Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
File: cd129ecb-5978-40fd-ada8-5ab27adcb622.roa (raw, json)
Hash identifier: IdyB3D2SX2LCBKxEBRkv2rsVnpLyZT+8r/pdQFv1hJ4=
Subject key identifier: 0F:A7:07:9C:4E:66:67:7C:36:49:DD:1D:CB:7F:26:48:AA:A7:28:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 413881E19077941F356D76857B1DBFD5EACB1D31
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
Signing time: Mon 01 Sep 2025 20:10:18 +0000
ROA not before: Mon 01 Sep 2025 20:10:18 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:38:81:e1:90:77:94:1f:35:6d:76:85:7b:1d:bf:d5:ea:cb:1d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:10:18 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=72e6656cea40afa14f104d1b4ead46f2dce429059713382c79f9788d407fd20d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:fd:a3:2a:9a:ab:e1:9b:e4:ab:8d:ba:f6:d0:
68:d8:57:e9:99:72:cb:5a:b3:06:54:70:f6:02:f6:
4a:8b:11:04:e6:c9:51:27:aa:c0:b1:16:34:15:e7:
6d:a8:f2:88:b5:58:b0:d3:06:7c:9c:77:35:11:09:
74:a2:7d:7e:30:07:66:72:17:a7:05:92:2a:ad:4e:
8e:0f:7e:90:f5:40:87:cd:35:17:47:25:1d:6b:de:
a5:98:01:61:04:fb:3a:ff:8a:0b:35:3b:ba:97:00:
d1:cd:58:fe:0b:38:a4:40:cb:bc:30:72:d6:57:a6:
d2:41:7c:19:e7:8e:a7:20:bc:b7:2b:ed:0b:bf:b6:
23:c2:ee:e8:d7:ff:4a:21:b5:00:5a:99:60:e4:5a:
1d:d4:ee:30:5c:a0:d9:a5:c0:b1:40:69:77:6f:02:
a2:8f:f0:66:3e:54:43:93:38:df:3f:db:d8:cd:fc:
21:6f:1d:d3:f6:16:f0:a8:40:d0:94:5d:98:d3:fa:
b8:3e:67:ee:ab:72:d0:3e:e0:55:22:d6:c4:76:24:
46:1c:68:ce:4b:df:8f:0b:e9:54:2a:eb:1f:1f:7e:
09:60:b7:ab:11:36:84:b1:65:87:24:6b:5b:05:1a:
42:15:73:08:d7:80:bd:8b:88:7c:e2:47:e8:54:b4:
8b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A7:07:9C:4E:66:67:7C:36:49:DD:1D:CB:7F:26:48:AA:A7:28:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cd129ecb-5978-40fd-ada8-5ab27adcb622.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
3e:6f:9f:24:a3:29:9b:e4:7d:84:5d:17:b9:36:b6:c0:fc:00:
1b:14:b0:f4:bf:13:4f:7a:26:a3:79:24:8c:fc:fb:df:a1:ec:
4a:57:9d:dd:42:6b:a7:b4:1b:79:a1:7f:55:f4:a3:8c:14:30:
1e:42:ac:c4:aa:a0:d1:d8:1c:5a:37:93:ca:87:61:37:bb:b2:
29:94:f8:5b:d8:22:86:73:32:04:fa:21:51:32:e7:3b:10:fd:
b7:a4:8f:79:e5:c1:c6:85:cd:a9:9f:6d:0e:00:be:13:4e:fc:
3b:38:4b:55:7d:bc:5b:f6:91:97:ca:b0:17:8f:a3:6f:5b:f0:
6c:f1:ec:40:c3:21:49:1f:74:76:33:81:d1:36:0a:94:23:35:
a9:12:bb:82:d7:66:70:89:f8:f8:db:d9:f1:9f:1e:ca:87:c6:
2b:fa:cf:b1:b6:45:52:bf:3f:a5:07:18:3a:e3:60:49:52:49:
3b:0e:41:3f:51:14:7c:cc:a2:b4:b3:04:02:51:ad:74:86:fc:
cc:21:e5:be:ef:79:d5:c8:ea:81:13:3b:31:fd:ad:44:af:b8:
45:a2:c0:ce:bd:44:b4:06:68:d5:69:59:1d:81:84:ab:75:8d:
50:ac:b7:be:6a:0a:ed:9a:be:94:42:bb:7a:68:c2:a9:c6:79:
41:6c:76:ce
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQTiB4ZB3lB81bXaFex2/1erLHTEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDEwMThaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyZTY2NTZjZWE0MGFmYTE0ZjEwNGQxYjRlYWQ0NmYyZGNlNDI5MDU5NzEz
MzgyYzc5Zjk3ODhkNDA3ZmQyMGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOD9oyqaq+Gb5KuNuvbQaNhX6Zlyy1qzBlRw9gL2SosRBObJUSeqwLEWNBXn
bajyiLVYsNMGfJx3NREJdKJ9fjAHZnIXpwWSKq1Ojg9+kPVAh801F0clHWvepZgB
YQT7Ov+KCzU7upcA0c1Y/gs4pEDLvDBy1lem0kF8GeeOpyC8tyvtC7+2I8Lu6Nf/
SiG1AFqZYORaHdTuMFyg2aXAsUBpd28Coo/wZj5UQ5M43z/b2M38IW8d0/YW8KhA
0JRdmNP6uD5n7qty0D7gVSLWxHYkRhxozkvfjwvpVCrrHx9+CWC3qxE2hLFlhyRr
WwUaQhVzCNeAvYuIfOJH6FS0i+cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQPpwec
TmZnfDZJ3R3LfyZIqqcoDzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2QxMjllY2ItNTk3OC00MGZkLWFkYTgtNWFiMjdhZGNiNjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
wDANBgkqhkiG9w0BAQsFAAOCAQEAPm+fJKMpm+R9hF0XuTa2wPwAGxSw9L8TT3om
o3kkjPz736HsSled3UJrp7QbeaF/VfSjjBQwHkKsxKqg0dgcWjeTyodhN7uyKZT4
W9gihnMyBPohUTLnOxD9t6SPeeXBxoXNqZ9tDgC+E078OzhLVX28W/aRl8qwF4+j
b1vwbPHsQMMhSR90djOB0TYKlCM1qRK7gtdmcIn4+NvZ8Z8eyofGK/rPsbZFUr8/
pQcYOuNgSVJJOw5BP1EUfMyitLMEAlGtdIb8zCHlvu951cjqgRM7Mf2tRK+4RaLA
zr1EtAZo1WlZHYGEq3WNUKy3vmoK7Zq+lEK7emjCqcZ5QWx2zg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:30 2025 by rpki-client