Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
File: d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa (raw, json)
Hash identifier: E0arm2uXJRrGteQ2115ACRsPE5AJw7mOfawDCV7zHqA=
Subject key identifier: 9E:EF:A6:1A:62:B8:83:20:48:56:97:A3:5C:B0:2F:0A:B8:57:60:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 05D6E52C2F2213051AE108B288A35EEECB495213
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
Signing time: Mon 01 Sep 2025 21:21:08 +0000
ROA not before: Mon 01 Sep 2025 21:21:08 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d024::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:d6:e5:2c:2f:22:13:05:1a:e1:08:b2:88:a3:5e:ee:cb:49:52:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:21:08 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=3b544fa93c448542250a8bde2147f809b456158de87a1c09398da088ecd6dec9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cc:d8:c9:fe:12:70:2c:3f:cd:a4:67:bc:34:
20:54:ed:ce:a9:26:61:09:b7:fd:2d:a3:6b:2a:4d:
ad:ba:30:56:03:fc:58:79:48:bd:5c:d6:81:d4:04:
f0:38:0d:6d:14:a3:e7:fb:90:82:4f:b8:c7:97:93:
c1:ad:33:9e:ae:6e:9c:ad:33:50:e5:43:b0:3f:f1:
07:01:cc:ac:12:0c:d7:3f:6f:c8:3e:f1:46:36:18:
62:0d:26:ca:54:b2:d1:f4:45:77:82:c4:e9:f4:81:
c5:e6:42:c4:97:60:57:0a:74:24:bd:9e:20:3f:d8:
bd:ed:99:a8:4e:be:5b:f5:c2:0c:9a:e2:7b:14:61:
64:fa:92:21:6b:ea:c5:43:9a:c6:8b:50:d9:03:f8:
d3:4e:5c:0c:a7:c1:21:ac:6a:79:d0:e6:53:ad:dc:
49:49:4b:d0:ed:9c:20:36:f5:88:55:5a:04:c9:c9:
91:7d:ba:0e:95:ef:5e:40:4b:1c:af:d1:1e:12:19:
3e:42:d9:ea:07:5d:64:85:c0:a6:dc:5a:a8:32:44:
38:7d:ac:db:aa:72:ab:8c:54:9e:8b:59:52:17:c3:
01:83:5b:8a:50:f7:9c:7e:12:b4:73:a8:5a:c3:34:
7b:92:56:00:2e:a3:58:bd:1f:b0:55:e3:ad:a3:9b:
a6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:EF:A6:1A:62:B8:83:20:48:56:97:A3:5C:B0:2F:0A:B8:57:60:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d8ff7013-08b6-4e36-ab88-c4f8bd3e7a04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d024::/36
Signature Algorithm: sha256WithRSAEncryption
34:aa:f1:36:62:02:d4:78:7e:a7:fe:7c:66:7c:9a:41:57:a6:
a1:25:ca:9a:c0:d2:cf:fd:e4:7f:20:41:b3:a6:f1:c1:1c:32:
22:89:ed:73:03:49:2f:b5:99:81:40:b2:ad:09:81:a4:09:72:
93:4f:e5:6a:01:14:b6:94:81:c1:26:11:20:6f:a6:14:5c:28:
42:6b:46:f1:76:64:f1:ec:e9:a8:02:15:4f:cc:3b:d8:29:cf:
93:85:46:b1:06:ee:3b:b6:89:73:7c:89:b5:f2:70:15:d7:aa:
4c:90:5f:a4:ab:5b:00:ee:54:28:a5:46:97:1c:15:9d:ea:08:
35:79:55:06:22:83:e4:86:73:5f:6a:d5:b0:42:5a:27:e0:b1:
02:98:d9:c7:9b:e8:65:cc:a9:89:97:ba:2f:a7:f8:ca:01:cf:
c9:4d:0f:03:ed:99:2e:a7:ba:8c:76:75:44:5a:fd:dd:2f:27:
02:16:36:c3:c8:13:5e:d8:46:37:d2:7f:2f:e7:c9:22:99:e9:
fb:3c:62:a8:ac:7d:2e:9d:1d:65:40:06:1d:2c:11:ef:2f:08:
3a:85:01:0e:c4:55:b2:d0:0e:8c:b5:21:38:1d:32:a9:a8:ef:
59:46:1f:6e:50:ef:a7:43:c5:5b:51:e5:8d:8d:76:73:c2:45:
37:1c:7c:b4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBdblLC8iEwUa4QiyiKNe7stJUhMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIxMDhaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiNTQ0ZmE5M2M0NDg1NDIyNTBhOGJkZTIxNDdmODA5YjQ1NjE1OGRlODdh
MWMwOTM5OGRhMDg4ZWNkNmRlYzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJfM2Mn+EnAsP82kZ7w0IFTtzqkmYQm3/S2jaypNrbowVgP8WHlIvVzWgdQE
8DgNbRSj5/uQgk+4x5eTwa0znq5unK0zUOVDsD/xBwHMrBIM1z9vyD7xRjYYYg0m
ylSy0fRFd4LE6fSBxeZCxJdgVwp0JL2eID/Yve2ZqE6+W/XCDJriexRhZPqSIWvq
xUOaxotQ2QP4005cDKfBIaxqedDmU63cSUlL0O2cIDb1iFVaBMnJkX26DpXvXkBL
HK/RHhIZPkLZ6gddZIXAptxaqDJEOH2s26pyq4xUnotZUhfDAYNbilD3nH4StHOo
WsM0e5JWAC6jWL0fsFXjraObpmcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSe76Ya
YriDIEhWl6NcsC8KuFdgAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDhmZjcwMTMtMDhiNi00ZTM2LWFiODgtYzRmOGJkM2U3YTA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CQA
MA0GCSqGSIb3DQEBCwUAA4IBAQA0qvE2YgLUeH6n/nxmfJpBV6ahJcqawNLP/eR/
IEGzpvHBHDIiie1zA0kvtZmBQLKtCYGkCXKTT+VqARS2lIHBJhEgb6YUXChCa0bx
dmTx7OmoAhVPzDvYKc+ThUaxBu47tolzfIm18nAV16pMkF+kq1sA7lQopUaXHBWd
6gg1eVUGIoPkhnNfatWwQlon4LECmNnHm+hlzKmJl7ovp/jKAc/JTQ8D7Zkup7qM
dnVEWv3dLycCFjbDyBNe2EY30n8v58kimen7PGKorH0unR1lQAYdLBHvLwg6hQEO
xFWy0A6MtSE4HTKpqO9ZRh9uUO+nQ8VbUeWNjXZzwkU3HHy0
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:07 2025 by rpki-client