Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d4a512a3-4257-431f-b201-8d747948cebb.roa
File: d4a512a3-4257-431f-b201-8d747948cebb.roa (raw, json)
Hash identifier: 3b0Scv0fl3c1NI1c6z7RQ8+p5ubufihk8wI1B+dlD/0=
Subject key identifier: BA:8A:CD:F3:9D:CA:2F:4A:B0:D0:99:CC:14:A9:21:61:32:E4:A3:C8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D9F9C9F10C28133D9B8E2DD711EB448303C78CF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d4a512a3-4257-431f-b201-8d747948cebb.roa
Signing time: Mon 01 Sep 2025 20:01:02 +0000
ROA not before: Mon 01 Sep 2025 20:01:02 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:9f:9c:9f:10:c2:81:33:d9:b8:e2:dd:71:1e:b4:48:30:3c:78:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:01:02 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=2ce90e23d94c09189865c8dc81dddc0827ad459958cc0735e7395976bda12b30, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:44:0a:57:07:40:7b:e4:a4:a9:2e:94:4c:4d:
e9:f9:fa:32:e2:ec:d6:62:b1:f9:95:2c:91:4f:20:
a5:81:f9:4a:b3:2d:bf:21:5b:22:56:f0:d7:5c:93:
f7:46:b9:77:fb:51:7e:51:b1:6e:68:61:83:70:c7:
84:ee:de:87:97:2b:03:d5:52:fa:77:0f:b1:45:d3:
05:13:76:4d:59:27:33:a3:d5:f8:96:a4:9d:b9:62:
b3:67:02:bd:1c:6f:05:9d:e6:ba:bc:0b:1d:7e:73:
31:2f:eb:15:6f:3e:be:4a:6a:83:58:eb:6f:98:25:
aa:24:da:dc:a3:c1:d2:ae:92:b4:5e:ff:35:ba:80:
bc:b8:45:c9:cb:ca:34:bf:9c:bf:18:49:ed:d9:87:
71:fe:04:8c:ef:5b:9a:91:9c:62:a9:fe:fb:23:00:
1e:da:bf:bd:67:d4:44:1f:d3:52:63:4d:d5:93:bd:
f0:1e:88:db:2d:22:21:c9:98:f3:66:c2:52:df:b3:
8b:85:3d:7b:e1:41:a2:99:24:fa:03:74:5b:b9:51:
f2:1b:a7:b5:f3:18:5b:7f:e3:78:da:38:e0:bb:42:
c4:66:15:c3:e4:b2:23:36:b9:c1:3b:4f:1c:fd:6c:
c0:12:d3:5f:66:34:08:55:3e:f3:36:40:23:04:72:
96:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:8A:CD:F3:9D:CA:2F:4A:B0:D0:99:CC:14:A9:21:61:32:E4:A3:C8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d4a512a3-4257-431f-b201-8d747948cebb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
93:78:04:9e:1b:6c:67:bd:72:6a:79:4a:dc:85:15:bf:da:37:
71:e4:c7:6a:0c:67:f3:df:18:10:55:0f:d5:04:cb:67:71:f9:
32:72:f9:ec:96:de:2f:c1:d0:f2:68:d1:5c:6e:8d:9b:08:67:
92:c3:27:e5:f1:0a:53:a3:d7:29:87:6d:bd:33:3d:c8:46:5c:
7b:37:8c:41:8c:29:a5:1c:43:99:63:51:65:d5:1a:80:80:8b:
ac:19:45:99:aa:3b:fa:c1:d6:01:31:ee:60:be:5a:6e:b8:93:
36:ad:55:07:5b:02:c1:98:4b:b0:a8:57:9d:f5:36:ea:33:a9:
cc:ce:65:54:ca:ce:4e:a8:a3:58:40:c7:c9:31:90:21:1c:ed:
0b:32:0f:89:21:18:d0:fb:90:fe:e5:9e:79:be:9f:b1:60:dc:
ca:85:d0:57:30:d5:3f:73:fc:d7:1b:ca:55:8c:88:bf:67:4d:
ac:3d:ba:be:f3:cc:e5:b9:cd:94:12:4a:ff:f2:c1:39:b4:00:
b8:55:a9:10:aa:64:a5:39:01:43:4c:16:63:5b:7b:1f:3c:19:
76:af:27:18:98:86:8c:dc:1a:6e:02:e4:d4:17:92:5d:e7:35:
70:56:fb:5a:bc:b7:11:8e:df:35:16:e1:b6:9d:5c:65:aa:3e:
8c:74:8c:63
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfZ+cnxDCgTPZuOLdcR60SDA8eM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDAxMDJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjZTkwZTIzZDk0YzA5MTg5ODY1YzhkYzgxZGRkYzA4MjdhZDQ1OTk1OGNj
MDczNWU3Mzk1OTc2YmRhMTJiMzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJpEClcHQHvkpKkulExN6fn6MuLs1mKx+ZUskU8gpYH5SrMtvyFbIlbw11yT
90a5d/tRflGxbmhhg3DHhO7eh5crA9VS+ncPsUXTBRN2TVknM6PV+Jaknblis2cC
vRxvBZ3murwLHX5zMS/rFW8+vkpqg1jrb5glqiTa3KPB0q6StF7/NbqAvLhFycvK
NL+cvxhJ7dmHcf4EjO9bmpGcYqn++yMAHtq/vWfURB/TUmNN1ZO98B6I2y0iIcmY
82bCUt+zi4U9e+FBopkk+gN0W7lR8huntfMYW3/jeNo44LtCxGYVw+SyIza5wTtP
HP1swBLTX2Y0CFU+8zZAIwRylqkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS6is3z
ncovSrDQmcwUqSFhMuSjyDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDRhNTEyYTMtNDI1Ny00MzFmLWIyMDEtOGQ3NDc5NDhjZWJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADA
wDANBgkqhkiG9w0BAQsFAAOCAQEAk3gEnhtsZ71yanlK3IUVv9o3ceTHagxn898Y
EFUP1QTLZ3H5MnL57JbeL8HQ8mjRXG6NmwhnksMn5fEKU6PXKYdtvTM9yEZcezeM
QYwppRxDmWNRZdUagICLrBlFmao7+sHWATHuYL5abriTNq1VB1sCwZhLsKhXnfU2
6jOpzM5lVMrOTqijWEDHyTGQIRztCzIPiSEY0PuQ/uWeeb6fsWDcyoXQVzDVP3P8
1xvKVYyIv2dNrD26vvPM5bnNlBJK//LBObQAuFWpEKpkpTkBQ0wWY1t7HzwZdq8n
GJiGjNwabgLk1BeSXec1cFb7Wry3EY7fNRbhtp1cZao+jHSMYw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:33 2025 by rpki-client