Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
File: e69b1519-f345-43aa-8c6b-cd786ee13404.roa (raw, json)
Hash identifier: acX7XadckbGgaOIaRXckCeT6URiYWfTa+FJxYnQJdEA=
Subject key identifier: EF:88:D4:9A:06:77:F9:8C:AD:4F:C8:82:F3:1F:62:41:C5:92:03:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 141B6511DFB5B3E036E2124D3C1B9BB9E57D3DC8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
Signing time: Mon 01 Sep 2025 20:40:20 +0000
ROA not before: Mon 01 Sep 2025 20:40:20 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:1b:65:11:df:b5:b3:e0:36:e2:12:4d:3c:1b:9b:b9:e5:7d:3d:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:40:20 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=ba57d504a8148e3d9801b5e15021561d87d3a4db6e30012796ce4aec124722c3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6f:67:c0:10:91:77:52:2b:62:99:6a:78:29:
02:61:23:98:b6:02:12:1f:06:e9:b9:64:c8:74:15:
73:ef:06:bf:5c:6d:1a:9c:cc:51:71:96:8b:db:22:
fc:2b:63:d8:c5:6e:a8:c7:50:6c:b0:45:24:1d:8c:
f3:f4:ae:ae:2f:bd:6c:77:11:1c:20:ed:95:0e:a0:
12:3d:ff:37:7c:5b:3b:ed:8a:df:43:fd:6a:30:be:
ac:6c:e4:52:ac:95:ea:6c:b5:9c:4a:f2:68:c7:c5:
30:29:d6:cc:a8:d5:1e:c5:c1:41:06:52:f4:3c:82:
dd:f6:f5:78:ab:b0:3c:8f:66:e4:d0:9b:21:3f:ee:
2e:29:d6:9a:cc:17:f1:28:34:42:2a:64:22:57:d9:
8b:0d:1c:5f:fb:bf:d8:8e:50:92:d6:df:d0:33:13:
bb:37:49:50:62:00:05:cc:0a:11:38:29:32:52:05:
4f:ed:ad:78:66:be:96:48:02:ff:30:80:12:d9:e5:
15:1d:a1:0e:fb:c8:41:01:05:3e:c8:27:a1:d1:bf:
55:e7:ec:f0:14:99:05:4e:40:ae:f1:a2:86:6f:1b:
8b:3b:6a:23:c3:55:45:7b:50:30:88:73:02:2b:e0:
40:32:94:61:c0:dd:bc:65:a4:84:06:58:17:b4:24:
eb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:88:D4:9A:06:77:F9:8C:AD:4F:C8:82:F3:1F:62:41:C5:92:03:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e69b1519-f345-43aa-8c6b-cd786ee13404.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:5000::/40
Signature Algorithm: sha256WithRSAEncryption
80:c9:e3:89:ad:0d:c7:bc:ed:bf:9e:49:c8:ec:49:2f:32:67:
b2:c9:91:f4:41:35:6b:e0:7b:53:07:ce:d1:e2:d1:54:8f:4e:
57:d6:41:8c:c8:06:f0:ca:b6:dd:8a:96:29:88:3b:b0:bb:1b:
d4:26:28:7c:2d:45:e4:97:16:c1:4c:ea:70:f9:18:2a:d7:3d:
d0:a1:4e:28:e3:db:c3:09:9e:ef:3b:96:32:6f:1e:96:d6:c3:
c5:87:18:cf:79:46:30:98:3d:d1:f9:eb:6a:3e:e0:3c:b5:fc:
9f:84:b8:7b:50:53:c4:e3:1a:9d:5b:72:1a:a1:7f:ae:8c:31:
37:65:7d:50:ad:36:66:a1:3f:0b:7f:28:2c:55:94:93:c5:e3:
1a:c8:ee:99:4c:dd:a2:8e:70:16:6b:81:2c:43:a4:fd:6e:df:
62:a3:ec:b2:f6:c4:13:dd:12:aa:e4:1e:49:99:19:1a:c6:d1:
ea:28:02:ab:07:0c:05:3b:c5:31:3e:a6:37:e4:0f:5a:39:84:
19:b0:85:7c:4b:07:9a:72:29:27:8b:1c:6f:51:76:31:3f:b7:
08:0a:07:14:00:86:6e:8d:df:11:56:12:b0:06:db:6b:ba:ab:
6d:82:ba:54:ae:1f:2d:f3:36:7a:dd:f9:cc:64:8a:d0:04:0f:
81:24:0a:a4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFBtlEd+1s+A24hJNPBubueV9PcgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQwMjBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhNTdkNTA0YTgxNDhlM2Q5ODAxYjVlMTUwMjE1NjFkODdkM2E0ZGI2ZTMw
MDEyNzk2Y2U0YWVjMTI0NzIyYzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJRvZ8AQkXdSK2KZangpAmEjmLYCEh8G6blkyHQVc+8Gv1xtGpzMUXGWi9si
/Ctj2MVuqMdQbLBFJB2M8/Suri+9bHcRHCDtlQ6gEj3/N3xbO+2K30P9ajC+rGzk
UqyV6my1nEryaMfFMCnWzKjVHsXBQQZS9DyC3fb1eKuwPI9m5NCbIT/uLinWmswX
8Sg0QipkIlfZiw0cX/u/2I5Qktbf0DMTuzdJUGIABcwKETgpMlIFT+2teGa+lkgC
/zCAEtnlFR2hDvvIQQEFPsgnodG/Vefs8BSZBU5ArvGihm8biztqI8NVRXtQMIhz
AivgQDKUYcDdvGWkhAZYF7Qk69ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTviNSa
Bnf5jK1PyILzH2JBxZID5zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTY5YjE1MTktZjM0NS00M2FhLThjNmItY2Q3ODZlZTEzNDA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCAyeOJrQ3HvO2/nknI7EkvMmeyyZH0QTVr4HtT
B87R4tFUj05X1kGMyAbwyrbdipYpiDuwuxvUJih8LUXklxbBTOpw+Rgq1z3QoU4o
49vDCZ7vO5Yybx6W1sPFhxjPeUYwmD3R+etqPuA8tfyfhLh7UFPE4xqdW3IaoX+u
jDE3ZX1QrTZmoT8LfygsVZSTxeMayO6ZTN2ijnAWa4EsQ6T9bt9io+yy9sQT3RKq
5B5JmRkaxtHqKAKrBwwFO8UxPqY35A9aOYQZsIV8SweaciknixxvUXYxP7cICgcU
AIZujd8RVhKwBttruqttgrpUrh8t8zZ63fnMZIrQBA+BJAqk
-----END CERTIFICATE-----
Generated at Fri Sep 19 14:29:09 2025 by rpki-client