Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
File: f51bf20f-531a-411e-baff-37a38bc29ce9.roa (raw, json)
Hash identifier: zJ0eO5rc2usRFycn9oR+pj8v4hP+FpVflJw0tJDJbw4=
Subject key identifier: 69:9F:F1:AA:A8:05:8D:CF:D3:A2:50:2C:F0:0D:AB:59:B0:6A:DA:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DB4E5F04748AD87F24619984FCC552AACF87326
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
Signing time: Mon 01 Sep 2025 20:00:07 +0000
ROA not before: Mon 01 Sep 2025 20:00:07 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:b4:e5:f0:47:48:ad:87:f2:46:19:98:4f:cc:55:2a:ac:f8:73:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:00:07 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=59c322b7842bf79fd787ff11b63aeab75f74762e76c1ca532db7ffe7569762f4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bf:89:3d:06:6e:10:3a:54:48:8e:4e:89:72:
df:8b:61:6c:7e:74:26:cf:e2:f4:bb:8d:eb:a1:b7:
a9:8b:62:80:95:0e:a5:3a:3d:da:72:fc:93:52:58:
32:f8:ac:6d:3c:22:5d:dd:1a:66:e4:ad:59:e1:f2:
ff:ef:c3:7e:fe:3c:43:13:b3:4e:d9:6b:3a:e2:97:
20:73:6d:f8:9e:bb:3c:de:50:48:0a:25:46:a6:d8:
44:d0:50:ba:05:63:09:56:cb:9c:51:37:05:81:8e:
47:ad:86:5c:81:24:f6:fd:22:3c:6b:ee:13:f3:7d:
ed:d1:15:09:7d:7e:83:77:5a:7f:ae:42:2f:4e:b7:
1b:c2:3f:a0:45:ed:53:bd:bb:76:e9:4c:b6:73:a8:
1a:c0:a7:0a:26:6a:64:ea:82:9f:8c:bc:e4:97:f1:
41:73:4e:ed:06:82:ad:03:60:e8:83:e8:bd:3d:39:
68:ea:0c:b7:f5:45:f2:e4:1d:a3:d5:e5:70:0f:18:
38:9d:3c:07:fe:2f:59:4a:70:ce:c5:ac:00:83:d4:
a5:0c:d3:9d:94:bc:50:1e:b2:f3:58:13:40:76:47:
ab:87:77:37:b7:b3:72:bc:f1:30:ab:13:b4:9d:61:
20:78:93:ca:1a:51:a0:1f:6e:67:b4:df:8e:3c:6d:
f6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:9F:F1:AA:A8:05:8D:CF:D3:A2:50:2C:F0:0D:AB:59:B0:6A:DA:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f51bf20f-531a-411e-baff-37a38bc29ce9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8020::/48
Signature Algorithm: sha256WithRSAEncryption
51:dc:27:f4:aa:0c:a8:c2:92:7b:f4:e1:24:c9:d8:b9:40:3e:
fe:2f:d0:69:03:65:f3:91:6c:09:af:50:70:bc:d8:ac:70:fd:
79:ee:42:71:c3:cf:ad:61:00:a1:b2:9e:ed:4a:70:5b:5b:42:
2a:ec:ca:4b:d8:ed:10:73:95:37:ee:3f:c1:65:d5:6a:ff:d4:
ea:00:84:45:5e:ad:d3:8e:03:82:cf:1e:94:8c:ff:1a:c6:24:
61:bb:29:a0:d9:c0:33:da:e3:a7:58:ca:81:ae:2f:c0:78:f0:
3d:0f:39:19:7f:f1:3d:bc:d1:ac:e9:77:5b:82:dd:09:be:32:
b0:23:8e:f3:0f:ea:f9:4f:5a:a0:31:0c:04:e2:84:e2:0b:6a:
19:1f:89:bd:20:20:f2:ce:5c:66:34:68:84:52:20:14:a0:37:
9e:9c:5b:54:b8:a3:5b:a3:4e:96:66:ff:6e:5a:9d:a4:38:58:
f5:31:96:76:f2:8c:1a:3e:9e:36:20:ae:95:7e:c2:ca:25:e6:
3f:a1:bb:34:23:03:e1:74:da:46:51:54:1f:2b:7c:60:fd:e7:
c1:76:6d:b5:80:ea:31:fc:bc:98:69:3c:6e:d8:a0:a3:42:e6:
a7:43:c0:76:f2:21:d4:3a:5b:6e:dd:e5:8c:9d:18:8b:41:98:
2b:47:5a:02
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULbTl8EdIrYfyRhmYT8xVKqz4cyYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDAwMDdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5YzMyMmI3ODQyYmY3OWZkNzg3ZmYxMWI2M2FlYWI3NWY3NDc2MmU3NmMx
Y2E1MzJkYjdmZmU3NTY5NzYyZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALS/iT0GbhA6VEiOToly34thbH50Js/i9LuN66G3qYtigJUOpTo92nL8k1JY
MvisbTwiXd0aZuStWeHy/+/Dfv48QxOzTtlrOuKXIHNt+J67PN5QSAolRqbYRNBQ
ugVjCVbLnFE3BYGOR62GXIEk9v0iPGvuE/N97dEVCX1+g3daf65CL063G8I/oEXt
U727dulMtnOoGsCnCiZqZOqCn4y85JfxQXNO7QaCrQNg6IPovT05aOoMt/VF8uQd
o9XlcA8YOJ08B/4vWUpwzsWsAIPUpQzTnZS8UB6y81gTQHZHq4d3N7ezcrzxMKsT
tJ1hIHiTyhpRoB9uZ7Tfjjxt9lsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRpn/Gq
qAWNz9OiUCzwDatZsGrauzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjUxYmYyMGYtNTMxYS00MTFlLWJhZmYtMzdhMzhiYzI5Y2U5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
IDANBgkqhkiG9w0BAQsFAAOCAQEAUdwn9KoMqMKSe/ThJMnYuUA+/i/QaQNl85Fs
Ca9QcLzYrHD9ee5CccPPrWEAobKe7UpwW1tCKuzKS9jtEHOVN+4/wWXVav/U6gCE
RV6t044Dgs8elIz/GsYkYbspoNnAM9rjp1jKga4vwHjwPQ85GX/xPbzRrOl3W4Ld
Cb4ysCOO8w/q+U9aoDEMBOKE4gtqGR+JvSAg8s5cZjRohFIgFKA3npxbVLijW6NO
lmb/blqdpDhY9TGWdvKMGj6eNiCulX7CyiXmP6G7NCMD4XTaRlFUHyt8YP3nwXZt
tYDqMfy8mGk8btigo0Lmp0PAdvIh1Dpbbt3ljJ0Yi0GYK0daAg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:03 2025 by rpki-client