Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ecd857ec-bcff-41df-b23a-19087481169e.roa
File: ecd857ec-bcff-41df-b23a-19087481169e.roa (raw, json)
Hash identifier: k8XdAIqegZbETMmC7UeUj4fwa+MJkoYZIA1GDE9u0a0=
Subject key identifier: 07:41:33:25:20:FE:FA:6E:43:6E:52:75:7F:43:70:E1:98:EB:26:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FA00D2EFA481DAC76604297A727FAFB74941EF3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ecd857ec-bcff-41df-b23a-19087481169e.roa
Signing time: Mon 01 Sep 2025 20:41:32 +0000
ROA not before: Mon 01 Sep 2025 20:41:32 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:a0:0d:2e:fa:48:1d:ac:76:60:42:97:a7:27:fa:fb:74:94:1e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:41:32 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=ed3c7cdaee27619637530af7aaad19c832ed7fae3c40821c856d907adac53f56, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:01:6a:16:73:ce:43:35:2c:8d:dd:7e:ce:7b:
19:68:d2:16:45:91:e5:58:cd:fc:4c:f0:db:e3:96:
55:4e:c3:9f:b5:2d:dc:5d:92:68:e3:7a:fd:ac:15:
98:88:b0:03:78:d9:73:62:46:36:02:33:63:68:d4:
71:e6:1c:7a:49:07:36:8b:cd:8d:fa:9a:8a:a4:c0:
1a:df:e3:03:a1:d0:24:5e:ee:03:73:e3:8b:7f:7d:
9c:e2:3d:61:38:9a:ff:78:25:a0:01:39:e5:ae:1c:
0d:4c:fe:8d:7e:1b:ad:a9:0e:6b:b6:18:00:75:5e:
2b:a4:23:3c:58:28:4b:aa:99:c0:7b:71:8c:d9:b9:
21:4d:da:0c:93:fb:35:4e:2d:38:f4:2d:88:01:45:
a3:84:51:11:18:8d:0f:4d:72:7e:ec:a7:9b:27:18:
e3:41:12:be:03:55:90:65:86:78:b7:fb:9e:1e:94:
ea:32:92:7e:b7:5d:0a:cc:02:2e:61:c2:a2:46:98:
57:14:bc:d3:fe:26:73:49:fe:dc:67:a5:a7:bf:92:
d7:07:46:d5:8d:a4:79:95:04:a3:0e:ee:6d:d8:fb:
40:0a:e9:41:fc:72:81:1c:6d:6b:d1:2e:6e:35:df:
7d:83:16:0d:70:06:7b:da:98:9e:52:eb:eb:21:c6:
48:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:41:33:25:20:FE:FA:6E:43:6E:52:75:7F:43:70:E1:98:EB:26:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ecd857ec-bcff-41df-b23a-19087481169e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:5000::/40
Signature Algorithm: sha256WithRSAEncryption
21:b0:b5:7f:f5:ed:4c:3c:06:10:f6:bc:39:65:2f:ef:fe:2d:
9f:47:81:0f:6f:db:ba:20:e9:e3:60:89:b1:eb:8a:43:1c:70:
ac:ea:78:30:2e:f8:f5:79:89:04:37:34:a4:d3:44:e2:b5:7c:
7d:e6:8c:7e:99:55:29:d8:ea:e3:fb:f6:f2:6b:95:76:4f:95:
2c:a2:44:18:31:b7:d6:f3:60:46:37:88:09:c3:e6:bc:b0:36:
56:28:4c:34:b8:43:17:63:1e:45:a0:98:bc:6f:56:e7:63:1d:
ae:13:ac:92:3c:d5:ee:76:26:8c:a0:3e:2b:26:51:a0:26:5d:
11:a0:c8:95:ad:8f:cb:ea:ac:48:a8:0e:a1:16:f7:50:eb:c9:
d1:72:f3:27:73:55:49:38:8b:71:bf:96:98:3f:5e:60:06:6d:
7b:3c:44:9e:30:34:d4:b8:0c:e4:f4:1c:f3:24:e4:f2:a9:3d:
9e:90:fc:16:7f:5f:b5:12:e7:fc:ff:81:e3:ed:ac:d9:7c:47:
50:0b:43:db:48:03:51:c9:03:83:5c:2a:ff:18:80:99:a1:cc:
7d:61:17:7e:f8:38:a5:41:67:90:30:85:3e:4d:9a:09:a6:8a:
a2:99:db:f7:80:d8:d9:89:3b:5b:32:46:0f:26:80:1f:32:52:
bb:34:74:98
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf6ANLvpIHax2YEKXpyf6+3SUHvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQxMzJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkM2M3Y2RhZWUyNzYxOTYzNzUzMGFmN2FhYWQxOWM4MzJlZDdmYWUzYzQw
ODIxYzg1NmQ5MDdhZGFjNTNmNTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKcBahZzzkM1LI3dfs57GWjSFkWR5VjN/Ezw2+OWVU7Dn7Ut3F2SaON6/awV
mIiwA3jZc2JGNgIzY2jUceYcekkHNovNjfqaiqTAGt/jA6HQJF7uA3Pji399nOI9
YTia/3gloAE55a4cDUz+jX4brakOa7YYAHVeK6QjPFgoS6qZwHtxjNm5IU3aDJP7
NU4tOPQtiAFFo4RRERiND01yfuynmycY40ESvgNVkGWGeLf7nh6U6jKSfrddCswC
LmHCokaYVxS80/4mc0n+3Gelp7+S1wdG1Y2keZUEow7ubdj7QArpQfxygRxta9Eu
bjXffYMWDXAGe9qYnlLr6yHGSIsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQHQTMl
IP76bkNuUnV/Q3DhmOsm7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWNkODU3ZWMtYmNmZi00MWRmLWIyM2EtMTkwODc0ODExNjllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAhsLV/9e1MPAYQ9rw5ZS/v/i2fR4EPb9u6IOnj
YImx64pDHHCs6ngwLvj1eYkENzSk00TitXx95ox+mVUp2Orj+/bya5V2T5UsokQY
MbfW82BGN4gJw+a8sDZWKEw0uEMXYx5FoJi8b1bnYx2uE6ySPNXudiaMoD4rJlGg
Jl0RoMiVrY/L6qxIqA6hFvdQ68nRcvMnc1VJOItxv5aYP15gBm17PESeMDTUuAzk
9BzzJOTyqT2ekPwWf1+1Euf8/4Hj7azZfEdQC0PbSANRyQODXCr/GICZocx9YRd+
+DilQWeQMIU+TZoJpoqimdv3gNjZiTtbMkYPJoAfMlK7NHSY
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:29 2025 by rpki-client