Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d331c3a8-c393-47a6-84c9-cd743c3328a0.roa
File: d331c3a8-c393-47a6-84c9-cd743c3328a0.roa (raw, json)
Hash identifier: m4XMGdt0mS+FVJJuxhftJCHCIfnTgyRzJGSWfvLsMRo=
Subject key identifier: 13:AE:DD:17:3E:05:AD:94:8A:B5:B4:C9:E7:FF:35:F8:2F:E2:96:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 117A94C48C7080BB29BB91BC9DE812BE8DAA1E48
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d331c3a8-c393-47a6-84c9-cd743c3328a0.roa
Signing time: Mon 25 Aug 2025 16:37:08 +0000
ROA not before: Mon 25 Aug 2025 16:37:08 +0000
ROA not after: Mon 29 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06c:a000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:7a:94:c4:8c:70:80:bb:29:bb:91:bc:9d:e8:12:be:8d:aa:1e:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 25 16:37:08 2025 GMT
Not After : Sep 29 23:59:59 2025 GMT
Subject: serialNumber=a900d727c8d30c621692c2e6f780f78cbfd05def938d8795fa485e2e4cef16a4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a9:f3:5a:9b:ba:79:f8:1f:3d:4d:53:25:f4:
7b:83:24:e7:28:d0:7a:30:39:ce:c5:6f:05:5b:7e:
52:94:8e:16:f1:0a:85:19:0e:0f:18:55:e8:5e:f2:
86:46:67:0c:ff:01:cf:7d:ee:84:da:d6:6b:65:e3:
b9:ac:00:8a:16:20:be:47:57:01:65:5f:4f:d1:24:
fc:db:70:2b:d2:d5:03:8e:93:44:d1:6b:a2:29:bf:
10:5a:0b:77:56:db:57:ea:4c:b7:11:1d:6c:a9:22:
f4:1f:66:18:86:1f:01:99:9a:ad:d4:77:f9:8e:4d:
82:8d:74:03:76:4b:d5:39:b2:39:f7:2d:06:9c:77:
32:90:ad:26:33:81:f7:a4:d5:64:18:f2:c6:5a:4a:
4e:57:6f:e8:3a:be:c6:37:82:17:d8:14:38:aa:cd:
cf:76:19:79:de:21:57:93:45:6f:fb:99:c7:83:94:
ca:a0:f4:18:08:fc:cd:c8:1f:49:13:e4:77:d4:34:
1a:96:28:5b:f6:6b:ae:61:df:75:48:9c:d3:f8:60:
92:ab:e1:71:24:2d:ca:40:23:39:33:8a:36:1c:cf:
cb:5c:09:3f:e3:3d:c4:4a:88:5d:33:6a:4a:b8:73:
19:6f:2e:b2:90:26:35:72:a9:3c:e5:0e:e6:29:b3:
b2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:AE:DD:17:3E:05:AD:94:8A:B5:B4:C9:E7:FF:35:F8:2F:E2:96:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d331c3a8-c393-47a6-84c9-cd743c3328a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06c:a000::/48
Signature Algorithm: sha256WithRSAEncryption
98:3e:e0:60:54:02:8e:a7:ca:26:87:dc:af:e1:67:62:31:de:
e9:43:bf:25:11:36:a8:f7:32:be:af:35:37:1d:26:3e:4e:af:
75:70:d9:70:3c:68:cf:a0:20:51:fe:d0:bf:f2:0e:15:6f:62:
40:25:8c:46:55:e2:49:01:99:ad:29:c9:98:37:d1:7f:e3:b3:
65:e8:2d:5e:85:05:b4:0b:69:9c:75:b3:a4:52:52:d3:8a:02:
31:46:e1:39:d8:bb:4b:77:d9:65:ac:99:19:5b:93:58:f7:27:
d2:fe:0c:db:c3:8c:4f:e5:71:72:48:ce:5a:4f:01:1a:75:69:
13:15:84:07:34:97:79:1b:6b:34:f5:d4:0a:4d:da:ac:9e:10:
e6:f2:8c:b5:37:97:25:13:a1:95:0b:35:d4:a9:e4:7e:5b:a3:
6c:f8:ca:c6:ec:e1:8d:ab:35:04:82:e7:d2:51:00:37:e4:96:
a3:ac:cc:31:1f:a8:7e:07:1b:93:c3:bf:b7:18:b0:41:aa:b9:
91:86:61:f5:de:a0:8c:11:f4:30:7d:e1:cb:71:b7:ea:25:26:
9d:1f:b4:f1:62:1a:8e:72:d3:c6:b7:aa:bf:d4:68:e6:31:29:
47:eb:7d:2a:b2:2a:ee:62:9c:b1:0d:02:86:b0:7d:4a:46:32:
42:35:56:a1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEXqUxIxwgLspu5G8negSvo2qHkgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjUxNjM3MDhaFw0yNTA5MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5MDBkNzI3YzhkMzBjNjIxNjkyYzJlNmY3ODBmNzhjYmZkMDVkZWY5Mzhk
ODc5NWZhNDg1ZTJlNGNlZjE2YTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqp81qbunn4Hz1NUyX0e4Mk5yjQejA5zsVvBVt+UpSOFvEKhRkODxhV6F7y
hkZnDP8Bz33uhNrWa2XjuawAihYgvkdXAWVfT9Ek/NtwK9LVA46TRNFroim/EFoL
d1bbV+pMtxEdbKki9B9mGIYfAZmardR3+Y5Ngo10A3ZL1TmyOfctBpx3MpCtJjOB
96TVZBjyxlpKTldv6Dq+xjeCF9gUOKrNz3YZed4hV5NFb/uZx4OUyqD0GAj8zcgf
SRPkd9Q0GpYoW/ZrrmHfdUic0/hgkqvhcSQtykAjOTOKNhzPy1wJP+M9xEqIXTNq
SrhzGW8uspAmNXKpPOUO5imzsk8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQTrt0X
PgWtlIq1tMnn/zX4L+KWKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDMzMWMzYTgtYzM5My00N2E2LTg0YzktY2Q3NDNjMzMyOGEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gyg
ADANBgkqhkiG9w0BAQsFAAOCAQEAmD7gYFQCjqfKJofcr+FnYjHe6UO/JRE2qPcy
vq81Nx0mPk6vdXDZcDxoz6AgUf7Qv/IOFW9iQCWMRlXiSQGZrSnJmDfRf+OzZegt
XoUFtAtpnHWzpFJS04oCMUbhOdi7S3fZZayZGVuTWPcn0v4M28OMT+VxckjOWk8B
GnVpExWEBzSXeRtrNPXUCk3arJ4Q5vKMtTeXJROhlQs11KnkflujbPjKxuzhjas1
BILn0lEAN+SWo6zMMR+ofgcbk8O/txiwQaq5kYZh9d6gjBH0MH3hy3G36iUmnR+0
8WIajnLTxreqv9Ro5jEpR+t9KrIq7mKcsQ0ChrB9SkYyQjVWoQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:05 2025 by rpki-client