Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
File: b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa (raw, json)
Hash identifier: JGHj+hqSEUDZ1/hSNpwLVTQhluFodxJfFncOWenHPQo=
Subject key identifier: 76:0A:35:F8:96:5E:2C:D7:16:BF:24:9B:3F:5E:E8:AC:78:05:AC:23
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13BCB23ECC4012BE24F596B82D95DF9483A8A4ED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
Signing time: Mon 01 Sep 2025 21:20:15 +0000
ROA not before: Mon 01 Sep 2025 21:20:15 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02b:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:bc:b2:3e:cc:40:12:be:24:f5:96:b8:2d:95:df:94:83:a8:a4:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:20:15 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=e35cebdd1a9ea6a087b115038a55ae701186d61c7dd82f503532b42e03d58d9f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e5:07:63:76:03:4d:08:a5:51:d0:b8:1a:d6:
20:3f:83:e4:c6:e6:90:b7:72:1a:73:e1:a0:60:38:
21:01:53:c6:2e:6b:a9:fe:75:06:52:89:0f:d4:52:
09:ba:40:30:e1:75:b1:b6:e9:0f:20:e1:22:31:9b:
74:ce:81:3f:06:ab:cb:76:d2:57:aa:3e:9d:5f:68:
62:93:64:70:53:30:80:16:ea:e5:b5:d7:c4:3b:0c:
e4:9b:eb:f2:f2:6e:15:0c:68:f8:f5:8c:8c:b8:0e:
00:c9:2a:91:14:27:0e:d8:ee:6a:87:f3:91:f8:a4:
1e:b7:ec:f2:d1:82:f6:72:bf:79:62:1e:b1:cc:e9:
9a:75:a0:23:15:e2:70:5c:54:82:41:76:50:6b:30:
c1:59:9b:39:ed:91:9f:eb:bb:e7:a5:d7:5c:90:82:
e5:0f:8d:c5:57:4d:2c:0b:f3:fa:d4:d4:3d:6c:f5:
19:f5:14:45:91:37:9f:d5:f3:88:a4:3d:a2:1b:d6:
8f:5e:8f:b9:87:65:ad:73:7a:bd:20:26:e8:0f:b6:
67:25:ff:f7:0b:a7:47:7d:af:42:c5:39:48:29:a4:
03:fc:46:08:1b:e8:0b:25:d7:f3:ba:e1:0a:db:75:
23:b8:1c:f3:89:11:fc:d2:48:9b:9e:40:86:31:69:
99:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:0A:35:F8:96:5E:2C:D7:16:BF:24:9B:3F:5E:E8:AC:78:05:AC:23
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02b:800::/37
Signature Algorithm: sha256WithRSAEncryption
b7:67:b9:11:8e:c4:5e:85:49:0c:07:e9:de:31:e7:cd:d2:ba:
29:2f:1b:15:bc:1e:a5:dc:f3:22:4d:ae:00:90:3d:a5:3c:c3:
20:70:01:93:d4:eb:b5:cf:09:4c:76:ab:57:d1:49:01:ba:c0:
33:47:46:bb:74:1a:b2:c9:76:9d:29:25:e9:de:0f:e7:e8:d4:
38:63:11:3e:0c:b8:ce:40:b3:d4:37:3d:1b:e3:f0:55:e1:99:
e8:b3:31:0c:19:0a:8e:72:23:59:d9:77:7a:f7:7f:10:9b:cc:
fe:23:fd:d9:5b:46:87:5b:6f:9e:89:da:37:03:03:6a:8c:97:
a8:91:af:6f:c8:c0:47:f4:df:f7:79:49:50:39:4a:6d:7c:11:
ae:7e:51:67:ae:56:0e:48:ed:09:54:00:ad:c1:2f:34:eb:aa:
57:e4:80:c1:cd:5b:93:f4:03:82:2c:49:81:1c:02:b9:aa:98:
9d:bf:78:36:d3:b5:f9:3a:db:d8:f6:bb:d4:01:b7:5b:9e:c3:
6a:b5:c3:ee:aa:61:46:bf:a8:26:58:16:ee:4a:4d:bf:25:14:
85:3a:ae:73:57:21:88:f4:7b:2d:ae:92:24:79:07:af:b2:ed:
96:ae:02:78:18:7d:a9:cf:42:f7:41:0a:74:ad:b7:fd:a0:56:
30:ca:98:82
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE7yyPsxAEr4k9Za4LZXflIOopO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIwMTVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzNWNlYmRkMWE5ZWE2YTA4N2IxMTUwMzhhNTVhZTcwMTE4NmQ2MWM3ZGQ4
MmY1MDM1MzJiNDJlMDNkNThkOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7lB2N2A00IpVHQuBrWID+D5MbmkLdyGnPhoGA4IQFTxi5rqf51BlKJD9RS
CbpAMOF1sbbpDyDhIjGbdM6BPwary3bSV6o+nV9oYpNkcFMwgBbq5bXXxDsM5Jvr
8vJuFQxo+PWMjLgOAMkqkRQnDtjuaofzkfikHrfs8tGC9nK/eWIesczpmnWgIxXi
cFxUgkF2UGswwVmbOe2Rn+u756XXXJCC5Q+NxVdNLAvz+tTUPWz1GfUURZE3n9Xz
iKQ9ohvWj16PuYdlrXN6vSAm6A+2ZyX/9wunR32vQsU5SCmkA/xGCBvoCyXX87rh
Ctt1I7gc84kR/NJIm55AhjFpmdsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR2CjX4
ll4s1xa/JJs/XuiseAWsIzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjNiMTg2NDgtYmVhMC00ZjdlLThmMGYtNWFkMmQyZjA1ZWE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0CsI
MA0GCSqGSIb3DQEBCwUAA4IBAQC3Z7kRjsRehUkMB+neMefN0ropLxsVvB6l3PMi
Ta4AkD2lPMMgcAGT1Ou1zwlMdqtX0UkBusAzR0a7dBqyyXadKSXp3g/n6NQ4YxE+
DLjOQLPUNz0b4/BV4ZnoszEMGQqOciNZ2Xd6938Qm8z+I/3ZW0aHW2+eido3AwNq
jJeoka9vyMBH9N/3eUlQOUptfBGuflFnrlYOSO0JVACtwS8066pX5IDBzVuT9AOC
LEmBHAK5qpidv3g207X5OtvY9rvUAbdbnsNqtcPuqmFGv6gmWBbuSk2/JRSFOq5z
VyGI9HstrpIkeQevsu2WrgJ4GH2pz0L3QQp0rbf9oFYwypiC
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:29 2025 by rpki-client