Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
File: c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa (raw, json)
Hash identifier: 0YeKSINJRlwlkR37oKSzKrQYavdDUGGP9DzE6u1WMf0=
Subject key identifier: BB:82:7B:4A:D2:21:27:87:42:BE:A1:6E:24:8A:E7:8B:0B:80:58:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50E02F9EFDB52443B8BA3485FB3FA08E4AC9227B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
Signing time: Mon 01 Sep 2025 20:40:17 +0000
ROA not before: Mon 01 Sep 2025 20:40:17 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 09:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:e0:2f:9e:fd:b5:24:43:b8:ba:34:85:fb:3f:a0:8e:4a:c9:22:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:40:17 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=27d6b117686a1c545058776ffbfcada5eb159ff1e62e3ef909cef3ce5c265483, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:eb:f3:64:75:f0:22:9c:8c:d9:6f:af:fc:8d:
9e:5a:9c:7b:5b:2c:aa:a5:fd:a7:8c:6e:a3:d0:c2:
06:e9:e1:a0:c8:a1:33:d9:b8:ae:70:aa:09:20:a2:
97:ac:ca:4a:4d:d4:77:b5:91:20:74:e1:1a:1a:05:
cb:3f:b6:51:6d:df:a3:72:d2:79:16:cf:01:d5:f1:
16:83:88:7e:cb:a7:50:99:d8:7a:a4:1e:0f:73:a7:
57:70:ba:64:c1:ee:49:10:cb:48:f3:2d:ba:d8:4c:
9f:b9:3a:fd:74:81:72:8e:3a:f6:26:03:92:ea:85:
89:8f:77:1a:36:24:e1:a8:59:ff:a4:12:bb:cb:25:
c7:dd:a4:5c:17:ce:9e:02:10:ab:03:58:c9:60:67:
00:8c:1e:b5:d1:c8:46:8c:f4:6b:2d:e7:c6:af:f5:
97:a0:47:a4:2f:46:ab:50:c5:08:68:91:fa:d0:54:
ca:20:09:18:e9:f4:f9:0c:3a:09:94:52:2a:aa:c3:
7f:20:65:a7:da:18:0c:5b:fd:9a:d1:6f:c2:b4:4f:
0b:c5:18:62:4a:0a:a6:b5:76:ed:e2:ee:ee:74:5b:
17:44:60:f0:b0:85:8e:48:78:5d:b4:ff:35:7e:2d:
dc:8c:ac:2f:cb:9b:a9:89:9e:ae:45:ba:59:be:d3:
ef:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:82:7B:4A:D2:21:27:87:42:BE:A1:6E:24:8A:E7:8B:0B:80:58:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c39dd71c-f22c-4bb4-9c6f-dfc8c6a02ffd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:a000::/40
Signature Algorithm: sha256WithRSAEncryption
51:94:17:60:48:ed:df:4c:80:0e:0f:f2:39:5a:cf:ba:89:3b:
9b:97:a2:c3:10:2f:2b:dd:92:20:ff:44:82:b2:46:d9:3d:63:
9d:fa:1b:fc:1d:f6:c0:e9:ff:08:13:89:f9:4a:2a:5c:05:01:
12:c5:a4:c8:98:00:6f:98:dc:5f:c9:8b:20:52:b7:e2:d9:d0:
f3:c4:b5:7a:f5:ec:df:ce:bf:71:34:c4:83:01:82:24:4f:36:
79:b9:39:a7:70:23:78:5e:dd:75:bd:b6:f3:29:38:d0:75:39:
08:5a:c6:56:56:aa:33:72:33:9c:83:4e:6c:7b:76:5f:a8:1b:
4d:bd:a3:1a:a1:be:f3:e7:21:36:94:2d:29:ae:5d:44:e5:35:
8a:19:7c:d3:66:39:e5:0f:58:2a:cb:97:40:2d:7b:7b:15:1a:
5c:cf:c0:72:86:7b:42:48:de:73:91:22:d8:fd:58:4d:64:3a:
ac:e3:a1:90:66:a7:e2:78:7f:fb:e5:e2:c0:db:9b:0f:2e:70:
8f:0e:5c:92:82:3f:9e:b9:da:bd:8c:4f:bb:d9:b1:6c:88:1d:
85:e9:71:f8:c8:ea:dc:a3:39:d1:57:48:f4:52:01:ba:6e:57:
2e:2d:61:19:de:57:97:80:10:8d:46:95:90:a6:c8:b6:ea:9d:
76:3b:53:a8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUOAvnv21JEO4ujSF+z+gjkrJInswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQwMTdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3ZDZiMTE3Njg2YTFjNTQ1MDU4Nzc2ZmZiZmNhZGE1ZWIxNTlmZjFlNjJl
M2VmOTA5Y2VmM2NlNWMyNjU0ODMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzr82R18CKcjNlvr/yNnlqce1ssqqX9p4xuo9DCBunhoMihM9m4rnCqCSCi
l6zKSk3Ud7WRIHThGhoFyz+2UW3fo3LSeRbPAdXxFoOIfsunUJnYeqQeD3OnV3C6
ZMHuSRDLSPMtuthMn7k6/XSBco469iYDkuqFiY93GjYk4ahZ/6QSu8slx92kXBfO
ngIQqwNYyWBnAIwetdHIRoz0ay3nxq/1l6BHpC9Gq1DFCGiR+tBUyiAJGOn0+Qw6
CZRSKqrDfyBlp9oYDFv9mtFvwrRPC8UYYkoKprV27eLu7nRbF0Rg8LCFjkh4XbT/
NX4t3IysL8ubqYmerkW6Wb7T700CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS7gntK
0iEnh0K+oW4kiueLC4BYrDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzM5ZGQ3MWMtZjIyYy00YmI0LTljNmYtZGZjOGM2YTAyZmZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6g
MA0GCSqGSIb3DQEBCwUAA4IBAQBRlBdgSO3fTIAOD/I5Ws+6iTubl6LDEC8r3ZIg
/0SCskbZPWOd+hv8HfbA6f8IE4n5SipcBQESxaTImABvmNxfyYsgUrfi2dDzxLV6
9ezfzr9xNMSDAYIkTzZ5uTmncCN4Xt11vbbzKTjQdTkIWsZWVqozcjOcg05se3Zf
qBtNvaMaob7z5yE2lC0prl1E5TWKGXzTZjnlD1gqy5dALXt7FRpcz8ByhntCSN5z
kSLY/VhNZDqs46GQZqfieH/75eLA25sPLnCPDlySgj+eudq9jE+72bFsiB2F6XH4
yOrcoznRV0j0UgG6blcuLWEZ3leXgBCNRpWQpsi26p12O1Oo
-----END CERTIFICATE-----
Generated at Thu Sep 18 12:03:32 2025 by rpki-client