Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f067aa52-ee52-4fb2-867c-8dc79786d43d.roa
File: f067aa52-ee52-4fb2-867c-8dc79786d43d.roa (raw, json)
Hash identifier: 4JwBNLJT7Ef3/PfVTJm0ghJDY3MW6B4qDOq8K1HgnCY=
Subject key identifier: CD:DB:1F:FA:01:62:33:0D:C7:42:C3:5C:95:6E:E6:72:8E:8B:62:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 480A15871084ED0B763AAA54822ED0E000B8E0CA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f067aa52-ee52-4fb2-867c-8dc79786d43d.roa
Signing time: Mon 01 Sep 2025 19:51:23 +0000
ROA not before: Mon 01 Sep 2025 19:51:23 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:0a:15:87:10:84:ed:0b:76:3a:aa:54:82:2e:d0:e0:00:b8:e0:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:51:23 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=5c8f6c96d78f650e5de508c8eb9a6559414c50d09dd009d9b3cd42483c7ae028, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ab:c5:cd:21:0c:b8:8a:4f:78:91:5e:c4:59:
25:4b:68:0d:86:16:3c:c8:14:cb:f1:d2:52:21:5f:
9d:74:63:17:06:a8:37:d7:ef:0b:1b:9e:36:eb:e0:
78:47:55:5c:cd:71:45:91:7d:14:9e:2e:fe:75:d9:
e3:e9:8b:c9:4a:73:a4:09:c7:1f:16:d9:dc:e9:bc:
38:e1:4d:ba:6c:b3:cf:68:bb:08:f0:b3:24:af:e2:
88:55:8b:d5:cd:5d:19:38:a2:8a:89:63:dd:3d:87:
4e:ba:2d:bd:d1:a1:1a:9a:17:46:d8:48:71:8f:33:
28:b0:9d:bc:7c:cb:09:84:bc:5c:31:39:ac:e5:d5:
a7:ec:dd:52:6f:d1:cb:b7:a1:f6:df:88:1d:ee:f4:
ea:65:39:16:a1:90:2c:7a:1c:f7:86:b7:d9:97:e5:
61:cf:97:98:a9:e4:4f:4b:75:87:58:3c:61:cc:12:
f6:f8:a0:19:b9:34:5c:be:63:c5:4a:38:dc:0b:2b:
d6:cb:55:57:45:a1:e0:9b:bd:bb:d1:b4:47:b8:99:
d7:0e:5d:0f:18:ed:2c:a2:93:f8:d0:68:d9:f4:94:
d3:d5:4a:28:b9:26:35:a6:b5:fe:3d:e8:bc:4b:64:
91:f3:6e:fb:59:8d:88:e8:ce:50:56:11:90:4f:07:
24:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:DB:1F:FA:01:62:33:0D:C7:42:C3:5C:95:6E:E6:72:8E:8B:62:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f067aa52-ee52-4fb2-867c-8dc79786d43d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2080::/48
Signature Algorithm: sha256WithRSAEncryption
66:91:31:fd:77:34:d4:cb:d7:e4:33:68:0a:32:6e:74:ae:68:
ea:b7:92:30:26:20:5c:99:f9:3f:df:90:03:11:9a:0d:b1:13:
6c:ff:37:9f:5b:f2:ed:d3:66:7f:67:98:0e:5b:af:45:0e:52:
ea:c9:aa:27:4f:77:ef:13:78:62:bd:28:24:6d:12:68:09:5f:
5a:de:b4:34:0a:4c:20:3a:c4:3a:6f:de:87:ad:58:21:0d:89:
8c:19:6d:ae:23:3d:81:8e:63:28:7d:98:b0:c2:d2:e3:c3:95:
76:d5:78:73:75:61:ae:c3:1e:18:7b:f5:4e:c5:a2:39:64:13:
d1:cf:55:6f:e4:a4:cd:ab:87:ca:62:54:8d:59:8e:ce:f4:74:
03:89:79:d4:8c:85:45:60:ed:67:3b:fa:65:18:cb:fe:38:01:
d6:42:a6:f0:c9:0d:4e:19:bf:c8:c0:9a:b2:16:2e:a6:35:77:
50:a7:f5:38:c3:c8:f6:dd:4e:bb:6b:08:39:9e:71:da:78:b1:
e4:8d:84:70:67:d8:e0:a5:25:47:84:6e:ae:d1:0c:65:b1:02:
cc:2e:f4:ba:af:a6:e9:c5:89:a4:ab:73:56:b6:36:66:75:f6:
2b:7f:1f:3a:d4:b0:53:3b:81:83:14:43:7f:5f:cb:40:f4:f2:
07:12:37:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSAoVhxCE7Qt2OqpUgi7Q4AC44MowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTUxMjNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjOGY2Yzk2ZDc4ZjY1MGU1ZGU1MDhjOGViOWE2NTU5NDE0YzUwZDA5ZGQw
MDlkOWIzY2Q0MjQ4M2M3YWUwMjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANmrxc0hDLiKT3iRXsRZJUtoDYYWPMgUy/HSUiFfnXRjFwaoN9fvCxueNuvg
eEdVXM1xRZF9FJ4u/nXZ4+mLyUpzpAnHHxbZ3Om8OOFNumyzz2i7CPCzJK/iiFWL
1c1dGTiiiolj3T2HTrotvdGhGpoXRthIcY8zKLCdvHzLCYS8XDE5rOXVp+zdUm/R
y7eh9t+IHe706mU5FqGQLHoc94a32ZflYc+XmKnkT0t1h1g8YcwS9vigGbk0XL5j
xUo43Asr1stVV0Wh4Ju9u9G0R7iZ1w5dDxjtLKKT+NBo2fSU09VKKLkmNaa1/j3o
vEtkkfNu+1mNiOjOUFYRkE8HJE8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTN2x/6
AWIzDcdCw1yVbuZyjotitzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjA2N2FhNTItZWU1Mi00ZmIyLTg2N2MtOGRjNzk3ODZkNDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
gDANBgkqhkiG9w0BAQsFAAOCAQEAZpEx/Xc01MvX5DNoCjJudK5o6reSMCYgXJn5
P9+QAxGaDbETbP83n1vy7dNmf2eYDluvRQ5S6smqJ0937xN4Yr0oJG0SaAlfWt60
NApMIDrEOm/eh61YIQ2JjBltriM9gY5jKH2YsMLS48OVdtV4c3VhrsMeGHv1TsWi
OWQT0c9Vb+SkzauHymJUjVmOzvR0A4l51IyFRWDtZzv6ZRjL/jgB1kKm8MkNThm/
yMCashYupjV3UKf1OMPI9t1Ou2sIOZ5x2nix5I2EcGfY4KUlR4RurtEMZbECzC70
uq+m6cWJpKtzVrY2ZnX2K38fOtSwUzuBgxRDf1/LQPTyBxI3jw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:44 2025 by rpki-client