Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ebe232e9-8f0a-4125-b83c-7989e39fdd99.roa
File: ebe232e9-8f0a-4125-b83c-7989e39fdd99.roa (raw, json)
Hash identifier: O4Dlf6g0WAEoFrfJomePD/w9IM9oiTsg/bq0VlGOR2I=
Subject key identifier: 57:F0:4F:91:84:52:BD:EA:30:72:FA:B3:1E:81:ED:02:14:D0:5A:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A9028AF608215D2F3D1662C674F7EDB3F079F91
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ebe232e9-8f0a-4125-b83c-7989e39fdd99.roa
Signing time: Mon 01 Sep 2025 20:51:31 +0000
ROA not before: Mon 01 Sep 2025 20:51:31 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:90:28:af:60:82:15:d2:f3:d1:66:2c:67:4f:7e:db:3f:07:9f:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:51:31 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=e46afc3bc145b80b99795d5de36bdc1dc1e69d4b776a683f4d757b930764a928, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a7:a1:d7:fa:dd:3d:b0:33:ac:f2:18:cb:69:
68:31:8e:95:83:3c:c7:d5:0c:c7:20:fc:3f:eb:db:
26:69:7f:5e:49:5a:08:4d:41:ca:7f:8f:f2:e8:93:
6a:30:3a:43:90:76:2a:f3:f7:07:93:7d:7c:bc:ba:
ea:57:8b:68:5c:43:ba:8c:4b:60:a4:c5:32:2b:fe:
2f:8e:a8:36:20:4d:77:36:4f:ba:3c:fe:80:44:d4:
69:b2:9d:ca:2d:07:a4:50:4c:ad:b3:c6:21:32:c6:
b6:5c:08:26:e7:72:99:1d:c9:b0:f2:06:12:8a:3d:
f2:94:35:79:a4:73:a8:90:9f:bd:a4:13:fd:30:cb:
3f:23:40:04:a3:3b:d9:df:8a:8f:ff:e5:3b:81:90:
be:57:40:32:2b:50:72:99:dd:18:07:53:77:3e:ce:
10:b5:8e:22:d0:58:b7:4a:c3:d1:93:ed:a9:eb:e0:
29:99:91:37:80:10:4b:b5:06:9f:cb:1d:86:09:2f:
db:46:22:65:ac:68:8c:3d:54:e7:39:4d:e7:cb:fa:
11:53:fd:01:d9:1a:5c:ea:07:ca:da:86:f9:38:33:
0c:78:a4:ec:e0:0c:26:3b:30:ac:40:55:d7:c2:f8:
c3:2c:13:d9:44:1a:93:9d:3e:fe:32:fb:0e:2b:4f:
b4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:F0:4F:91:84:52:BD:EA:30:72:FA:B3:1E:81:ED:02:14:D0:5A:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ebe232e9-8f0a-4125-b83c-7989e39fdd99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:b000::/40
Signature Algorithm: sha256WithRSAEncryption
09:0e:4c:73:8b:a2:4b:43:bb:66:cd:93:a5:da:0e:c5:6b:fb:
56:0a:c7:b4:3d:2b:83:6a:38:0c:ba:7f:ed:28:ec:52:c4:0c:
b4:49:d2:c2:b8:46:f5:09:a6:28:09:a4:71:62:5d:3d:5c:d3:
ab:63:ef:8f:f9:61:58:b6:82:d2:e4:77:e2:2b:17:8f:de:77:
69:c0:34:6b:33:9f:7b:22:31:5f:19:64:b1:83:e0:0d:6f:1f:
19:b4:78:48:03:25:9a:5c:ee:e4:9d:06:a8:2f:2d:a1:dc:aa:
fc:8c:d5:c2:6e:88:22:eb:f3:fd:f6:a2:0a:fc:e8:0e:64:50:
a8:2f:1f:cd:79:9d:1c:e7:e2:25:21:a7:8e:ca:2f:1b:55:34:
41:6c:f0:18:d4:9c:b5:1c:5b:c6:ca:ce:bb:bb:72:11:05:46:
07:3f:4a:d4:98:18:81:47:3c:1b:02:74:71:7c:9d:ab:92:7d:
2a:dd:da:f1:04:ed:40:af:93:5f:cf:84:f9:2d:3b:24:70:01:
f0:a2:f4:40:10:0a:7c:fb:9d:5d:a5:1c:9e:ec:c0:b3:3c:0d:
6d:f7:23:b0:1f:3e:2f:56:13:0a:86:31:06:a6:a9:b7:d0:08:
b4:8b:2f:2b:c3:54:0d:3b:9e:84:96:0e:90:c3:f9:cf:7c:2c:
49:65:05:78
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOpAor2CCFdLz0WYsZ09+2z8Hn5EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUxMzFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0NmFmYzNiYzE0NWI4MGI5OTc5NWQ1ZGUzNmJkYzFkYzFlNjlkNGI3NzZh
NjgzZjRkNzU3YjkzMDc2NGE5MjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGnodf63T2wM6zyGMtpaDGOlYM8x9UMxyD8P+vbJml/XklaCE1Byn+P8uiT
ajA6Q5B2KvP3B5N9fLy66leLaFxDuoxLYKTFMiv+L46oNiBNdzZPujz+gETUabKd
yi0HpFBMrbPGITLGtlwIJudymR3JsPIGEoo98pQ1eaRzqJCfvaQT/TDLPyNABKM7
2d+Kj//lO4GQvldAMitQcpndGAdTdz7OELWOItBYt0rD0ZPtqevgKZmRN4AQS7UG
n8sdhgkv20YiZaxojD1U5zlN58v6EVP9AdkaXOoHytqG+TgzDHik7OAMJjswrEBV
18L4wywT2UQak50+/jL7DitPtK8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRX8E+R
hFK96jBy+rMege0CFNBafzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWJlMjMyZTktOGYwYS00MTI1LWI4M2MtNzk4OWUzOWZkZDk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G2w
MA0GCSqGSIb3DQEBCwUAA4IBAQAJDkxzi6JLQ7tmzZOl2g7Fa/tWCse0PSuDajgM
un/tKOxSxAy0SdLCuEb1CaYoCaRxYl09XNOrY++P+WFYtoLS5HfiKxeP3ndpwDRr
M597IjFfGWSxg+ANbx8ZtHhIAyWaXO7knQaoLy2h3Kr8jNXCbogi6/P99qIK/OgO
ZFCoLx/NeZ0c5+IlIaeOyi8bVTRBbPAY1Jy1HFvGys67u3IRBUYHP0rUmBiBRzwb
AnRxfJ2rkn0q3drxBO1Ar5Nfz4T5LTskcAHwovRAEAp8+51dpRye7MCzPA1t9yOw
Hz4vVhMKhjEGpqm30Ai0iy8rw1QNO56Elg6Qw/nPfCxJZQV4
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:02 2025 by rpki-client