Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2fe4803-5028-4c31-b369-a86c9539bfa2.roa
File: d2fe4803-5028-4c31-b369-a86c9539bfa2.roa (raw, json)
Hash identifier: 5SW2ok9ACxRuUi8FdHz2YbUQcWlLpruZT+D/0FdZq5c=
Subject key identifier: 7D:F4:45:E4:80:61:D0:0B:13:DF:F2:19:60:72:26:7F:17:80:60:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C07A3EDF8EABB6C7ED883386FE684669E12806B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2fe4803-5028-4c31-b369-a86c9539bfa2.roa
Signing time: Mon 25 Aug 2025 16:37:06 +0000
ROA not before: Mon 25 Aug 2025 16:37:06 +0000
ROA not after: Mon 29 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06c:8000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:07:a3:ed:f8:ea:bb:6c:7e:d8:83:38:6f:e6:84:66:9e:12:80:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 25 16:37:06 2025 GMT
Not After : Sep 29 23:59:59 2025 GMT
Subject: serialNumber=c65ce00d0a46c6a0c142a310b9ea953fc2b8eb461c2823a489c7232a703d943f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:ee:c5:45:84:4a:99:95:4c:75:cb:74:64:e2:
12:d6:16:ae:20:b7:d1:e8:fe:00:37:ee:91:f3:53:
e9:2b:e4:2d:1e:51:8d:2d:b3:ad:31:68:87:ac:ac:
08:e6:a7:60:ea:a2:07:4b:2d:86:22:d4:5a:9b:5e:
85:1a:11:ff:59:fd:f1:d7:77:f3:0e:7a:5c:0c:63:
50:28:3a:a5:bf:b9:5a:25:d7:02:69:fe:3f:e3:6d:
d6:e2:4a:95:01:c8:a9:87:3b:a9:c8:3c:7f:dc:50:
3b:67:aa:4f:c1:d0:cf:a0:86:82:7f:a7:cc:03:48:
16:3f:bb:b0:dd:f6:c0:0c:d1:ae:b8:ac:ce:d9:4e:
41:65:25:fa:2b:3e:6e:8f:7b:ce:d7:db:2e:3e:ff:
16:c4:58:5d:2c:47:ef:20:ac:68:f1:13:07:56:de:
a5:8c:1c:15:12:99:69:a8:9c:d9:6a:76:55:a4:85:
33:17:f1:9b:a6:07:dc:e1:04:1f:45:9f:db:2d:4e:
19:09:8b:65:90:d8:22:d9:9d:fd:ab:1a:aa:8c:48:
e2:ba:a9:3a:78:95:61:ba:9b:0f:fc:24:a5:cb:b0:
ab:f0:37:ec:c1:53:35:63:8a:84:e9:59:f9:dd:a9:
1a:76:5e:07:7e:c9:4d:65:c4:25:8e:9f:f1:fd:35:
aa:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F4:45:E4:80:61:D0:0B:13:DF:F2:19:60:72:26:7F:17:80:60:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2fe4803-5028-4c31-b369-a86c9539bfa2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06c:8000::/48
Signature Algorithm: sha256WithRSAEncryption
84:86:53:72:52:b3:ae:b8:72:b1:a0:3c:39:80:6d:6a:4a:fb:
4f:2a:e9:1d:7e:37:ee:f5:2c:27:6e:56:1e:09:f4:b7:84:36:
8f:4d:ab:ac:ac:7a:23:fb:ac:89:e1:02:84:6e:fd:a6:cd:06:
3d:80:64:96:8e:6b:75:a4:49:66:37:c4:9d:93:d5:70:18:95:
be:08:8c:66:cc:d5:ab:3b:f6:ac:7e:51:92:d4:8a:e2:ad:3d:
0a:32:f2:62:41:9e:57:4f:2c:e9:5a:fd:ce:ab:41:85:c9:23:
da:62:4d:b8:c6:de:d5:07:4d:56:f3:47:53:eb:91:22:89:ac:
b5:9f:70:1d:78:6f:2a:cb:3b:f4:10:9b:99:04:22:e4:37:2d:
4f:25:ae:c6:d9:fb:33:fa:2f:86:41:f7:dd:f5:2d:a4:f7:2c:
fc:7e:8e:d0:8b:40:fc:0c:ae:53:01:cc:d7:44:20:f7:80:87:
82:54:92:af:e9:26:56:d2:0c:79:2a:4e:e5:d0:44:ec:f4:fb:
15:f6:fa:d0:0e:28:9a:f9:32:2c:51:75:51:25:97:0f:f9:f2:
91:44:8a:1d:35:11:44:6c:69:a3:ba:27:a9:79:ab:92:5a:fd:
b3:fa:bf:b0:10:fd:d0:42:71:5a:56:86:12:8a:b3:86:ee:76:
63:ff:e5:84
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfAej7fjqu2x+2IM4b+aEZp4SgGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjUxNjM3MDZaFw0yNTA5MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2NWNlMDBkMGE0NmM2YTBjMTQyYTMxMGI5ZWE5NTNmYzJiOGViNDYxYzI4
MjNhNDg5YzcyMzJhNzAzZDk0M2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPLuxUWESpmVTHXLdGTiEtYWriC30ej+ADfukfNT6SvkLR5RjS2zrTFoh6ys
COanYOqiB0sthiLUWptehRoR/1n98dd38w56XAxjUCg6pb+5WiXXAmn+P+Nt1uJK
lQHIqYc7qcg8f9xQO2eqT8HQz6CGgn+nzANIFj+7sN32wAzRrrisztlOQWUl+is+
bo97ztfbLj7/FsRYXSxH7yCsaPETB1bepYwcFRKZaaic2Wp2VaSFMxfxm6YH3OEE
H0Wf2y1OGQmLZZDYItmd/asaqoxI4rqpOniVYbqbD/wkpcuwq/A37MFTNWOKhOlZ
+d2pGnZeB37JTWXEJY6f8f01qlECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR99EXk
gGHQCxPf8hlgciZ/F4BgFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDJmZTQ4MDMtNTAyOC00YzMxLWIzNjktYTg2Yzk1MzliZmEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GyA
ADANBgkqhkiG9w0BAQsFAAOCAQEAhIZTclKzrrhysaA8OYBtakr7TyrpHX437vUs
J25WHgn0t4Q2j02rrKx6I/usieEChG79ps0GPYBklo5rdaRJZjfEnZPVcBiVvgiM
ZszVqzv2rH5RktSK4q09CjLyYkGeV08s6Vr9zqtBhckj2mJNuMbe1QdNVvNHU+uR
IomstZ9wHXhvKss79BCbmQQi5DctTyWuxtn7M/ovhkH33fUtpPcs/H6O0ItA/Ayu
UwHM10Qg94CHglSSr+kmVtIMeSpO5dBE7PT7Ffb60A4omvkyLFF1USWXD/nykUSK
HTURRGxpo7onqXmrklr9s/q/sBD90EJxWlaGEoqzhu52Y//lhA==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:30 2025 by rpki-client