Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
File: ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa (raw, json)
Hash identifier: 38ryZsembz6/me7xNH7rc+GbVViyikgrgv65tc7XYq4=
Subject key identifier: EB:45:28:FE:7D:64:7F:58:22:9A:E5:D7:6B:21:C4:FE:80:93:36:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 18F52478DB2C418C43483622C00A6FE221CCFBE4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
Signing time: Mon 01 Sep 2025 21:00:56 +0000
ROA not before: Mon 01 Sep 2025 21:00:56 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:f5:24:78:db:2c:41:8c:43:48:36:22:c0:0a:6f:e2:21:cc:fb:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:00:56 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=29f1d76e19ae5b395670b261dc48316b722d0fd1418370263466d532a27e447b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e0:89:64:39:c1:66:65:64:64:c9:92:02:0a:
7c:21:e9:2e:bf:e6:03:d9:42:89:89:57:b0:b4:78:
5c:2e:09:d9:43:25:ac:9a:b7:22:94:b0:de:19:9b:
41:0d:2f:61:e2:d9:50:ef:b7:06:73:46:99:7f:58:
bf:eb:99:19:35:c9:46:79:8e:15:4d:f8:26:61:24:
af:2c:ca:a2:11:a3:86:c7:9a:60:72:48:32:93:e6:
6c:65:10:8c:18:0b:d0:b4:f4:18:fa:11:e1:fd:16:
b5:b2:8a:10:1d:86:d5:e7:b2:b5:99:61:00:8b:b1:
23:aa:e8:fc:1a:6f:35:1c:5c:2c:76:fd:93:ea:d2:
63:f0:c0:97:19:d0:84:f9:32:7d:eb:73:6f:fd:14:
e5:20:44:20:5c:f9:57:c9:e8:a6:ea:0e:62:ea:05:
a3:4a:a7:b0:22:d2:b8:89:a6:11:34:48:f2:f3:35:
aa:36:2b:cd:b8:1a:57:d6:62:23:fb:e1:db:d3:42:
bb:26:d0:50:dc:f4:f4:dd:33:72:75:76:a8:f5:fd:
c5:af:dc:00:b1:13:5c:fb:0a:45:9f:17:5e:70:5b:
08:b9:8b:4c:e9:86:65:17:04:6f:bc:40:15:ee:e0:
f6:83:69:6f:07:7f:ab:58:81:a2:cc:ac:61:30:c5:
91:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:45:28:FE:7D:64:7F:58:22:9A:E5:D7:6B:21:C4:FE:80:93:36:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:a000::/40
Signature Algorithm: sha256WithRSAEncryption
13:11:8e:6e:f8:e4:71:18:a9:1a:82:8c:79:28:5e:c1:d8:48:
67:51:27:8e:49:fc:31:eb:59:d8:cb:8d:c1:47:15:3c:aa:22:
4c:64:b9:df:91:10:6e:39:80:eb:d1:0c:65:55:e3:f3:7b:03:
66:f3:76:ab:ea:bb:6c:dc:0a:04:8e:e5:1a:93:62:8b:ef:5a:
e6:ed:5e:09:e0:8a:f2:26:08:ce:d2:3b:b7:d9:7c:ba:af:a0:
7c:5a:d5:1c:cd:ae:55:74:ef:7a:7f:7c:4b:e4:d5:a9:af:de:
4a:61:dd:ad:4f:32:0b:30:60:49:df:4d:26:fe:90:76:90:ee:
fe:86:96:fc:67:4e:54:02:66:d3:75:06:42:4d:70:fd:77:b4:
9e:2f:0e:f4:03:7b:6d:7f:37:dc:00:7c:b7:34:54:47:a5:07:
55:57:87:b8:90:65:54:02:10:3c:85:9e:0b:13:54:79:41:d3:
dd:73:85:10:a6:30:a0:a2:91:2e:ea:8f:79:5e:bd:b3:0c:e7:
2a:92:ac:34:25:76:d1:3d:dc:67:a6:63:c9:80:69:2f:92:b0:
42:99:45:5e:fd:21:de:35:53:9c:9b:b2:14:45:c3:43:81:ce:
04:c8:11:8a:4f:88:61:78:1b:e3:46:ba:3b:ef:75:cd:de:1a:
89:e3:c6:60
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGPUkeNssQYxDSDYiwApv4iHM++QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAwNTZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5ZjFkNzZlMTlhZTViMzk1NjcwYjI2MWRjNDgzMTZiNzIyZDBmZDE0MTgz
NzAyNjM0NjZkNTMyYTI3ZTQ0N2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjgiWQ5wWZlZGTJkgIKfCHpLr/mA9lCiYlXsLR4XC4J2UMlrJq3IpSw3hmb
QQ0vYeLZUO+3BnNGmX9Yv+uZGTXJRnmOFU34JmEkryzKohGjhseaYHJIMpPmbGUQ
jBgL0LT0GPoR4f0WtbKKEB2G1eeytZlhAIuxI6ro/BpvNRxcLHb9k+rSY/DAlxnQ
hPkyfetzb/0U5SBEIFz5V8nopuoOYuoFo0qnsCLSuImmETRI8vM1qjYrzbgaV9Zi
I/vh29NCuybQUNz09N0zcnV2qPX9xa/cALETXPsKRZ8XXnBbCLmLTOmGZRcEb7xA
Fe7g9oNpbwd/q1iBosysYTDFkR0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTrRSj+
fWR/WCKa5ddrIcT+gJM2jzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2UyYmMxZDctZTQyOS00MzUwLWI5Y2QtYTQ5MTU4ZDJiMTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dig
MA0GCSqGSIb3DQEBCwUAA4IBAQATEY5u+ORxGKkagox5KF7B2EhnUSeOSfwx61nY
y43BRxU8qiJMZLnfkRBuOYDr0QxlVePzewNm83ar6rts3AoEjuUak2KL71rm7V4J
4IryJgjO0ju32Xy6r6B8WtUcza5VdO96f3xL5NWpr95KYd2tTzILMGBJ300m/pB2
kO7+hpb8Z05UAmbTdQZCTXD9d7SeLw70A3ttfzfcAHy3NFRHpQdVV4e4kGVUAhA8
hZ4LE1R5QdPdc4UQpjCgopEu6o95Xr2zDOcqkqw0JXbRPdxnpmPJgGkvkrBCmUVe
/SHeNVOcm7IURcNDgc4EyBGKT4hheBvjRro773XN3hqJ48Zg
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:47 2025 by rpki-client