Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
File: e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa (raw, json)
Hash identifier: VUOvcNlBSQZyijRJK5I/uIWSgxALSaIRwQlKvpKQkgM=
Subject key identifier: 20:27:A2:6A:FF:52:34:C3:8A:0C:0E:2F:08:2F:FA:4C:C7:58:0F:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04FD68878486AB0EE841430C9CFF42B82D3430B5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
Signing time: Mon 01 Sep 2025 19:40:16 +0000
ROA not before: Mon 01 Sep 2025 19:40:16 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:fd:68:87:84:86:ab:0e:e8:41:43:0c:9c:ff:42:b8:2d:34:30:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:40:16 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=8138182ff2dcbded6f148bb62d26311893f5940ab3ffa8328709098cec43a7a8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:16:ce:04:64:35:e4:62:da:3c:33:ff:29:42:
c4:c0:de:a7:d1:7a:b6:90:73:08:78:4c:1c:c8:49:
c1:da:a2:cc:b0:4e:72:ae:5f:1c:52:a7:96:f4:aa:
20:73:47:df:53:d6:29:15:e7:01:1a:7b:0d:4a:98:
e1:82:c3:c7:54:7b:c8:d5:81:0d:93:b6:ea:f1:e7:
92:47:98:cf:eb:f5:aa:b8:a9:64:9a:30:15:20:11:
77:ec:3e:5a:77:37:06:a1:44:43:ab:9a:8b:59:5c:
4c:ac:ef:02:95:98:16:a1:bb:e1:da:1b:d6:0e:b7:
51:58:f7:2d:83:0e:8b:4f:d0:8a:45:07:66:5c:41:
7f:75:c8:78:54:d5:ec:bd:55:5e:88:fa:25:3e:e0:
c2:a1:fb:25:c1:9f:34:7d:5a:d2:7a:7d:6f:9a:a9:
bc:7a:76:77:d0:e9:6b:c4:20:37:4b:3a:01:51:5d:
d5:c4:53:64:46:47:83:ec:a5:3e:c7:c7:f4:1b:1f:
7e:66:86:a0:2d:7a:4c:0f:36:a1:8b:a7:fe:96:bf:
7f:3c:0c:d3:a3:5b:f6:08:7c:f1:d4:4d:32:70:90:
df:11:02:e5:b5:96:83:52:82:3c:12:bd:65:ba:0c:
67:9a:05:f1:95:84:b1:cb:30:32:58:97:4d:11:3d:
cc:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:27:A2:6A:FF:52:34:C3:8A:0C:0E:2F:08:2F:FA:4C:C7:58:0F:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e87a971c-9bad-44d4-ba63-9c09f0299fa2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
b8:1a:fc:72:dd:10:de:ec:ab:f2:1b:55:f3:d3:36:57:c1:ea:
b1:83:c6:a0:b6:da:a6:88:5d:dd:57:89:56:83:0c:ca:a0:79:
4c:13:32:4b:90:a2:65:2e:20:54:93:7d:72:e5:53:33:40:dc:
48:be:37:f4:7a:87:cd:6c:9f:6c:ae:b8:2d:55:62:94:d2:24:
db:a9:d9:62:2a:53:8d:d9:8c:00:75:f0:a4:f2:b9:f0:ec:29:
c5:42:f1:59:df:25:9e:1c:00:5b:ce:84:c8:01:86:44:f8:e3:
24:ca:72:f5:2d:3e:f9:39:dc:83:fa:bb:af:ab:a9:64:e4:58:
28:97:66:e8:42:3b:dd:41:fc:51:47:03:d7:32:6e:81:72:1e:
70:23:e7:0f:12:7d:ad:c6:9b:1b:e2:52:50:f4:c6:aa:c5:cd:
a8:74:e9:5f:8a:99:98:e8:83:0c:c9:38:de:0b:66:b4:5b:ec:
4a:70:83:ad:f7:99:fb:82:35:65:7b:7b:c0:e9:55:35:69:3f:
8a:ed:86:c9:ed:8d:5e:2a:78:a3:5f:62:1b:9e:ee:a1:00:1a:
73:77:86:d8:b7:8c:30:44:14:c3:ec:3e:96:13:93:e2:54:41:
c1:65:9d:c3:28:ea:4d:1e:e7:92:64:a3:82:60:00:e8:b7:63:
44:3a:e9:cf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBP1oh4SGqw7oQUMMnP9CuC00MLUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTQwMTZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMzgxODJmZjJkY2JkZWQ2ZjE0OGJiNjJkMjYzMTE4OTNmNTk0MGFiM2Zm
YTgzMjg3MDkwOThjZWM0M2E3YTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoWzgRkNeRi2jwz/ylCxMDep9F6tpBzCHhMHMhJwdqizLBOcq5fHFKnlvSq
IHNH31PWKRXnARp7DUqY4YLDx1R7yNWBDZO26vHnkkeYz+v1qripZJowFSARd+w+
Wnc3BqFEQ6uai1lcTKzvApWYFqG74dob1g63UVj3LYMOi0/QikUHZlxBf3XIeFTV
7L1VXoj6JT7gwqH7JcGfNH1a0np9b5qpvHp2d9Dpa8QgN0s6AVFd1cRTZEZHg+yl
PsfH9BsffmaGoC16TA82oYun/pa/fzwM06Nb9gh88dRNMnCQ3xEC5bWWg1KCPBK9
ZboMZ5oF8ZWEscswMliXTRE9zHkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQgJ6Jq
/1I0w4oMDi8IL/pMx1gPiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg3YTk3MWMtOWJhZC00NGQ0LWJhNjMtOWMwOWYwMjk5ZmEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLg
wDANBgkqhkiG9w0BAQsFAAOCAQEAuBr8ct0Q3uyr8htV89M2V8HqsYPGoLbapohd
3VeJVoMMyqB5TBMyS5CiZS4gVJN9cuVTM0DcSL439HqHzWyfbK64LVVilNIk26nZ
YipTjdmMAHXwpPK58OwpxULxWd8lnhwAW86EyAGGRPjjJMpy9S0++Tncg/q7r6up
ZORYKJdm6EI73UH8UUcD1zJugXIecCPnDxJ9rcabG+JSUPTGqsXNqHTpX4qZmOiD
DMk43gtmtFvsSnCDrfeZ+4I1ZXt7wOlVNWk/iu2Gye2NXip4o19iG57uoQAac3eG
2LeMMEQUw+w+lhOT4lRBwWWdwyjqTR7nkmSjgmAA6LdjRDrpzw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:16:58 2025 by rpki-client