Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
File: ed0f44c7-c286-45c9-9156-5644f580ab41.roa (raw, json)
Hash identifier: djPw4JiGVlPwtPRs9TSsFsX6wTj8KoeeNwYBoEZhXfM=
Subject key identifier: E2:D4:E4:2D:5D:C3:99:FF:FA:15:95:A7:50:24:7C:22:EE:91:B6:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4EA7AA958D81EF0DE23E1F7347BFAFD5472495D5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
Signing time: Mon 01 Sep 2025 20:40:13 +0000
ROA not before: Mon 01 Sep 2025 20:40:13 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:a7:aa:95:8d:81:ef:0d:e2:3e:1f:73:47:bf:af:d5:47:24:95:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:40:13 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=33f76b8fae0f4daf34422700b3e0d2155dbd9538c322218bba5aa30ba9137aed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:1c:d5:69:35:00:c3:f4:4f:e2:ac:6b:78:63:
ed:1a:c1:5c:f5:d4:27:79:00:47:59:de:0e:99:f1:
c8:88:58:e9:ca:2e:8b:23:e3:40:95:4e:e0:ce:eb:
40:5e:ce:13:1a:22:15:ca:20:f0:02:74:a5:d9:d2:
d7:d4:10:36:22:20:a4:c2:8f:bb:14:e9:0b:9e:04:
8b:7f:d4:ee:73:33:c6:ee:6e:e1:76:0b:52:ee:45:
31:ac:d5:b7:79:d3:cf:8f:2f:a5:26:ce:0e:99:d1:
33:93:86:0c:cd:16:dd:ed:e1:09:e7:e0:4e:88:c2:
ee:d3:31:9e:fa:c7:ec:9a:56:f9:54:d6:c3:35:c8:
44:c2:25:b8:72:55:70:af:0d:d6:e1:68:ef:07:40:
4e:8c:1b:41:9c:31:c0:ca:0c:0d:cf:03:00:d7:64:
a5:13:61:6e:e1:10:c2:10:03:18:30:e2:34:35:ed:
79:1c:6f:f2:ec:43:89:c2:10:27:d9:5f:81:f9:22:
c8:a9:99:d9:5f:d2:43:fd:77:2b:6f:6c:50:e9:ba:
1b:a3:91:b8:77:3d:47:98:07:fe:22:24:8c:1d:43:
b7:27:ec:4e:55:94:5d:56:98:71:25:8b:78:3f:5c:
28:93:7a:0c:d7:dd:eb:db:e4:77:2d:93:f0:63:70:
6d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D4:E4:2D:5D:C3:99:FF:FA:15:95:A7:50:24:7C:22:EE:91:B6:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed0f44c7-c286-45c9-9156-5644f580ab41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:b000::/40
Signature Algorithm: sha256WithRSAEncryption
09:9c:e5:f2:d3:87:ec:91:36:c7:72:81:f1:7d:81:e3:17:87:
f4:bd:5c:79:11:7d:4e:05:f9:31:84:22:83:4f:1f:aa:44:00:
8c:b3:85:49:14:6e:7e:52:9f:37:3d:f1:49:11:a8:de:25:c2:
69:53:9e:e7:1d:87:fa:38:6f:57:36:48:f4:ec:e0:2e:47:8c:
8b:43:cf:54:fe:9d:64:97:72:da:af:1a:ad:c7:3a:f3:1e:11:
a7:8e:b8:9e:a3:f0:c1:02:59:6a:f3:df:3b:76:ab:82:3e:38:
4a:41:4c:3c:fd:9b:76:91:32:99:d2:83:c6:73:29:fe:e0:b6:
69:7a:85:b9:3b:f5:6c:7d:8d:d6:ab:0f:da:5b:cb:0e:92:95:
43:72:44:58:d8:fb:c8:92:b7:f4:38:d3:8b:ae:e9:ea:f0:7b:
6b:c2:7b:de:a7:d1:56:d5:02:19:19:83:17:c6:06:b6:ec:78:
b6:a1:8f:ea:ed:bd:50:ea:28:be:6a:ed:00:ee:08:8c:c0:b0:
af:f8:d2:a0:9a:f4:4c:e3:f7:79:e5:e5:9d:9b:60:8a:4f:9a:
9e:59:1b:1f:b1:cc:45:4b:21:00:a0:3b:d5:2e:2b:ed:55:2a:
b2:d6:03:b5:91:8f:41:fd:ac:10:99:a9:42:87:33:c0:e6:be:
d7:75:51:a0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTqeqlY2B7w3iPh9zR7+v1UckldUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQwMTNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzZjc2YjhmYWUwZjRkYWYzNDQyMjcwMGIzZTBkMjE1NWRiZDk1MzhjMzIy
MjE4YmJhNWFhMzBiYTkxMzdhZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPIc1Wk1AMP0T+Ksa3hj7RrBXPXUJ3kAR1neDpnxyIhY6couiyPjQJVO4M7r
QF7OExoiFcog8AJ0pdnS19QQNiIgpMKPuxTpC54Ei3/U7nMzxu5u4XYLUu5FMazV
t3nTz48vpSbODpnRM5OGDM0W3e3hCefgTojC7tMxnvrH7JpW+VTWwzXIRMIluHJV
cK8N1uFo7wdATowbQZwxwMoMDc8DANdkpRNhbuEQwhADGDDiNDXteRxv8uxDicIQ
J9lfgfkiyKmZ2V/SQ/13K29sUOm6G6ORuHc9R5gH/iIkjB1DtyfsTlWUXVaYcSWL
eD9cKJN6DNfd69vkdy2T8GNwbX8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTi1OQt
XcOZ//oVladQJHwi7pG2ITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWQwZjQ0YzctYzI4Ni00NWM5LTkxNTYtNTY0NGY1ODBhYjQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fiw
MA0GCSqGSIb3DQEBCwUAA4IBAQAJnOXy04fskTbHcoHxfYHjF4f0vVx5EX1OBfkx
hCKDTx+qRACMs4VJFG5+Up83PfFJEajeJcJpU57nHYf6OG9XNkj07OAuR4yLQ89U
/p1kl3LarxqtxzrzHhGnjrieo/DBAllq8987dquCPjhKQUw8/Zt2kTKZ0oPGcyn+
4LZpeoW5O/VsfY3Wqw/aW8sOkpVDckRY2PvIkrf0ONOLrunq8Htrwnvep9FW1QIZ
GYMXxga27Hi2oY/q7b1Q6ii+au0A7giMwLCv+NKgmvRM4/d55eWdm2CKT5qeWRsf
scxFSyEAoDvVLivtVSqy1gO1kY9B/awQmalChzPA5r7XdVGg
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:09:26 2025 by rpki-client