Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
File: f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa (raw, json)
Hash identifier: GRkwQnODroscS5JMEsXFzGKL/8+gFv4D8fZZoskYUso=
Subject key identifier: 4E:EE:B8:68:BC:40:2A:86:39:4B:63:9D:4C:33:02:08:63:AD:4E:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A0FED3A76121D9BAC985478D93F8BF6E18A0249
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
Signing time: Mon 01 Sep 2025 21:11:08 +0000
ROA not before: Mon 01 Sep 2025 21:11:08 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:0f:ed:3a:76:12:1d:9b:ac:98:54:78:d9:3f:8b:f6:e1:8a:02:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:11:08 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=693adcfdbb2ce92abe0549d3749715b387c65283f3d59f704a0f39037c5aec02, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8c:da:64:ce:56:e9:0e:71:87:ce:ef:c9:b0:
37:a9:62:3d:16:71:5b:4b:45:98:0c:5b:2f:67:a2:
eb:08:1c:b6:8e:cc:2e:64:fd:be:1d:ca:c1:4d:31:
a8:7f:4a:3e:20:57:de:91:e6:3b:fd:cf:8a:97:55:
32:2e:2f:d2:8d:2b:f3:da:2c:e6:2a:bb:c7:64:e2:
e3:f3:b5:eb:24:1a:7e:aa:d0:62:b6:a9:90:43:7d:
eb:4b:6d:3d:cd:ca:3d:38:d6:19:ee:d1:2d:05:8f:
ad:b3:f7:fc:e6:30:b7:fb:cf:66:5b:f1:04:0d:53:
e3:57:70:62:e7:6d:3b:78:52:7d:27:75:d6:2f:4e:
29:f1:f2:38:5b:d3:0b:bf:32:8a:20:c3:d3:6c:d0:
80:54:69:08:5e:af:7e:20:e5:bd:3c:e8:2e:4b:15:
a1:33:2e:67:da:52:a7:ae:b3:93:e4:46:b9:1d:e4:
c2:fa:a5:c5:68:7b:da:e2:4c:ca:db:2a:aa:33:0b:
ae:0a:6f:53:72:a7:76:19:1e:3e:55:1d:f8:a6:88:
99:c5:f6:9e:6d:98:1e:18:21:98:7b:01:e3:93:4e:
97:24:e5:36:4b:28:7e:ff:dd:76:13:ec:cc:fe:ce:
d3:83:d0:9d:f8:fe:07:8f:70:68:73:d7:99:12:61:
7e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:EE:B8:68:BC:40:2A:86:39:4B:63:9D:4C:33:02:08:63:AD:4E:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019::/36
Signature Algorithm: sha256WithRSAEncryption
b2:c4:db:a7:42:a2:fb:0c:83:af:03:bc:90:01:69:fc:4c:a2:
60:f6:53:07:40:b3:93:92:bf:b9:8a:71:04:d2:73:33:ae:0c:
7c:5b:2a:fa:d5:5b:e3:d7:8a:71:9a:3b:63:1d:33:6a:37:0d:
56:7d:8c:3a:cf:b7:ae:06:70:e4:2f:59:f5:26:b8:2d:d3:db:
bf:ac:e9:1d:86:e0:9d:e5:09:4b:f7:76:7e:7c:42:4a:22:9c:
c5:c2:1c:f6:90:bf:c0:57:54:e7:b8:8f:ab:5b:3f:44:c4:2a:
97:ee:b8:08:06:03:0b:d8:b9:39:13:5b:2a:5e:b6:1d:de:98:
46:2b:5f:23:72:ba:c5:7b:19:bf:3c:ee:e4:2c:ff:98:87:87:
f4:ee:61:c8:ce:19:6c:91:ff:dc:e5:5b:c2:26:47:90:49:a0:
af:a5:d5:b9:2c:71:e5:05:c9:74:83:16:e1:2e:08:33:32:19:
6f:36:64:82:16:cb:ac:78:61:40:14:ed:f4:6c:0e:dc:24:17:
64:b6:8d:0e:55:fc:98:be:cd:9f:bc:c7:71:54:67:5c:6a:e7:
98:a0:37:0c:3e:45:cb:45:af:9d:78:7a:93:3d:2e:1e:e2:cd:
76:95:20:08:2f:2d:93:4c:b3:8f:bb:a2:77:58:ae:34:30:c5:
e6:5d:ff:cd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCg/tOnYSHZusmFR42T+L9uGKAkkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTExMDhaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5M2FkY2ZkYmIyY2U5MmFiZTA1NDlkMzc0OTcxNWIzODdjNjUyODNmM2Q1
OWY3MDRhMGYzOTAzN2M1YWVjMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiM2mTOVukOcYfO78mwN6liPRZxW0tFmAxbL2ei6wgcto7MLmT9vh3KwU0x
qH9KPiBX3pHmO/3PipdVMi4v0o0r89os5iq7x2Ti4/O16yQafqrQYrapkEN960tt
Pc3KPTjWGe7RLQWPrbP3/OYwt/vPZlvxBA1T41dwYudtO3hSfSd11i9OKfHyOFvT
C78yiiDD02zQgFRpCF6vfiDlvTzoLksVoTMuZ9pSp66zk+RGuR3kwvqlxWh72uJM
ytsqqjMLrgpvU3KndhkePlUd+KaImcX2nm2YHhghmHsB45NOlyTlNksofv/ddhPs
zP7O04PQnfj+B49waHPXmRJhfosCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRO7rho
vEAqhjlLY51MMwIIY61OWTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdmY2NjMmEtYWE4YS00Y2JjLTg5ZDctZDZhOGNhMTIxYmEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BkA
MA0GCSqGSIb3DQEBCwUAA4IBAQCyxNunQqL7DIOvA7yQAWn8TKJg9lMHQLOTkr+5
inEE0nMzrgx8Wyr61Vvj14pxmjtjHTNqNw1WfYw6z7euBnDkL1n1Jrgt09u/rOkd
huCd5QlL93Z+fEJKIpzFwhz2kL/AV1TnuI+rWz9ExCqX7rgIBgML2Lk5E1sqXrYd
3phGK18jcrrFexm/PO7kLP+Yh4f07mHIzhlskf/c5VvCJkeQSaCvpdW5LHHlBcl0
gxbhLggzMhlvNmSCFsuseGFAFO30bA7cJBdkto0OVfyYvs2fvMdxVGdcaueYoDcM
PkXLRa+deHqTPS4e4s12lSAILy2TTLOPu6J3WK40MMXmXf/N
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:17 2025 by rpki-client