Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b92d2073-fe74-4c3d-87a9-37106f766cba.roa
File: b92d2073-fe74-4c3d-87a9-37106f766cba.roa (raw, json)
Hash identifier: sTv/QNkgymWsw1KctmN1qzU1DyhJIw5jarcA1rLehnA=
Subject key identifier: 72:F4:19:34:15:BC:6D:1B:B6:3E:DB:F8:0C:CB:44:78:44:24:AE:05
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2E1B928CFE6C71D9F44E7EBDE8643F631F11C2C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b92d2073-fe74-4c3d-87a9-37106f766cba.roa
Signing time: Mon 01 Sep 2025 20:00:52 +0000
ROA not before: Mon 01 Sep 2025 20:00:52 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:1b:92:8c:fe:6c:71:d9:f4:4e:7e:bd:e8:64:3f:63:1f:11:c2:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:00:52 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=afe693c39dc54ce7ecef5e954b47cfb177b751ea85bfe5a0742a9bf0c01227be, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:46:ee:d4:4a:fc:77:86:3a:f8:24:77:b7:38:
ae:21:b9:17:d4:ef:46:03:ba:3e:4b:e3:3b:0d:8d:
73:06:25:88:a6:ca:ff:55:1f:7e:2c:ab:c1:3f:f4:
1a:24:be:e6:6d:b0:09:29:79:b1:33:9f:a8:7a:12:
94:6f:fc:bc:2e:6c:18:6a:b3:00:8b:ad:e8:71:9a:
55:59:cb:b8:48:bc:c3:cc:d6:1c:44:7e:6b:78:3c:
55:c8:49:f4:95:22:48:9c:11:af:5f:30:be:e9:a8:
82:52:5d:9c:53:53:74:45:41:62:c7:c6:12:b6:99:
3c:ea:ba:46:f6:0a:86:95:32:92:7b:e9:5f:65:2e:
eb:47:26:e1:64:77:b6:99:4d:b7:ae:f1:e7:2c:1e:
11:ec:47:85:95:5a:b7:07:72:db:85:27:4b:80:0f:
74:3f:18:6b:b5:08:b2:df:04:7a:4b:98:50:bf:b1:
87:c7:47:04:39:16:98:34:15:93:af:5d:61:a7:ef:
b9:69:5a:c1:e0:78:18:6a:b1:ff:8f:a7:85:1f:da:
14:00:f5:cf:32:5d:1e:92:e9:b2:9b:96:63:2a:c1:
0a:53:71:59:4a:da:2d:c6:0f:4d:d8:75:cb:3f:7b:
57:cd:9f:16:0f:23:dc:a5:34:a4:d0:b2:cd:c5:c4:
2b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F4:19:34:15:BC:6D:1B:B6:3E:DB:F8:0C:CB:44:78:44:24:AE:05
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b92d2073-fe74-4c3d-87a9-37106f766cba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8060::/48
Signature Algorithm: sha256WithRSAEncryption
06:b1:39:67:e8:1d:bd:32:4b:44:bb:2f:7f:27:87:6b:19:2d:
96:f8:9c:f5:9d:07:c8:c7:e3:b9:63:fe:30:0e:56:87:98:52:
d2:7b:86:aa:5b:5b:ee:b8:3d:9e:77:30:37:ad:a6:04:95:64:
2f:4a:e5:69:bd:4a:6d:44:3d:9f:c0:7f:5b:85:b0:51:53:e5:
f7:ed:2d:af:a0:0d:c1:96:c4:da:62:15:b2:6b:17:04:07:f6:
f3:4e:e3:7e:62:b5:cb:71:0e:10:d1:24:14:f3:45:61:16:18:
a9:15:c9:d0:36:06:48:b9:25:c5:0a:7c:c1:52:ed:27:49:d5:
6b:69:3d:2c:fd:03:5b:ca:50:a2:f6:ce:26:61:d6:08:7a:25:
ff:81:ec:ba:eb:77:04:d3:41:de:bc:7b:1d:74:b7:c1:85:11:
81:75:39:fd:a6:45:c8:8d:62:85:6a:a9:c3:64:e2:c5:97:5d:
d8:e2:36:4e:ee:05:cb:1c:c0:f7:42:93:b1:47:b6:e6:a5:da:
a7:3c:71:5a:fb:28:79:25:1d:f0:73:ba:3e:2d:30:74:03:f2:
27:df:e6:31:69:3d:2d:18:68:53:bb:4f:1b:4d:43:2d:f5:47:
18:82:81:88:eb:e5:69:b3:2a:36:54:c2:78:8c:c8:d3:1c:fc:
37:e7:4c:02
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULhuSjP5scdn0Tn696GQ/Yx8RwsgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDAwNTJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmZTY5M2MzOWRjNTRjZTdlY2VmNWU5NTRiNDdjZmIxNzdiNzUxZWE4NWJm
ZTVhMDc0MmE5YmYwYzAxMjI3YmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtG7tRK/HeGOvgkd7c4riG5F9TvRgO6PkvjOw2NcwYliKbK/1UffiyrwT/0
GiS+5m2wCSl5sTOfqHoSlG/8vC5sGGqzAIut6HGaVVnLuEi8w8zWHER+a3g8VchJ
9JUiSJwRr18wvumoglJdnFNTdEVBYsfGEraZPOq6RvYKhpUyknvpX2Uu60cm4WR3
tplNt67x5yweEexHhZVatwdy24UnS4APdD8Ya7UIst8EekuYUL+xh8dHBDkWmDQV
k69dYafvuWlaweB4GGqx/4+nhR/aFAD1zzJdHpLpspuWYyrBClNxWUraLcYPTdh1
yz97V82fFg8j3KU0pNCyzcXEK3cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRy9Bk0
FbxtG7Y+2/gMy0R4RCSuBTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjkyZDIwNzMtZmU3NC00YzNkLTg3YTktMzcxMDZmNzY2Y2JhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
YDANBgkqhkiG9w0BAQsFAAOCAQEABrE5Z+gdvTJLRLsvfyeHaxktlvic9Z0HyMfj
uWP+MA5Wh5hS0nuGqltb7rg9nncwN62mBJVkL0rlab1KbUQ9n8B/W4WwUVPl9+0t
r6ANwZbE2mIVsmsXBAf2807jfmK1y3EOENEkFPNFYRYYqRXJ0DYGSLklxQp8wVLt
J0nVa2k9LP0DW8pQovbOJmHWCHol/4Hsuut3BNNB3rx7HXS3wYURgXU5/aZFyI1i
hWqpw2TixZdd2OI2Tu4FyxzA90KTsUe25qXapzxxWvsoeSUd8HO6Pi0wdAPyJ9/m
MWk9LRhoU7tPG01DLfVHGIKBiOvlabMqNlTCeIzI0xz8N+dMAg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:10 2025 by rpki-client