Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
File: b7d242ad-482b-4700-888a-b677a178a4bf.roa (raw, json)
Hash identifier: jLn5QMLPtgH7KZcD5iiYKx/ccUpuZOh627A2Yapa5oc=
Subject key identifier: E7:43:90:CD:0C:CC:A6:69:9F:C2:F8:EC:04:8B:3C:AD:33:BC:69:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 178EBD5008DF2A55BA145B479377F2EA46D1A4F4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
Signing time: Mon 01 Sep 2025 20:10:17 +0000
ROA not before: Mon 01 Sep 2025 20:10:17 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:8e:bd:50:08:df:2a:55:ba:14:5b:47:93:77:f2:ea:46:d1:a4:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:10:17 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=363fbf4273fd8259897223a0b5350cb2d0499e18824efaa1de6e0f6a13652811, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:fc:cc:ea:99:ef:1d:07:33:fd:e8:a0:f3:ec:
ec:16:be:2b:91:ff:96:4a:c2:26:26:04:43:f4:9f:
8e:7e:b7:af:df:b3:72:ea:42:a5:44:bc:9a:76:2b:
32:03:69:98:93:18:27:c8:a8:c7:c9:fa:5f:f6:aa:
ef:a8:3e:a9:5a:ec:a6:bf:75:fa:cd:80:72:16:fb:
46:2c:78:ef:22:74:c3:31:3f:0d:48:19:2e:64:d0:
51:fd:13:39:88:3e:59:b0:20:be:83:44:03:b4:16:
5d:80:7f:b3:39:6c:77:b9:1a:07:9a:0d:e0:89:5a:
87:34:48:89:1f:ec:25:6e:0d:ce:6a:0f:0a:f9:03:
71:95:63:c7:48:94:3d:34:39:c0:c8:bb:a4:af:07:
c2:f2:a2:d5:30:8e:68:0d:dc:8f:42:6d:04:a0:3b:
36:bf:95:ae:5c:99:9b:73:c2:0a:a3:24:cb:37:66:
bb:f0:1b:21:4e:02:81:76:b9:50:ff:12:3a:71:a7:
ca:c6:f7:de:d6:5f:d1:54:d1:70:f7:7b:cc:67:d6:
7e:b0:1b:e7:aa:dd:9b:3f:d4:6f:4c:b9:c6:7a:86:
67:1d:6a:20:09:4c:a8:92:8d:57:a7:dd:a9:10:2b:
78:e6:34:f4:df:eb:09:90:94:14:c9:91:31:08:2b:
f8:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:43:90:CD:0C:CC:A6:69:9F:C2:F8:EC:04:8B:3C:AD:33:BC:69:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b7d242ad-482b-4700-888a-b677a178a4bf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6080::/48
Signature Algorithm: sha256WithRSAEncryption
1f:23:bc:a7:cb:5a:5a:39:66:5d:c8:68:d3:ce:62:24:40:28:
fa:14:dd:02:24:0b:d8:4b:67:15:29:fa:2f:c1:c7:af:08:82:
a6:75:68:99:b2:99:19:fd:c6:3c:22:73:d9:65:02:4b:31:ff:
9a:9d:4d:d9:55:5d:f9:ee:f6:08:0b:10:94:12:70:08:e7:b2:
c0:cb:d1:13:86:af:e7:c5:ef:1c:0c:f9:60:c3:de:de:3d:4a:
6c:3a:a4:be:ed:5d:c4:0a:e0:46:1f:b8:bd:c7:33:d1:bf:e1:
86:d3:26:ad:5e:fb:22:43:e1:db:12:5f:a4:6e:bc:97:e6:24:
22:5a:a2:ee:53:55:f9:0d:f5:55:04:bc:ce:5b:35:b7:bc:e0:
ee:3a:ee:8e:bd:97:e1:99:ee:bf:f6:69:80:f8:d3:96:65:96:
16:3d:09:e2:fe:f7:7d:da:e1:ff:cc:26:ad:12:c5:ad:9c:46:
d2:21:db:21:20:83:e7:92:81:07:8f:3a:48:ff:d7:69:31:07:
ff:f4:4a:f3:6f:cf:cc:22:cc:fa:42:f7:9b:bb:3b:f7:1c:dc:
fe:c5:db:24:85:e4:48:76:fe:d9:ad:83:d9:f4:2c:cc:c3:44:
12:da:68:03:7d:eb:89:86:8c:94:24:b3:2f:36:1b:ef:db:c7:
64:3c:a5:c2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUF469UAjfKlW6FFtHk3fy6kbRpPQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDEwMTdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2M2ZiZjQyNzNmZDgyNTk4OTcyMjNhMGI1MzUwY2IyZDA0OTllMTg4MjRl
ZmFhMWRlNmUwZjZhMTM2NTI4MTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJP8zOqZ7x0HM/3ooPPs7Ba+K5H/lkrCJiYEQ/Sfjn63r9+zcupCpUS8mnYr
MgNpmJMYJ8iox8n6X/aq76g+qVrspr91+s2Achb7Rix47yJ0wzE/DUgZLmTQUf0T
OYg+WbAgvoNEA7QWXYB/szlsd7kaB5oN4IlahzRIiR/sJW4NzmoPCvkDcZVjx0iU
PTQ5wMi7pK8HwvKi1TCOaA3cj0JtBKA7Nr+VrlyZm3PCCqMkyzdmu/AbIU4CgXa5
UP8SOnGnysb33tZf0VTRcPd7zGfWfrAb56rdmz/Ub0y5xnqGZx1qIAlMqJKNV6fd
qRAreOY09N/rCZCUFMmRMQgr+G0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTnQ5DN
DMymaZ/C+OwEizytM7xpeTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjdkMjQyYWQtNDgyYi00NzAwLTg4OGEtYjY3N2ExNzhhNGJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJg
gDANBgkqhkiG9w0BAQsFAAOCAQEAHyO8p8taWjlmXcho085iJEAo+hTdAiQL2Etn
FSn6L8HHrwiCpnVombKZGf3GPCJz2WUCSzH/mp1N2VVd+e72CAsQlBJwCOeywMvR
E4av58XvHAz5YMPe3j1KbDqkvu1dxArgRh+4vccz0b/hhtMmrV77IkPh2xJfpG68
l+YkIlqi7lNV+Q31VQS8zls1t7zg7jrujr2X4Znuv/ZpgPjTlmWWFj0J4v73fdrh
/8wmrRLFrZxG0iHbISCD55KBB486SP/XaTEH//RK82/PzCLM+kL3m7s79xzc/sXb
JIXkSHb+2a2D2fQszMNEEtpoA33riYaMlCSzLzYb79vHZDylwg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:10:25 2025 by rpki-client