Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
File: b01a5a70-e8bc-4c88-8f86-597d891eae77.roa (raw, json)
Hash identifier: Q+djI5X5N7KzXwZVNoJfrKYs474f0umWZbC3LUzItto=
Subject key identifier: C2:BA:62:AE:8F:9C:8E:FD:50:00:62:59:26:84:60:52:D2:FE:98:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F2522EFCFB73CBE5C3B41612739C07C0DB7A48A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
Signing time: Mon 01 Sep 2025 20:21:05 +0000
ROA not before: Mon 01 Sep 2025 20:21:05 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:25:22:ef:cf:b7:3c:be:5c:3b:41:61:27:39:c0:7c:0d:b7:a4:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:21:05 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=63cd831197e8ad61e74421b9424882bdfac43ead789a083d4244df7b033a12b8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:27:5e:06:f8:da:7d:d7:28:d8:74:63:3e:07:
3f:c5:dc:82:9b:0e:64:81:da:9e:ca:0b:f0:e2:65:
e5:0e:24:9e:47:98:e4:e1:cd:71:67:c3:c3:fd:79:
51:76:44:58:31:e0:b9:6b:8e:e0:f8:26:17:72:46:
1b:92:ca:70:2d:39:c3:01:71:eb:91:de:c6:55:66:
f1:e7:10:b8:be:8c:3b:ba:6e:e1:c2:67:33:6b:40:
15:40:e9:31:5e:59:45:e0:49:13:e3:f2:fc:db:5c:
aa:55:b1:ae:55:7b:2b:8f:ac:31:62:b5:b7:24:e2:
d8:15:e3:dc:e7:d3:9d:f0:70:93:de:45:39:4b:ec:
0a:37:f7:84:75:32:f9:63:12:db:a6:de:41:d5:78:
ef:2a:90:1d:b9:45:91:18:b6:00:ce:b5:0f:e9:19:
d0:7f:4f:cc:17:fa:57:4f:f3:14:8d:ed:81:b3:53:
7e:0b:62:b8:f4:46:e8:e1:7a:b8:4c:b5:62:5a:d7:
56:94:4b:ef:95:66:f5:e6:a3:ad:2a:8e:54:18:97:
86:88:c2:61:94:60:b0:13:ff:18:17:8e:83:f1:7a:
4f:ff:3f:d3:20:e6:6d:82:72:65:80:8f:30:f2:2f:
c5:90:a0:82:7d:a6:88:b5:82:ea:59:80:b6:04:2e:
f0:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:BA:62:AE:8F:9C:8E:FD:50:00:62:59:26:84:60:52:D2:FE:98:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b01a5a70-e8bc-4c88-8f86-597d891eae77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2080::/48
Signature Algorithm: sha256WithRSAEncryption
96:29:62:8a:eb:b7:0c:25:ee:c6:f8:fa:ef:a6:38:bb:e6:e1:
df:e1:4c:b6:54:fb:69:1f:a1:9b:c6:99:9a:17:b0:4d:0b:8f:
ce:64:77:95:5c:9f:26:72:03:5c:36:ce:48:3c:42:b6:e8:d8:
93:b8:e6:da:57:69:97:34:c3:3e:5c:17:b7:e1:f9:a8:2b:70:
8b:24:81:13:ed:70:c3:9b:53:75:45:a9:5d:35:ba:e8:11:ea:
f5:cb:fd:d4:5c:42:1f:9b:00:9c:39:e4:01:af:fa:d0:8f:bd:
18:46:05:0f:e3:88:1c:e8:65:a6:cb:8c:37:64:18:79:cd:a9:
1b:f3:ea:48:a7:12:e4:64:07:5b:cd:e8:d0:a0:00:8b:f2:bc:
06:10:f2:37:80:af:0a:e9:4d:5c:f7:08:6a:50:d8:16:4b:08:
f6:1c:07:42:b2:99:f3:28:9d:7e:80:17:d2:a3:5a:ae:89:8c:
50:92:7f:77:d9:88:64:e1:58:23:9b:ee:ff:d3:2e:45:fc:39:
1b:d2:f6:af:29:23:bf:12:0e:9b:4c:9b:d7:90:2e:ce:86:9e:
d8:02:26:4f:8f:40:34:b9:41:c9:aa:12:15:a2:a4:2d:6a:c9:
0f:30:b6:3b:95:0f:ca:46:8c:6d:8e:4c:02:b5:71:4e:02:f7:
ab:89:d3:37
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbyUi78+3PL5cO0FhJznAfA23pIowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIxMDVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzY2Q4MzExOTdlOGFkNjFlNzQ0MjFiOTQyNDg4MmJkZmFjNDNlYWQ3ODlh
MDgzZDQyNDRkZjdiMDMzYTEyYjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8nXgb42n3XKNh0Yz4HP8XcgpsOZIHansoL8OJl5Q4knkeY5OHNcWfDw/15
UXZEWDHguWuO4PgmF3JGG5LKcC05wwFx65HexlVm8ecQuL6MO7pu4cJnM2tAFUDp
MV5ZReBJE+Py/NtcqlWxrlV7K4+sMWK1tyTi2BXj3OfTnfBwk95FOUvsCjf3hHUy
+WMS26beQdV47yqQHblFkRi2AM61D+kZ0H9PzBf6V0/zFI3tgbNTfgtiuPRG6OF6
uEy1YlrXVpRL75Vm9eajrSqOVBiXhojCYZRgsBP/GBeOg/F6T/8/0yDmbYJyZYCP
MPIvxZCggn2miLWC6lmAtgQu8LUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTCumKu
j5yO/VAAYlkmhGBS0v6YGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjAxYTVhNzAtZThiYy00Yzg4LThmODYtNTk3ZDg5MWVhZTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8g
gDANBgkqhkiG9w0BAQsFAAOCAQEAliliiuu3DCXuxvj676Y4u+bh3+FMtlT7aR+h
m8aZmhewTQuPzmR3lVyfJnIDXDbOSDxCtujYk7jm2ldplzTDPlwXt+H5qCtwiySB
E+1ww5tTdUWpXTW66BHq9cv91FxCH5sAnDnkAa/60I+9GEYFD+OIHOhlpsuMN2QY
ec2pG/PqSKcS5GQHW83o0KAAi/K8BhDyN4CvCulNXPcIalDYFksI9hwHQrKZ8yid
foAX0qNaromMUJJ/d9mIZOFYI5vu/9MuRfw5G9L2rykjvxIOm0yb15Auzoae2AIm
T49ANLlByaoSFaKkLWrJDzC2O5UPykaMbY5MArVxTgL3q4nTNw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:30 2025 by rpki-client