Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa
File: ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa (raw, json)
Hash identifier: Dn7emUCqzwC1lGfDnJhsHBcKhS5tre/HKT66liD5wRk=
Subject key identifier: A4:66:8D:75:75:B6:CE:10:35:86:CD:EA:21:D8:3D:25:B2:B4:DF:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 02785745EF97922E4EA32D92567783BFA2A77903
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa
Signing time: Mon 01 Sep 2025 21:00:44 +0000
ROA not before: Mon 01 Sep 2025 21:00:44 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:78:57:45:ef:97:92:2e:4e:a3:2d:92:56:77:83:bf:a2:a7:79:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:00:44 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=a0d83e83d55ec176d54f81b4100c75295f62fc26faccaffcbe8f89f1eed50ff4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:53:61:78:af:b7:48:5d:5d:59:ac:16:72:e2:
ad:74:0f:ec:85:c0:76:d9:d0:41:78:49:b0:db:9e:
b1:b8:75:b9:ff:b9:87:0f:b1:1d:3a:ea:86:a5:7f:
97:54:58:cd:7a:2a:5d:8f:70:13:39:c0:b0:40:9f:
d6:f7:40:93:6b:aa:9a:69:a0:9a:6a:aa:fc:e9:8e:
7c:1f:55:4b:cb:8e:12:22:d4:cf:56:51:55:99:4d:
22:9b:03:55:fa:67:e8:62:b4:0f:f9:ff:70:fd:49:
e1:e2:22:6a:e8:4a:ea:e3:bb:b9:57:d8:04:88:3c:
3a:98:01:ab:92:bb:73:cd:77:2f:9c:26:ec:c9:ed:
54:6b:2f:99:72:96:35:28:7f:22:a0:89:15:9c:ad:
92:1f:09:20:29:09:b7:6f:67:70:bd:4e:cd:ba:61:
d5:06:65:a3:93:f4:66:6e:55:70:c1:9b:35:f6:81:
de:d2:d9:26:be:7d:7e:96:bc:af:2c:8d:48:a8:85:
91:04:0c:43:2d:f5:5b:45:2e:0a:a7:06:e8:cb:aa:
79:e5:a8:a2:9c:a6:86:48:17:2a:52:d6:67:0f:4c:
aa:ba:49:0f:0b:e3:43:a5:41:41:bc:cc:53:9c:89:
19:14:a3:34:ba:1b:33:61:1a:86:6f:6f:75:91:c3:
23:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:66:8D:75:75:B6:CE:10:35:86:CD:EA:21:D8:3D:25:B2:B4:DF:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ffdc3da1-2ec7-411e-9550-b7c956fb46db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
a0:4f:2d:31:90:20:a8:72:93:6b:63:04:eb:87:7f:06:27:c8:
c2:c0:a8:7a:45:31:11:07:b7:1c:2d:db:50:13:e6:f3:66:3d:
7a:50:bc:9a:6f:3b:7b:00:c7:8c:a1:3c:0b:69:34:5b:14:ce:
37:8a:af:51:80:05:10:c9:ec:70:2d:0f:f9:a9:7f:23:36:35:
89:0b:19:a4:6b:3a:d4:63:7a:2d:a5:14:fe:15:69:3d:41:13:
5f:a4:f9:b1:a4:a4:7d:0e:b4:a2:b2:ec:b7:9b:94:09:5d:c3:
d4:a0:2e:1d:17:c4:4c:3a:3c:2d:46:ef:4a:b5:01:cd:0d:a2:
e6:89:22:0a:e8:ba:b2:dc:a2:e1:df:2c:58:0c:24:33:23:8c:
92:77:33:f2:09:98:e8:bf:4e:71:e4:87:b4:3a:9c:1e:90:b5:
48:09:55:1e:7c:5c:a0:e4:9e:44:a9:a1:cf:c0:f4:aa:9a:09:
2f:74:d9:80:d2:ca:98:27:02:be:4e:26:3e:13:c0:69:97:f3:
aa:06:f6:d8:c1:dc:df:1d:3e:c6:3d:8b:08:ee:00:bc:c9:45:
3c:8e:42:e2:fb:79:1b:be:92:9b:58:2f:9f:97:41:91:f4:93:
38:54:fc:e0:69:c9:01:24:ec:5f:7e:14:19:78:37:1a:9b:97:
c0:f2:2e:38
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAnhXRe+Xki5Ooy2SVneDv6KneQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAwNDRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwZDgzZTgzZDU1ZWMxNzZkNTRmODFiNDEwMGM3NTI5NWY2MmZjMjZmYWNj
YWZmY2JlOGY4OWYxZWVkNTBmZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNTYXivt0hdXVmsFnLirXQP7IXAdtnQQXhJsNuesbh1uf+5hw+xHTrqhqV/
l1RYzXoqXY9wEznAsECf1vdAk2uqmmmgmmqq/OmOfB9VS8uOEiLUz1ZRVZlNIpsD
Vfpn6GK0D/n/cP1J4eIiauhK6uO7uVfYBIg8OpgBq5K7c813L5wm7MntVGsvmXKW
NSh/IqCJFZytkh8JICkJt29ncL1Ozbph1QZlo5P0Zm5VcMGbNfaB3tLZJr59fpa8
ryyNSKiFkQQMQy31W0UuCqcG6MuqeeWoopymhkgXKlLWZw9MqrpJDwvjQ6VBQbzM
U5yJGRSjNLobM2Eahm9vdZHDI2UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSkZo11
dbbOEDWGzeoh2D0lsrTfvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmZkYzNkYTEtMmVjNy00MTFlLTk1NTAtYjdjOTU2ZmI0NmRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9A
MA0GCSqGSIb3DQEBCwUAA4IBAQCgTy0xkCCocpNrYwTrh38GJ8jCwKh6RTERB7cc
LdtQE+bzZj16ULyabzt7AMeMoTwLaTRbFM43iq9RgAUQyexwLQ/5qX8jNjWJCxmk
azrUY3otpRT+FWk9QRNfpPmxpKR9DrSisuy3m5QJXcPUoC4dF8RMOjwtRu9KtQHN
DaLmiSIK6Lqy3KLh3yxYDCQzI4ySdzPyCZjov05x5Ie0OpwekLVICVUefFyg5J5E
qaHPwPSqmgkvdNmA0sqYJwK+TiY+E8Bpl/OqBvbYwdzfHT7GPYsI7gC8yUU8jkLi
+3kbvpKbWC+fl0GR9JM4VPzgackBJOxffhQZeDcam5fA8i44
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:30 2025 by rpki-client