Tj9kPOYRgvU998h24ceBUJS6FG1b4zzVo/iBfHL1Dgv4Z4N+YBw1ftL8aos
Bkzg0smzHE/F0Ca4p8JnPpaWZLECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRYQ7QB
hQ1JFNZyHeHIbLsNixNwADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZiZDg3ZDUtYzExZS00NTA4LWFkYTUtZWY1OGE0OTVkM2Y2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBktUH9y8fibUS/jv0s//v7MpRAo4UrL+oK9PJb
+KDdqMPvMCViRTmJBAsiIJSw5IhO+rmkeYLtVC7cIVMZfJ7Ybmku//JCPzIYYcWs
J0Nh3STdO5oEiQnER1CVZ7tetOV9mU8XM9MVZovuWvOqhw4WujF6FOKAHjGoP6DZ
qvQrGJbzKNvCuUwuAl5iB7Nzg7K4ftWs8Z9cAbovYUVFcRR4NMWRRpoT+YUDc/1P
lZYxmZvIkfFaw5jDLp0i/w/ucmqdRgF30yi4oiV2IFzE173nWVts96vdK2iOqS45
Xxr2e9HQNHFEpgmLJAqMHOjyt4Swlo5JkAQ2rvulCYKaM42o
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:41 2025 by rpki-client