Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa
File: df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa (raw, json)
Hash identifier: S8lz50FvCfTOvh+NQwM0HWoohr4tGs3lCR5VlqhDkcg=
Subject key identifier: 12:5C:E4:88:5A:36:E3:67:82:30:97:A5:90:CB:DA:6C:1F:8D:52:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A1BE2FE7538DA3387783ED2335619AF3018F49F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa
Signing time: Mon 01 Sep 2025 20:51:25 +0000
ROA not before: Mon 01 Sep 2025 20:51:25 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:1b:e2:fe:75:38:da:33:87:78:3e:d2:33:56:19:af:30:18:f4:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:51:25 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=2090d8f3f08cb8c488f3fed9879c27b790cd27d6915f24ec733dd0b64645ad78, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:30:3d:5f:bf:d3:c9:bc:9b:7a:55:a6:c5:f7:
3f:89:f4:e3:22:ad:d1:62:74:e0:f4:46:77:77:56:
20:f3:da:7b:09:82:19:da:37:b3:79:b0:f7:a7:99:
22:2f:b9:a7:75:e8:24:6c:b7:cb:6e:f8:96:7c:10:
cd:ad:35:51:ed:8b:84:db:71:b6:59:62:04:c3:ab:
e2:b9:04:e3:0a:ae:80:da:7a:59:72:e0:0d:35:26:
2b:02:5c:44:b1:1b:82:0b:26:19:80:9d:10:96:15:
c3:e2:1b:92:8f:30:ce:75:8f:a2:29:36:18:3b:7d:
f6:60:d0:20:d1:cb:b5:1e:2f:5a:ab:88:ef:3d:28:
30:20:a0:17:61:4f:28:d6:d0:35:c6:91:bd:22:94:
82:fe:57:c3:90:59:02:1d:3c:a5:1d:93:37:cc:39:
c4:08:8d:fd:01:f1:b2:8b:80:fd:6e:bc:06:fb:fe:
4f:93:22:3e:24:c0:a8:7b:62:69:84:1f:e3:32:d3:
07:dc:23:3c:0b:fe:5d:b2:ef:e4:d3:27:7c:62:7f:
7e:0d:e5:bc:7c:b3:a0:3f:05:38:88:f6:4b:69:e5:
0c:96:e7:5d:5b:cf:05:f6:ed:ac:fe:9e:15:e4:63:
d9:f9:06:75:e6:7a:85:17:60:4b:3c:83:65:c6:35:
68:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:5C:E4:88:5A:36:E3:67:82:30:97:A5:90:CB:DA:6C:1F:8D:52:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:c000::/40
Signature Algorithm: sha256WithRSAEncryption
89:5d:10:dc:7e:78:39:f3:ce:2a:6d:b5:6e:3c:75:4b:cc:ff:
af:b2:6d:a4:ef:53:8f:95:45:24:5a:b8:8f:d9:97:66:7f:ac:
bd:a9:26:95:2d:bf:8d:a8:8a:2e:2c:a2:53:66:8c:6b:60:3a:
e3:b4:6d:11:95:dc:cb:fe:20:ea:00:c5:cf:5c:ca:d2:31:3a:
3d:90:92:9a:a4:ce:31:76:ed:f9:98:25:1f:72:c6:81:b6:a9:
0a:70:83:53:4a:82:bf:f6:39:a5:f4:a9:6d:ab:ed:b0:bb:44:
f2:f0:34:2a:23:8c:31:3d:09:12:c1:e7:73:c8:1c:d0:d1:bf:
eb:90:33:73:30:55:ea:41:26:d3:5c:b2:59:da:05:78:9f:b8:
03:a3:70:78:b8:05:33:d5:a1:5b:25:af:b3:00:b9:87:ed:24:
fd:73:8c:56:c9:e4:61:dd:2b:83:03:39:d2:ca:e0:cb:6c:dd:
86:35:a2:72:c1:b3:a1:ae:8f:88:75:12:c2:e9:e8:b4:7c:3f:
c4:5e:a7:e1:6a:29:27:8e:7b:2b:10:cf:b2:c3:d2:9e:ac:b7:
51:a1:7d:f1:6e:dc:b4:dd:b9:8c:c1:64:3d:d2:6e:90:f0:8f:
76:50:47:a7:67:5b:fe:fd:38:8c:ad:87:64:fa:15:f1:46:f3:
dc:95:02:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWhvi/nU42jOHeD7SM1YZrzAY9J8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUxMjVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwOTBkOGYzZjA4Y2I4YzQ4OGYzZmVkOTg3OWMyN2I3OTBjZDI3ZDY5MTVm
MjRlYzczM2RkMGI2NDY0NWFkNzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOEwPV+/08m8m3pVpsX3P4n04yKt0WJ04PRGd3dWIPPaewmCGdo3s3mw96eZ
Ii+5p3XoJGy3y274lnwQza01Ue2LhNtxtlliBMOr4rkE4wqugNp6WXLgDTUmKwJc
RLEbggsmGYCdEJYVw+Ibko8wznWPoik2GDt99mDQINHLtR4vWquI7z0oMCCgF2FP
KNbQNcaRvSKUgv5Xw5BZAh08pR2TN8w5xAiN/QHxsouA/W68Bvv+T5MiPiTAqHti
aYQf4zLTB9wjPAv+XbLv5NMnfGJ/fg3lvHyzoD8FOIj2S2nlDJbnXVvPBfbtrP6e
FeRj2fkGdeZ6hRdgSzyDZcY1aGUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQSXOSI
WjbjZ4Iwl6WQy9psH41SfzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGYzOGMwMGItYTZiMy00ZTYzLTlmNjktYjhjMzg1NmViZGY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G3A
MA0GCSqGSIb3DQEBCwUAA4IBAQCJXRDcfng5884qbbVuPHVLzP+vsm2k71OPlUUk
WriP2Zdmf6y9qSaVLb+NqIouLKJTZoxrYDrjtG0RldzL/iDqAMXPXMrSMTo9kJKa
pM4xdu35mCUfcsaBtqkKcINTSoK/9jml9Kltq+2wu0Ty8DQqI4wxPQkSwedzyBzQ
0b/rkDNzMFXqQSbTXLJZ2gV4n7gDo3B4uAUz1aFbJa+zALmH7ST9c4xWyeRh3SuD
AznSyuDLbN2GNaJywbOhro+IdRLC6ei0fD/EXqfhaiknjnsrEM+yw9KerLdRoX3x
bty03bmMwWQ90m6Q8I92UEenZ1v+/TiMrYdk+hXxRvPclQLQ
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:12 2025 by rpki-client