Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
File: b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa (raw, json)
Hash identifier: GMiEiqGKHFRQbZWhtqVlRKsRzrSvBVPEjf13BFxKn9w=
Subject key identifier: 25:CF:47:2F:31:79:A6:B9:22:04:1C:07:F4:15:9D:AB:50:9B:67:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 135FABEC99373BA8233E21D273BBD406228DB04A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
Signing time: Mon 01 Sep 2025 20:30:22 +0000
ROA not before: Mon 01 Sep 2025 20:30:22 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:5f:ab:ec:99:37:3b:a8:23:3e:21:d2:73:bb:d4:06:22:8d:b0:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:22 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=3c02beecdac472296472eccfc429cff4b5a928d92f9bf0423ee71121af496aa0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c0:42:bf:08:a5:80:43:8c:12:d4:73:3e:5e:
de:96:43:ab:76:41:8f:66:c3:32:ce:68:7f:c5:0f:
68:a5:05:b1:d4:33:58:43:9f:fa:96:2c:4d:a5:cf:
b7:c8:4d:33:69:03:3d:c3:cf:a5:93:50:ae:df:1f:
06:50:33:cf:e7:ec:88:9e:c8:56:8d:a3:e9:85:79:
f9:d5:d5:08:00:ce:e6:7e:09:73:25:fa:7f:67:b1:
dc:85:cc:11:fc:2b:83:a1:c3:a3:bc:90:d1:06:a8:
4c:df:65:a6:d1:20:0c:f4:aa:4c:7f:9c:ef:1b:54:
18:7c:0c:8a:b6:8b:a0:5a:b1:4d:28:77:8a:5f:c2:
93:37:c7:0a:74:43:2f:c3:65:75:02:5f:9e:06:ef:
16:d4:69:22:bb:0d:3a:20:1a:43:83:a2:4c:91:5c:
46:79:6f:06:91:79:73:35:c2:81:56:b5:9c:54:b2:
5e:bf:bd:fa:98:1a:9a:e7:19:4b:cc:c9:4f:3d:11:
1e:28:b1:a2:f3:33:c9:0b:2f:d4:e9:ea:d6:d9:16:
e1:35:5e:32:57:f6:b5:45:b7:d7:16:4a:ff:a9:4f:
6b:c8:7c:75:05:f0:e4:47:8e:9c:46:f1:14:04:dd:
f1:a9:19:c0:3e:09:7a:5f:6b:5b:c6:6a:db:7a:4c:
04:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:CF:47:2F:31:79:A6:B9:22:04:1C:07:F4:15:9D:AB:50:9B:67:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b61f858a-31b1-485a-8ced-0c328ce9c4e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
9b:36:99:bf:56:83:c7:ba:c0:55:d3:63:80:a2:ff:e8:b6:f7:
dc:38:6e:cd:f5:18:53:6e:75:a8:03:49:ac:5e:7d:76:22:59:
e7:9e:41:4c:1a:bf:f3:5d:c5:0a:8c:07:89:b8:a3:77:69:29:
b1:45:43:af:5c:55:f3:86:3e:39:bd:55:a5:77:c1:c3:7c:ca:
ef:4d:45:d0:a6:db:b9:04:99:cd:98:02:fa:cd:b7:8d:4e:78:
56:90:d0:6f:63:81:aa:96:39:49:60:37:18:f8:36:61:f8:90:
33:d2:1a:2c:41:f2:8f:aa:81:a4:24:56:e5:18:a1:27:e1:a0:
6e:97:83:d6:ef:35:bc:f3:01:97:70:f6:3b:f5:d2:71:e3:90:
0a:bc:f9:d7:a5:d8:95:de:4a:a2:86:d0:30:ba:0f:b4:e0:b2:
55:e0:19:bd:88:b4:93:06:71:24:d7:75:11:98:cb:dc:21:72:
9b:d1:21:18:17:5c:6f:b4:91:62:f2:25:b3:8c:3d:d5:d9:51:
d8:75:73:bc:60:53:f0:27:88:dd:8c:c1:bb:db:4e:18:fe:5c:
d7:07:d5:90:d0:97:e4:e2:a5:2d:cd:b2:b3:6d:75:51:a4:51:
fd:c1:93:ca:34:58:40:fd:2f:44:ff:ab:c0:9f:8e:89:62:cc:
b6:26:8e:13
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE1+r7Jk3O6gjPiHSc7vUBiKNsEowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwMjJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjMDJiZWVjZGFjNDcyMjk2NDcyZWNjZmM0MjljZmY0YjVhOTI4ZDkyZjli
ZjA0MjNlZTcxMTIxYWY0OTZhYTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPAQr8IpYBDjBLUcz5e3pZDq3ZBj2bDMs5of8UPaKUFsdQzWEOf+pYsTaXP
t8hNM2kDPcPPpZNQrt8fBlAzz+fsiJ7IVo2j6YV5+dXVCADO5n4JcyX6f2ex3IXM
Efwrg6HDo7yQ0QaoTN9lptEgDPSqTH+c7xtUGHwMiraLoFqxTSh3il/CkzfHCnRD
L8NldQJfngbvFtRpIrsNOiAaQ4OiTJFcRnlvBpF5czXCgVa1nFSyXr+9+pgamucZ
S8zJTz0RHiixovMzyQsv1Onq1tkW4TVeMlf2tUW31xZK/6lPa8h8dQXw5EeOnEbx
FATd8akZwD4Jel9rW8Zq23pMBNMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQlz0cv
MXmmuSIEHAf0FZ2rUJtnNjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjYxZjg1OGEtMzFiMS00ODVhLThjZWQtMGMzMjhjZTljNGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9A
MA0GCSqGSIb3DQEBCwUAA4IBAQCbNpm/VoPHusBV02OAov/otvfcOG7N9RhTbnWo
A0msXn12IlnnnkFMGr/zXcUKjAeJuKN3aSmxRUOvXFXzhj45vVWld8HDfMrvTUXQ
ptu5BJnNmAL6zbeNTnhWkNBvY4GqljlJYDcY+DZh+JAz0hosQfKPqoGkJFblGKEn
4aBul4PW7zW88wGXcPY79dJx45AKvPnXpdiV3kqihtAwug+04LJV4Bm9iLSTBnEk
13URmMvcIXKb0SEYF1xvtJFi8iWzjD3V2VHYdXO8YFPwJ4jdjMG7204Y/lzXB9WQ
0Jfk4qUtzbKzbXVRpFH9wZPKNFhA/S9E/6vAn46JYsy2Jo4T
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:16 2025 by rpki-client