Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8bdec55-5207-4e20-a65b-ee864a734245.roa
File: d8bdec55-5207-4e20-a65b-ee864a734245.roa (raw, json)
Hash identifier: 8R1R1ehOTsDmN6GKDDB1B2EVFjCnw9UR5bNnxrtsEvU=
Subject key identifier: B8:A0:6F:CB:83:AE:84:90:D9:7B:E8:42:6C:35:73:E3:F0:26:71:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1581DBC387EF490793CB75D082FA963371FCC651
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8bdec55-5207-4e20-a65b-ee864a734245.roa
Signing time: Thu 04 Sep 2025 19:52:03 +0000
ROA not before: Thu 04 Sep 2025 19:52:03 +0000
ROA not after: Thu 09 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d034:8080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:81:db:c3:87:ef:49:07:93:cb:75:d0:82:fa:96:33:71:fc:c6:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 4 19:52:03 2025 GMT
Not After : Oct 9 23:59:59 2025 GMT
Subject: serialNumber=468192bbc67ab6588298578eb137cd7b157fec24999ccb72aa3969657e5cb92a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:84:dc:50:61:d7:79:b8:70:b3:c9:a8:63:bc:
3f:ec:90:28:fc:6d:39:f8:ba:d8:14:cb:2d:8b:de:
1a:10:2d:dc:90:a3:ea:d9:8e:86:c0:8d:ce:f9:81:
bd:1d:78:3e:45:bd:ae:ce:4b:59:3d:8c:cc:cd:cf:
ae:1b:ab:be:b8:40:37:13:bf:2c:b0:5e:9b:78:7f:
c0:06:9e:4e:fc:6e:cd:45:4a:b4:eb:0f:57:48:ca:
cf:ba:3f:2c:2b:a3:9c:93:a4:ba:a2:10:8b:8e:61:
2e:44:73:88:b4:5e:54:3b:f5:ae:8f:5a:f8:7b:cc:
02:48:59:71:93:25:18:61:79:7c:5b:e6:fb:ee:fd:
4a:8b:95:61:85:78:85:4c:11:79:5b:d7:d7:a5:5b:
c8:d6:43:e0:a1:b0:6f:49:61:d5:14:07:29:78:cc:
e8:68:8b:06:f1:1a:24:8b:70:73:cb:6a:4b:68:af:
91:ee:e2:f6:c9:77:c5:ce:80:53:38:b9:5f:41:54:
62:fb:bf:82:eb:15:eb:19:ee:49:ff:54:ba:04:44:
6d:67:ab:26:53:bd:e7:6d:88:da:09:4d:ae:71:ce:
d1:1e:85:85:5c:a2:2f:83:8f:1e:46:c3:dd:c9:f4:
9f:a1:53:d6:eb:a7:6e:ef:ec:54:1e:1a:8c:e4:af:
1f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A0:6F:CB:83:AE:84:90:D9:7B:E8:42:6C:35:73:E3:F0:26:71:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8bdec55-5207-4e20-a65b-ee864a734245.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:8080::/46
Signature Algorithm: sha256WithRSAEncryption
a6:68:65:60:bd:a2:a2:af:5f:88:82:c0:13:de:d9:cd:2b:6e:
14:0b:b1:5f:33:83:4a:1a:d6:b1:82:26:bc:bb:c6:c6:b1:2a:
9f:b6:fb:74:45:2f:5c:51:70:f9:7b:70:ef:40:09:79:91:de:
d3:27:ca:45:fb:19:d4:79:55:de:bc:e1:15:16:e8:23:41:52:
16:a4:7e:26:65:04:a5:cc:15:44:2f:90:44:aa:97:66:5c:5b:
6a:9e:e9:6f:46:5d:80:59:ce:26:2f:05:a5:e2:75:6f:7f:fc:
0f:da:bf:cd:15:45:4c:22:b7:bc:a6:c2:b7:ec:48:ab:06:d8:
52:ed:3b:fd:7b:74:38:47:9e:75:be:fa:0e:97:9c:2e:27:1a:
17:78:60:e3:76:46:c3:16:19:27:00:04:f9:31:6d:08:08:95:
75:18:a1:43:51:7d:d8:49:c2:58:ac:4a:d4:60:ed:f1:37:cc:
34:cf:07:81:3a:92:cf:74:f3:23:66:0c:46:c0:7c:f4:a1:29:
48:5a:00:1b:2e:3d:ad:4f:61:41:32:2a:59:6a:cf:fc:be:bf:
82:5f:8e:e0:2b:81:04:24:d4:71:b4:e6:af:f2:c9:10:40:2a:
25:1d:e2:73:36:f4:7b:3e:a1:bd:a4:0a:c7:45:8f:da:bb:45:
19:12:1c:a4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFYHbw4fvSQeTy3XQgvqWM3H8xlEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDQxOTUyMDNaFw0yNTEwMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2ODE5MmJiYzY3YWI2NTg4Mjk4NTc4ZWIxMzdjZDdiMTU3ZmVjMjQ5OTlj
Y2I3MmFhMzk2OTY1N2U1Y2I5MmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOE3FBh13m4cLPJqGO8P+yQKPxtOfi62BTLLYveGhAt3JCj6tmOhsCNzvmB
vR14PkW9rs5LWT2MzM3PrhurvrhANxO/LLBem3h/wAaeTvxuzUVKtOsPV0jKz7o/
LCujnJOkuqIQi45hLkRziLReVDv1ro9a+HvMAkhZcZMlGGF5fFvm++79SouVYYV4
hUwReVvX16VbyNZD4KGwb0lh1RQHKXjM6GiLBvEaJItwc8tqS2ivke7i9sl3xc6A
Uzi5X0FUYvu/gusV6xnuSf9UugREbWerJlO9522I2glNrnHO0R6FhVyiL4OPHkbD
3cn0n6FT1uunbu/sVB4ajOSvH2cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS4oG/L
g66EkNl76EJsNXPj8CZxPDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDhiZGVjNTUtNTIwNy00ZTIwLWE2NWItZWU4NjRhNzM0MjQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DSA
gDANBgkqhkiG9w0BAQsFAAOCAQEApmhlYL2ioq9fiILAE97ZzStuFAuxXzODShrW
sYImvLvGxrEqn7b7dEUvXFFw+Xtw70AJeZHe0yfKRfsZ1HlV3rzhFRboI0FSFqR+
JmUEpcwVRC+QRKqXZlxbap7pb0ZdgFnOJi8FpeJ1b3/8D9q/zRVFTCK3vKbCt+xI
qwbYUu07/Xt0OEeedb76DpecLicaF3hg43ZGwxYZJwAE+TFtCAiVdRihQ1F92EnC
WKxK1GDt8TfMNM8HgTqSz3TzI2YMRsB89KEpSFoAGy49rU9hQTIqWWrP/L6/gl+O
4CuBBCTUcbTmr/LJEEAqJR3iczb0ez6hvaQKx0WP2rtFGRIcpA==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:23 2025 by rpki-client