Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
File: f97778b4-85b1-4580-ac38-a4872d19261b.roa (raw, json)
Hash identifier: Y57ziBHudYV6AutKcUzLhCZS9LO3Qsi3YRJFrc2mb04=
Subject key identifier: 4C:56:9B:0F:18:96:17:F4:04:CB:EB:FB:44:2F:4E:DA:96:84:2E:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 760C591A5D55A7ECF348E879E7830E37B84161FB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
Signing time: Mon 01 Sep 2025 20:50:19 +0000
ROA not before: Mon 01 Sep 2025 20:50:19 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:0c:59:1a:5d:55:a7:ec:f3:48:e8:79:e7:83:0e:37:b8:41:61:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:50:19 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=7911df274a4a5784879415a4f34f2d76a70c6a8b72d8b7cf715997ba59c2c096, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:54:da:af:6a:0c:74:34:b7:0d:06:c8:7b:bd:
85:57:1d:36:78:49:94:17:51:e1:5b:72:05:b3:ea:
84:55:98:a1:2c:57:19:3d:28:6e:32:8f:ea:d7:eb:
d8:3b:ec:81:fa:75:ff:e3:77:92:d4:3c:93:7c:9c:
58:a3:d6:ab:d1:32:80:3c:a3:44:fc:40:09:b0:df:
8a:ce:9f:48:af:e5:cd:16:b0:62:0b:1b:10:e6:ef:
d9:e6:ff:41:b9:40:39:e0:01:82:1d:0c:84:4f:22:
88:6f:09:e8:63:4b:76:aa:68:42:18:ac:b0:ab:80:
a7:88:9a:55:be:ba:20:6e:12:58:b9:eb:5b:ee:50:
5a:5f:4b:7e:eb:37:c6:d4:d3:b8:bf:e3:49:fd:23:
4e:2c:01:e6:e8:1a:78:c0:88:01:dc:9b:87:be:27:
35:2c:77:84:c7:e9:1a:11:f5:b4:19:4d:93:15:b3:
f8:18:59:01:92:fd:c7:cf:7b:23:8c:c1:b1:d3:28:
73:f4:19:cc:a0:c7:49:9f:c1:cc:8a:74:2c:4e:a1:
14:10:37:85:04:50:22:25:b4:17:8f:ef:9c:c4:4b:
3f:35:97:50:78:f1:e2:32:eb:9b:0a:7a:0e:a4:1f:
69:75:23:b3:cf:85:70:98:06:1b:d5:7f:a8:30:eb:
69:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:56:9B:0F:18:96:17:F4:04:CB:EB:FB:44:2F:4E:DA:96:84:2E:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f97778b4-85b1-4580-ac38-a4872d19261b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:5000::/40
Signature Algorithm: sha256WithRSAEncryption
21:9a:54:61:e3:33:5f:73:17:05:81:7d:4d:7f:54:de:27:b9:
2d:20:fe:3d:61:d4:a4:a8:dd:07:da:f5:c9:c1:de:37:34:d7:
e3:05:d8:5b:eb:6d:1a:93:5b:36:5c:f2:27:0d:9b:12:16:67:
c8:77:77:b4:2a:8b:da:ec:5d:ae:37:f1:f2:70:37:08:ed:be:
19:ac:55:4f:ed:41:79:2d:72:a6:a1:a8:b7:b6:10:b7:fe:23:
f3:8d:8d:96:eb:cf:a1:ef:9f:77:a6:ba:56:e3:22:24:12:3c:
06:ff:27:d9:4d:ca:5d:03:63:ee:36:05:85:00:a1:e6:07:be:
a8:7a:90:63:15:1b:cc:e9:e5:99:9d:5e:8a:6a:3d:d9:4a:d3:
9e:49:fa:fe:06:84:87:f0:47:6b:5e:dd:1a:99:50:2a:fd:63:
0f:c0:d1:9c:a7:6c:a1:6c:f3:46:4d:97:28:d1:00:d0:10:a8:
a0:c2:66:a5:ac:57:94:67:3b:e2:df:f5:64:74:aa:2b:45:94:
7a:e3:ad:7e:f3:a8:85:6e:d2:9d:f0:b6:38:48:26:c0:d5:5c:
8f:b7:75:57:1a:b8:d9:7e:f0:6d:f7:c0:20:26:b0:16:9a:56:
d5:81:1e:46:bc:16:6c:7b:7b:ea:bd:95:2e:b3:19:e9:0f:10:
ad:ab:ab:40
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdgxZGl1Vp+zzSOh554MON7hBYfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUwMTlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5MTFkZjI3NGE0YTU3ODQ4Nzk0MTVhNGYzNGYyZDc2YTcwYzZhOGI3MmQ4
YjdjZjcxNTk5N2JhNTljMmMwOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZU2q9qDHQ0tw0GyHu9hVcdNnhJlBdR4VtyBbPqhFWYoSxXGT0objKP6tfr
2Dvsgfp1/+N3ktQ8k3ycWKPWq9EygDyjRPxACbDfis6fSK/lzRawYgsbEObv2eb/
QblAOeABgh0MhE8iiG8J6GNLdqpoQhissKuAp4iaVb66IG4SWLnrW+5QWl9Lfus3
xtTTuL/jSf0jTiwB5ugaeMCIAdybh74nNSx3hMfpGhH1tBlNkxWz+BhZAZL9x897
I4zBsdMoc/QZzKDHSZ/BzIp0LE6hFBA3hQRQIiW0F4/vnMRLPzWXUHjx4jLrmwp6
DqQfaXUjs8+FcJgGG9V/qDDraa8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRMVpsP
GJYX9ATL6/tEL07aloQufDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Zjk3Nzc4YjQtODViMS00NTgwLWFjMzgtYTQ4NzJkMTkyNjFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DRQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAhmlRh4zNfcxcFgX1Nf1TeJ7ktIP49YdSkqN0H
2vXJwd43NNfjBdhb620ak1s2XPInDZsSFmfId3e0Kova7F2uN/HycDcI7b4ZrFVP
7UF5LXKmoai3thC3/iPzjY2W68+h7593prpW4yIkEjwG/yfZTcpdA2PuNgWFAKHm
B76oepBjFRvM6eWZnV6Kaj3ZStOeSfr+BoSH8EdrXt0amVAq/WMPwNGcp2yhbPNG
TZco0QDQEKigwmalrFeUZzvi3/VkdKorRZR6461+86iFbtKd8LY4SCbA1VyPt3VX
GrjZfvBt98AgJrAWmlbVgR5GvBZse3vqvZUusxnpDxCtq6tA
-----END CERTIFICATE-----
Generated at Mon Sep 15 12:02:05 2025 by rpki-client