Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
File: eb69b216-60d5-4f56-b2b8-3401f331f31e.roa (raw, json)
Hash identifier: EuRZ2Ht5McHmNiwJHfUTyfhaUJzO8KodGefQOdmogrs=
Subject key identifier: 64:AF:D9:56:A3:C4:EF:ED:D9:16:72:80:3A:8B:EE:04:D9:3F:14:D8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0CA30C83CECFC53BF471587AB710526BEB5E77B6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
Signing time: Mon 01 Sep 2025 20:40:20 +0000
ROA not before: Mon 01 Sep 2025 20:40:20 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:a3:0c:83:ce:cf:c5:3b:f4:71:58:7a:b7:10:52:6b:eb:5e:77:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:40:20 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=eb69a1b26868d9062d1e977d4755517d909b7f056fa560ba314342131f7f5a56, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:47:2b:34:b1:9d:21:92:27:45:f5:70:fb:ea:
f9:6c:7d:a0:2f:5b:82:39:b2:e8:c6:f2:19:34:96:
74:88:fc:5b:a4:e8:e0:0c:06:26:cc:5b:49:0a:fe:
86:7f:35:af:38:c5:2c:b6:19:7b:38:c2:e3:c2:40:
ed:eb:76:b5:8d:b2:2f:c0:be:9c:84:4e:ac:ff:74:
87:aa:3d:ff:c1:50:93:61:00:22:06:89:4d:f7:7a:
d7:46:fc:1a:28:28:d6:2b:ab:3a:59:ba:26:f4:72:
00:f6:96:37:43:f0:80:c8:26:ea:4a:2f:52:09:5d:
76:f1:1e:08:0d:3c:66:1e:02:94:da:b5:16:4e:7c:
df:b7:63:83:7a:bb:3b:36:7d:6a:78:62:ed:f7:e1:
b8:44:ec:15:0d:0c:33:c1:ae:48:af:89:b2:07:90:
89:21:de:14:bc:c9:f2:9d:0e:fb:51:c3:c8:8d:6e:
ab:be:ec:04:bb:ca:d5:bc:c6:1a:61:1e:b0:3e:0b:
b8:46:72:e7:13:d0:6d:30:d2:8a:8f:dd:a5:3b:a7:
0d:28:87:d6:06:17:6f:12:32:ee:e8:e6:61:96:b8:
72:44:28:68:27:1b:26:3c:45:fa:3b:4d:2c:16:8a:
4f:89:c1:7d:56:ba:c7:b1:e8:cf:14:a4:cd:fd:78:
a3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:AF:D9:56:A3:C4:EF:ED:D9:16:72:80:3A:8B:EE:04:D9:3F:14:D8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb69b216-60d5-4f56-b2b8-3401f331f31e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
16:39:c1:e3:0b:60:62:c8:48:96:46:be:a5:e8:e7:6b:fe:0a:
a4:7b:20:85:37:ee:35:fc:cb:fe:b3:40:cb:10:8d:cd:d3:b6:
8d:1a:0a:ee:eb:d4:28:80:53:52:03:f1:05:51:94:7a:ad:3f:
e4:57:91:e9:4f:ee:69:15:29:68:9c:84:e3:c9:a3:5b:b6:0d:
8c:f2:93:d8:21:84:cf:ff:78:38:15:2e:eb:3d:7c:a9:ea:14:
30:7e:2e:1e:a7:32:27:7e:d1:41:d9:13:c3:3b:40:95:22:0b:
ba:f3:84:d9:a0:c5:2a:95:53:c5:96:f2:f1:4e:17:ea:f7:02:
08:9b:0e:46:85:f9:ca:4a:41:1e:79:05:ff:5d:92:63:27:40:
78:88:2a:8f:e4:8f:89:01:42:e9:be:de:3f:c3:d2:fd:78:da:
2b:37:c0:04:03:f0:7a:8d:c0:d9:ec:be:37:61:bd:dc:0e:90:
59:3f:8e:c5:b7:08:a5:14:d3:b5:8a:7c:a6:5e:15:4c:e6:d3:
53:63:61:60:6d:ec:47:d1:bb:e8:81:99:d3:65:9b:84:9f:65:
1e:5b:72:13:1e:18:62:45:ce:aa:70:4c:8b:c1:7e:ee:fe:56:
88:70:30:20:44:15:e7:39:49:58:6e:0e:25:5c:2e:b1:f8:67:
38:f7:66:c0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDKMMg87PxTv0cVh6txBSa+ted7YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQwMjBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGViNjlhMWIyNjg2OGQ5MDYyZDFlOTc3ZDQ3NTU1MTdkOTA5YjdmMDU2ZmE1
NjBiYTMxNDM0MjEzMWY3ZjVhNTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdHKzSxnSGSJ0X1cPvq+Wx9oC9bgjmy6MbyGTSWdIj8W6To4AwGJsxbSQr+
hn81rzjFLLYZezjC48JA7et2tY2yL8C+nIROrP90h6o9/8FQk2EAIgaJTfd610b8
Gigo1iurOlm6JvRyAPaWN0PwgMgm6kovUglddvEeCA08Zh4ClNq1Fk5837djg3q7
OzZ9anhi7ffhuETsFQ0MM8GuSK+JsgeQiSHeFLzJ8p0O+1HDyI1uq77sBLvK1bzG
GmEesD4LuEZy5xPQbTDSio/dpTunDSiH1gYXbxIy7ujmYZa4ckQoaCcbJjxF+jtN
LBaKT4nBfVa6x7HozxSkzf14o6ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRkr9lW
o8Tv7dkWcoA6i+4E2T8U2DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWI2OWIyMTYtNjBkNS00ZjU2LWIyYjgtMzQwMWYzMzFmMzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HpA
MA0GCSqGSIb3DQEBCwUAA4IBAQAWOcHjC2BiyEiWRr6l6Odr/gqkeyCFN+41/Mv+
s0DLEI3N07aNGgru69QogFNSA/EFUZR6rT/kV5HpT+5pFSlonITjyaNbtg2M8pPY
IYTP/3g4FS7rPXyp6hQwfi4epzInftFB2RPDO0CVIgu684TZoMUqlVPFlvLxThfq
9wIImw5GhfnKSkEeeQX/XZJjJ0B4iCqP5I+JAULpvt4/w9L9eNorN8AEA/B6jcDZ
7L43Yb3cDpBZP47FtwilFNO1inymXhVM5tNTY2FgbexH0bvogZnTZZuEn2UeW3IT
HhhiRc6qcEyLwX7u/laIcDAgRBXnOUlYbg4lXC6x+Gc492bA
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:35 2025 by rpki-client