Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
File: dc148af9-68cc-4a7f-b7fd-6ac691016888.roa (raw, json)
Hash identifier: ygiShEe4OQ6g91fRSk3FBYHy9u8BWA+TYNTFipt46P8=
Subject key identifier: F5:9E:6F:19:2E:2D:F9:14:E1:0D:A3:66:30:A8:CD:F9:CF:7A:16:3A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 511770ED56FFE079D518FC367E2901EF5D080026
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
Signing time: Mon 01 Sep 2025 21:21:00 +0000
ROA not before: Mon 01 Sep 2025 21:21:00 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:17:70:ed:56:ff:e0:79:d5:18:fc:36:7e:29:01:ef:5d:08:00:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:21:00 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=6193b35506a171e7a7019ca1934266cdc6e7b287cd2e0be2178823b1b7c33aa3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c0:b4:c2:a4:d5:bc:bb:95:d6:55:5d:83:cd:
21:b9:73:cb:7a:bf:ea:09:6c:49:fe:46:fd:87:38:
04:16:e8:62:10:16:e0:1d:da:ab:ef:d3:b8:ae:d7:
9c:53:5b:5a:16:2e:94:78:19:65:30:04:3b:f8:fd:
51:cd:d0:80:d8:ff:37:d3:3d:94:28:ad:e6:34:9d:
17:76:ec:ce:18:9d:bd:23:0a:72:cf:1e:c4:38:62:
66:b4:c7:d0:c9:c4:db:70:79:4c:2e:1b:94:07:15:
e5:74:40:a1:17:fe:87:54:88:25:2e:bf:c1:10:26:
5f:9f:70:0b:a3:84:8b:04:e4:ec:40:b2:fc:2f:6e:
c2:c3:86:00:4c:40:51:ce:f5:08:22:73:d6:a7:8c:
bf:d0:d7:97:ef:61:0a:27:ad:a3:78:70:8d:d1:9b:
65:cc:cb:5e:b5:de:ad:1d:f1:59:aa:ef:0c:aa:eb:
bc:d7:8e:f6:2d:1f:bf:34:0d:46:c8:a0:ad:da:be:
98:53:e7:82:5f:48:3d:fc:79:d8:37:39:24:7d:23:
29:a7:de:5e:8c:6f:a2:6e:4f:cb:85:2d:5f:c9:05:
d1:cc:9e:db:69:54:50:cd:43:e6:9b:56:1f:21:4c:
5b:d5:98:8c:d8:f0:ac:9e:3f:15:a7:c8:06:dd:d0:
e6:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:9E:6F:19:2E:2D:F9:14:E1:0D:A3:66:30:A8:CD:F9:CF:7A:16:3A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025::/36
Signature Algorithm: sha256WithRSAEncryption
c4:57:ce:5f:a9:db:94:1b:04:6b:e7:66:be:b3:fb:09:01:d5:
b7:95:9b:a6:14:67:b8:df:de:ff:fe:c5:c0:e9:5a:4a:77:79:
28:72:6d:8c:b4:93:c6:55:83:b0:1f:df:92:fe:57:89:4c:76:
2b:75:a2:c4:d3:75:e2:3c:e8:8c:4e:b5:e3:66:4b:22:5a:5f:
f7:29:05:22:2d:72:78:b3:9a:f4:0b:c2:d9:ab:35:33:2f:6a:
8c:fa:2f:88:89:60:01:26:1e:e4:80:65:bd:f2:96:1c:e5:85:
36:98:30:0b:ad:20:6d:22:fa:0d:b1:ee:ed:c8:d5:74:35:f7:
53:87:2c:22:37:e5:dd:ba:67:b3:6b:15:cc:bf:fe:a7:14:c0:
10:2b:c5:78:7f:00:cb:6d:76:14:a2:68:3c:94:18:a4:f0:cf:
39:8d:e2:fd:ca:20:77:4a:24:d7:41:f0:d9:23:4e:1c:0e:39:
ec:64:52:5c:93:bc:3d:02:ae:ce:78:1a:a8:9b:f1:61:00:be:
e7:de:a0:ee:84:98:ba:fc:1b:3e:5a:a4:2e:fa:4b:e2:81:80:
b6:45:8f:4f:92:7e:ae:98:aa:5b:fe:c2:71:ac:ac:1e:24:88:
48:7a:af:0f:75:71:cb:3e:9e:83:18:e5:d1:05:cb:b9:c2:e8:
b0:e1:32:9f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUURdw7Vb/4HnVGPw2fikB710IACYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIxMDBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxOTNiMzU1MDZhMTcxZTdhNzAxOWNhMTkzNDI2NmNkYzZlN2IyODdjZDJl
MGJlMjE3ODgyM2IxYjdjMzNhYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvAtMKk1by7ldZVXYPNIblzy3q/6glsSf5G/Yc4BBboYhAW4B3aq+/TuK7X
nFNbWhYulHgZZTAEO/j9Uc3QgNj/N9M9lCit5jSdF3bszhidvSMKcs8exDhiZrTH
0MnE23B5TC4blAcV5XRAoRf+h1SIJS6/wRAmX59wC6OEiwTk7ECy/C9uwsOGAExA
Uc71CCJz1qeMv9DXl+9hCieto3hwjdGbZczLXrXerR3xWarvDKrrvNeO9i0fvzQN
Rsigrdq+mFPngl9IPfx52Dc5JH0jKafeXoxvom5Py4UtX8kF0cye22lUUM1D5ptW
HyFMW9WYjNjwrJ4/FafIBt3Q5t0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT1nm8Z
Li35FOENo2YwqM35z3oWOjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGMxNDhhZjktNjhjYy00YTdmLWI3ZmQtNmFjNjkxMDE2ODg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUA
MA0GCSqGSIb3DQEBCwUAA4IBAQDEV85fqduUGwRr52a+s/sJAdW3lZumFGe4397/
/sXA6VpKd3kocm2MtJPGVYOwH9+S/leJTHYrdaLE03XiPOiMTrXjZksiWl/3KQUi
LXJ4s5r0C8LZqzUzL2qM+i+IiWABJh7kgGW98pYc5YU2mDALrSBtIvoNse7tyNV0
NfdThywiN+XdumezaxXMv/6nFMAQK8V4fwDLbXYUomg8lBik8M85jeL9yiB3SiTX
QfDZI04cDjnsZFJck7w9Aq7OeBqom/FhAL7n3qDuhJi6/Bs+WqQu+kvigYC2RY9P
kn6umKpb/sJxrKweJIhIeq8PdXHLPp6DGOXRBcu5wuiw4TKf
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:27 2025 by rpki-client