Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa
File: e2212154-4339-4293-b1a8-15f06519a708.roa (raw, json)
Hash identifier: DjYV736kNsWcgsUDM8w44ZoQtL9wXhePSKXEW7/eCfA=
Subject key identifier: 3E:38:D8:E7:8A:40:0B:38:59:D2:D2:B5:79:67:29:B3:BF:6C:7A:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2BCB270E3EA79EEB59A029B922386FBF1CCF9CEF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa
Signing time: Mon 01 Sep 2025 21:00:08 +0000
ROA not before: Mon 01 Sep 2025 21:00:08 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:cb:27:0e:3e:a7:9e:eb:59:a0:29:b9:22:38:6f:bf:1c:cf:9c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:00:08 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=c0ca1c895b3ec8866bb7e9835aa218c33dfd757b571854da79241f11b656ba50, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:18:2f:5c:cb:12:d7:aa:ce:fe:82:18:ec:e2:
5a:ef:23:ad:b6:d0:96:de:ff:90:99:9a:d2:b1:8b:
cd:7d:0c:46:28:6a:8c:a4:2d:98:3a:3a:b9:8e:78:
78:ad:80:42:69:c9:1b:43:32:28:7b:8e:fb:e3:89:
30:72:bb:03:3d:c3:41:c4:58:71:3f:54:55:e5:77:
af:57:bc:16:39:46:a6:1a:d7:4c:74:32:c2:b8:b2:
60:ff:23:3b:df:5e:0e:73:40:36:18:83:a3:82:d4:
28:72:85:61:49:9f:c1:17:c1:57:5f:91:7d:81:c8:
f5:a9:73:fc:88:d2:f6:58:3d:4a:cb:61:ac:ea:02:
cb:6c:71:fb:f5:21:de:fe:62:a6:9b:6d:99:ea:4d:
e2:72:e1:d7:0e:95:87:59:54:8a:81:aa:83:c8:fc:
1e:d5:ff:b5:f1:ec:f8:01:39:46:71:ee:7a:97:16:
ba:ea:27:70:54:46:64:88:24:7b:db:f6:11:91:71:
40:0b:a0:5e:49:56:8a:32:db:1d:28:5b:4d:93:49:
95:d2:89:42:8f:98:e1:bd:1b:aa:95:36:c8:a0:c8:
41:ac:6d:14:9f:2e:56:dd:2b:b1:b2:a3:79:41:a0:
e6:7e:02:96:b9:90:f7:7b:9c:05:33:ee:98:9f:39:
46:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:38:D8:E7:8A:40:0B:38:59:D2:D2:B5:79:67:29:B3:BF:6C:7A:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:a000::/40
Signature Algorithm: sha256WithRSAEncryption
12:10:01:dc:16:97:05:cc:2e:da:95:49:bb:a3:80:6b:72:49:
c7:ce:a0:30:ce:e1:ce:0a:38:d0:c1:46:59:cf:7f:cd:88:1c:
89:a0:92:61:56:89:31:d4:03:62:c7:c1:77:67:23:b6:4b:5f:
1d:a1:23:4d:e7:2b:17:6a:90:0a:96:da:70:f6:74:06:9e:c4:
1a:7d:28:0f:00:50:c8:08:96:b4:56:23:ff:2d:56:c7:0c:bd:
62:61:03:20:c8:0e:01:2e:13:3d:4f:e7:92:1e:95:78:0d:5e:
47:f1:f0:51:a2:7e:90:50:fd:fa:5e:52:b8:99:2d:2e:22:ec:
7f:1b:3e:d2:f1:f6:62:b6:45:37:88:86:a1:9e:28:c6:8c:01:
c1:dd:34:07:5e:37:c5:e4:ec:5b:bc:09:d3:e3:52:f8:2b:c9:
31:aa:e1:82:b7:12:f5:83:ec:88:3c:de:56:c6:b5:99:e2:42:
4c:5e:b3:f4:ad:ad:b2:8e:30:88:a6:8d:2d:48:3f:9a:3b:b2:
ba:d7:48:fd:df:76:d9:95:3f:58:b9:83:79:4d:d2:20:04:77:
ee:c1:71:18:bc:45:91:30:13:13:69:3b:7d:c2:14:e0:68:b1:
31:09:1e:d1:02:ba:65:7f:15:83:f1:fc:f7:19:88:b8:67:76:
a9:2b:dd:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUK8snDj6nnutZoCm5IjhvvxzPnO8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAwMDhaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwY2ExYzg5NWIzZWM4ODY2YmI3ZTk4MzVhYTIxOGMzM2RmZDc1N2I1NzE4
NTRkYTc5MjQxZjExYjY1NmJhNTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4YL1zLEteqzv6CGOziWu8jrbbQlt7/kJma0rGLzX0MRihqjKQtmDo6uY54
eK2AQmnJG0MyKHuO++OJMHK7Az3DQcRYcT9UVeV3r1e8FjlGphrXTHQywriyYP8j
O99eDnNANhiDo4LUKHKFYUmfwRfBV1+RfYHI9alz/IjS9lg9SsthrOoCy2xx+/Uh
3v5ippttmepN4nLh1w6Vh1lUioGqg8j8HtX/tfHs+AE5RnHuepcWuuoncFRGZIgk
e9v2EZFxQAugXklWijLbHShbTZNJldKJQo+Y4b0bqpU2yKDIQaxtFJ8uVt0rsbKj
eUGg5n4ClrmQ93ucBTPumJ85RtkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ+ONjn
ikALOFnS0rV5Zymzv2x6lzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTIyMTIxNTQtNDMzOS00MjkzLWIxYTgtMTVmMDY1MTlhNzA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+g
MA0GCSqGSIb3DQEBCwUAA4IBAQASEAHcFpcFzC7alUm7o4BrcknHzqAwzuHOCjjQ
wUZZz3/NiByJoJJhVokx1ANix8F3ZyO2S18doSNN5ysXapAKltpw9nQGnsQafSgP
AFDICJa0ViP/LVbHDL1iYQMgyA4BLhM9T+eSHpV4DV5H8fBRon6QUP36XlK4mS0u
Iux/Gz7S8fZitkU3iIahnijGjAHB3TQHXjfF5OxbvAnT41L4K8kxquGCtxL1g+yI
PN5WxrWZ4kJMXrP0ra2yjjCIpo0tSD+aO7K610j933bZlT9YuYN5TdIgBHfuwXEY
vEWRMBMTaTt9whTgaLExCR7RArplfxWD8fz3GYi4Z3apK90D
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:51 2025 by rpki-client