Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dba2c5ec-b39c-4ba8-b607-71348e3be0c8.roa
File: dba2c5ec-b39c-4ba8-b607-71348e3be0c8.roa (raw, json)
Hash identifier: c+/sVr+W7V2S5EHxXHcXRncgRb41nGp8WrzOcMTYgHI=
Subject key identifier: 2B:80:DA:97:2D:3D:CE:CB:9D:80:FF:F3:4E:E5:5B:33:13:E1:51:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 48DDD216204516ACC9D5B354E5A8B97E60E1CEDB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dba2c5ec-b39c-4ba8-b607-71348e3be0c8.roa
Signing time: Thu 04 Sep 2025 19:52:00 +0000
ROA not before: Thu 04 Sep 2025 19:52:00 +0000
ROA not after: Thu 09 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:6080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:dd:d2:16:20:45:16:ac:c9:d5:b3:54:e5:a8:b9:7e:60:e1:ce:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 4 19:52:00 2025 GMT
Not After : Oct 9 23:59:59 2025 GMT
Subject: serialNumber=2b523bf874724f1911655b4126b89a2ef9feeb09c97c6be3ef1c1707aba030b5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ac:b2:5a:bf:82:31:d7:e7:cd:6e:44:c2:f1:
26:de:98:0e:62:e2:e1:d4:39:64:2e:52:36:de:c2:
7b:98:0c:b4:bd:80:33:30:49:a9:d8:7a:52:14:e9:
22:f4:2c:4d:76:9d:fb:4b:24:9b:cb:9f:bf:41:bf:
a8:62:e2:e7:16:77:b1:47:ba:59:ed:cb:c5:ce:69:
45:fc:d6:28:e0:d7:11:66:1d:83:72:9e:46:3f:13:
c4:13:d8:26:a6:c3:d3:d4:91:c0:58:a8:42:2b:1c:
2d:ef:02:ad:3e:c8:04:06:b8:64:a9:59:a2:8f:62:
23:b9:91:b5:87:df:4e:9a:87:4c:6c:b0:84:93:21:
3a:cf:39:b9:2d:6d:8b:19:c8:08:c4:b4:a4:8d:cf:
f0:7d:4c:a8:fe:3e:5b:e5:65:9e:6b:93:12:8a:b1:
30:22:68:17:98:a5:d4:57:5a:58:e6:55:01:7f:30:
e0:c6:7b:fd:bc:f0:24:1e:19:96:ad:d9:70:f8:96:
29:15:a0:5b:83:3a:5d:a2:00:2d:bd:2f:70:72:85:
b8:5f:d2:b0:37:0e:24:c4:26:50:e1:fe:47:07:0e:
e8:bb:4f:0c:97:10:a8:13:40:3c:22:12:a1:ae:9d:
7e:44:31:9e:94:73:bf:19:32:ba:e0:d9:28:eb:b4:
5a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:80:DA:97:2D:3D:CE:CB:9D:80:FF:F3:4E:E5:5B:33:13:E1:51:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dba2c5ec-b39c-4ba8-b607-71348e3be0c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6080::/46
Signature Algorithm: sha256WithRSAEncryption
3a:45:48:92:a0:16:fb:f1:dc:a7:7e:8a:de:6b:36:3e:ec:1c:
68:60:21:82:3d:cc:ef:c7:76:f7:2a:f9:2e:77:22:68:a4:92:
f8:fc:96:5d:1d:65:c5:3e:da:ff:b6:65:8a:90:c1:07:4c:a9:
2b:26:f1:3c:dd:cb:a2:c2:d7:ce:48:f8:a6:be:99:d3:39:fd:
34:f3:0f:73:f3:79:a6:b5:e6:4e:27:f0:3a:6c:01:4e:f7:13:
1a:92:92:5b:bd:42:f9:a0:15:f1:41:52:7e:e7:80:74:6c:75:
22:be:27:d9:65:cb:c6:ef:60:20:92:a8:c6:ed:3c:18:13:5c:
b0:00:56:a0:61:40:ec:f2:2e:81:de:97:48:cf:8f:1d:62:a1:
3e:1d:bf:73:68:bc:1f:ac:4b:47:18:bd:49:df:11:c1:6d:83:
ad:c9:78:d2:1d:38:c3:73:d8:86:b6:09:ab:9d:c2:c6:48:e2:
f6:a8:1c:0e:a8:dc:da:cf:64:3e:a4:c9:2e:28:a8:03:84:4c:
6e:81:30:d4:91:a0:63:21:83:da:57:07:8a:38:d0:c1:6d:ad:
6f:7b:74:20:0d:91:89:f2:7a:0c:a8:1d:03:2a:69:cc:26:59:
ce:3a:8e:d7:5c:4e:0a:ed:a1:db:fb:59:45:7e:60:8e:0b:f0:
e5:e4:34:ad
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSN3SFiBFFqzJ1bNU5ai5fmDhztswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDQxOTUyMDBaFw0yNTEwMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiNTIzYmY4NzQ3MjRmMTkxMTY1NWI0MTI2Yjg5YTJlZjlmZWViMDljOTdj
NmJlM2VmMWMxNzA3YWJhMDMwYjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALysslq/gjHX581uRMLxJt6YDmLi4dQ5ZC5SNt7Ce5gMtL2AMzBJqdh6UhTp
IvQsTXad+0skm8ufv0G/qGLi5xZ3sUe6We3Lxc5pRfzWKODXEWYdg3KeRj8TxBPY
JqbD09SRwFioQiscLe8CrT7IBAa4ZKlZoo9iI7mRtYffTpqHTGywhJMhOs85uS1t
ixnICMS0pI3P8H1MqP4+W+VlnmuTEoqxMCJoF5il1FdaWOZVAX8w4MZ7/bzwJB4Z
lq3ZcPiWKRWgW4M6XaIALb0vcHKFuF/SsDcOJMQmUOH+RwcO6LtPDJcQqBNAPCIS
oa6dfkQxnpRzvxkyuuDZKOu0WrUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQrgNqX
LT3Oy52A//NO5VszE+FR3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGJhMmM1ZWMtYjM5Yy00YmE4LWI2MDctNzEzNDhlM2JlMGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg
gDANBgkqhkiG9w0BAQsFAAOCAQEAOkVIkqAW+/Hcp36K3ms2PuwcaGAhgj3M78d2
9yr5LnciaKSS+PyWXR1lxT7a/7ZlipDBB0ypKybxPN3LosLXzkj4pr6Z0zn9NPMP
c/N5prXmTifwOmwBTvcTGpKSW71C+aAV8UFSfueAdGx1Ir4n2WXLxu9gIJKoxu08
GBNcsABWoGFA7PIugd6XSM+PHWKhPh2/c2i8H6xLRxi9Sd8RwW2Drcl40h04w3PY
hrYJq53Cxkji9qgcDqjc2s9kPqTJLiioA4RMboEw1JGgYyGD2lcHijjQwW2tb3t0
IA2RifJ6DKgdAyppzCZZzjqO11xOCu2h2/tZRX5gjgvw5eQ0rQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:11 2025 by rpki-client