Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf8326d0-ecc0-4939-9939-2ed70f6ea536.roa
File: cf8326d0-ecc0-4939-9939-2ed70f6ea536.roa (raw, json)
Hash identifier: /6uNTTPIk/AaECv/3VzH4TaMjfMJ4EVqhk8zNutCi6c=
Subject key identifier: AA:6B:A3:1F:B9:A4:93:4F:DE:DE:BD:E6:BA:29:21:F9:76:3B:DA:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 114281B95B545DDDA78F87C82CF1C94CFADE3A64
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf8326d0-ecc0-4939-9939-2ed70f6ea536.roa
Signing time: Mon 01 Sep 2025 20:21:27 +0000
ROA not before: Mon 01 Sep 2025 20:21:27 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:42:81:b9:5b:54:5d:dd:a7:8f:87:c8:2c:f1:c9:4c:fa:de:3a:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:21:27 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=468e255bac05efcadad9e96809dd6fa83b64b3a7619fb0c63104d0794084ad57, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:12:73:0d:5b:11:eb:3e:39:3a:d9:c2:4c:2c:
cb:d1:75:bc:19:29:b3:b4:cb:cb:d8:97:2a:9d:22:
a7:af:ab:68:87:2d:18:be:82:46:1d:9b:6c:83:d1:
58:d2:b4:04:f7:74:15:13:d5:da:eb:15:73:1f:a0:
38:ed:a8:13:47:d3:09:ee:d3:e3:d1:3f:a7:03:ae:
fd:88:e1:58:95:83:2a:f6:b8:d5:0e:01:c4:ac:af:
79:c7:a5:d4:b4:d6:8e:3b:06:f4:1a:02:ff:b6:8d:
63:3e:23:b7:82:5a:5e:73:68:b5:f4:d9:a9:e4:b1:
3c:24:2f:ce:15:02:53:04:5e:04:dd:fd:c7:4b:7e:
cd:12:fa:41:a5:70:d2:5a:3b:f6:61:d3:9f:3c:7e:
20:7f:73:e8:0a:0b:5e:57:57:45:6a:77:1e:4b:00:
9f:26:3e:bc:5f:f0:60:6a:d6:9b:94:a2:c6:7f:11:
8b:48:79:e3:cd:c3:ea:84:fc:89:37:bd:40:91:53:
0d:7b:4f:78:ee:db:ca:ba:f1:a7:33:cc:e9:83:fc:
2b:0b:9b:3c:c0:87:06:5f:51:43:2d:3e:15:6a:b7:
70:e1:fa:3e:d1:2b:f0:79:41:c8:3f:c1:f2:07:d6:
18:06:1f:74:21:11:b0:73:fe:f1:14:6d:2a:00:56:
a9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:6B:A3:1F:B9:A4:93:4F:DE:DE:BD:E6:BA:29:21:F9:76:3B:DA:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf8326d0-ecc0-4939-9939-2ed70f6ea536.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1040::/48
Signature Algorithm: sha256WithRSAEncryption
a5:21:2b:b9:88:66:35:9e:42:4e:21:39:67:d9:08:fc:55:22:
fa:51:84:48:51:56:47:40:59:cc:f9:2c:d8:ef:ae:64:2e:81:
88:7f:3f:65:c4:5d:07:0f:22:1f:e7:89:60:57:e2:f9:00:85:
1e:22:24:b9:90:0f:92:f5:43:91:78:cd:69:46:61:9c:8a:54:
9d:08:36:08:8b:f5:ad:55:19:c0:b4:cd:9b:61:39:d3:3b:17:
e2:16:bd:11:e3:22:41:a0:ef:fa:4e:a3:17:f7:ba:3a:a1:15:
65:df:c4:b2:1a:eb:20:74:73:6d:9f:52:35:97:dc:18:5e:c7:
d2:eb:40:ae:d9:6b:09:c7:6c:d3:fb:87:9f:cc:7a:2a:8b:0e:
bf:69:7b:de:3e:9b:e1:77:db:59:75:bb:3f:73:47:0f:2c:d2:
a5:39:03:a3:30:05:01:aa:db:4d:5f:2c:a9:bc:dd:ee:10:64:
8a:d5:f3:e6:63:6e:3b:7b:38:20:fb:6e:af:07:1e:5f:fa:6c:
25:56:06:70:62:59:e6:9b:bd:64:e1:6e:ed:1d:8a:0b:a5:c9:
12:c7:9f:a5:84:13:04:8c:8e:c2:35:49:fb:8b:13:47:d3:61:
f7:b8:14:f2:e7:cc:e5:ea:d8:64:71:7e:0a:f6:65:fc:ff:f5:
13:53:56:73
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEUKBuVtUXd2nj4fILPHJTPreOmQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIxMjdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2OGUyNTViYWMwNWVmY2FkYWQ5ZTk2ODA5ZGQ2ZmE4M2I2NGIzYTc2MTlm
YjBjNjMxMDRkMDc5NDA4NGFkNTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkScw1bEes+OTrZwkwsy9F1vBkps7TLy9iXKp0ip6+raIctGL6CRh2bbIPR
WNK0BPd0FRPV2usVcx+gOO2oE0fTCe7T49E/pwOu/YjhWJWDKva41Q4BxKyvecel
1LTWjjsG9BoC/7aNYz4jt4JaXnNotfTZqeSxPCQvzhUCUwReBN39x0t+zRL6QaVw
0lo79mHTnzx+IH9z6AoLXldXRWp3HksAnyY+vF/wYGrWm5Sixn8Ri0h5483D6oT8
iTe9QJFTDXtPeO7byrrxpzPM6YP8KwubPMCHBl9RQy0+FWq3cOH6PtEr8HlByD/B
8gfWGAYfdCERsHP+8RRtKgBWqUkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSqa6Mf
uaSTT97evea6KSH5djvatjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y4MzI2ZDAtZWNjMC00OTM5LTk5MzktMmVkNzBmNmVhNTM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIQ
QDANBgkqhkiG9w0BAQsFAAOCAQEApSEruYhmNZ5CTiE5Z9kI/FUi+lGESFFWR0BZ
zPks2O+uZC6BiH8/ZcRdBw8iH+eJYFfi+QCFHiIkuZAPkvVDkXjNaUZhnIpUnQg2
CIv1rVUZwLTNm2E50zsX4ha9EeMiQaDv+k6jF/e6OqEVZd/EshrrIHRzbZ9SNZfc
GF7H0utArtlrCcds0/uHn8x6KosOv2l73j6b4XfbWXW7P3NHDyzSpTkDozAFAarb
TV8sqbzd7hBkitXz5mNuO3s4IPturwceX/psJVYGcGJZ5pu9ZOFu7R2KC6XJEsef
pYQTBIyOwjVJ+4sTR9Nh97gU8ufM5erYZHF+CvZl/P/1E1NWcw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:30 2025 by rpki-client