Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
File: 09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa (raw, json)
Hash identifier: 42dmx3lJMZkuyJc7nHZdRou0yNfA246i1MA+uo2Ass0=
Subject key identifier: 09:69:4E:10:A9:C6:FC:88:F5:71:06:2E:52:20:0A:B7:7C:D6:0C:F6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6DE216EF7D049AC3C4D3A4370F98172202D683F3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
Signing time: Tue 05 Aug 2025 19:11:17 +0000
ROA not before: Tue 05 Aug 2025 19:11:17 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:e2:16:ef:7d:04:9a:c3:c4:d3:a4:37:0f:98:17:22:02:d6:83:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:11:17 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=0dee6c37d3a3203e59a4dfa1c76b3f80dba56e1477854581cf94a115577eee87, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:67:ae:3a:0e:e0:40:50:08:11:7f:21:15:6d:
83:55:d9:e7:ad:db:a3:7f:ae:39:bf:af:e6:8a:70:
84:7b:07:5f:fd:9e:63:f2:a2:a9:9e:84:26:1a:fe:
a8:16:6d:86:a9:bf:c0:1d:16:76:3f:32:4f:04:e8:
f5:5a:49:19:e3:64:fa:e3:9d:7e:94:25:bc:f6:aa:
44:c9:ec:a1:d7:db:fa:a1:c7:e2:cd:61:54:61:f1:
c7:a5:e4:70:48:75:fb:11:d7:7e:5a:ec:3e:d3:80:
5f:69:4d:71:1d:ce:f9:85:b9:75:2d:37:f7:7e:c5:
92:cc:ee:70:0c:74:16:56:2c:31:99:eb:7e:c3:10:
bd:a7:21:45:97:9a:a7:ef:b7:ec:57:74:f2:17:a8:
76:ad:42:03:e0:3b:77:8f:33:96:2e:3e:48:80:7e:
62:8f:86:82:15:e7:d9:a0:37:e6:0a:2f:17:c2:32:
f3:51:75:8d:6d:e7:7a:9f:97:67:2f:5f:20:56:70:
01:b9:a8:ed:cc:60:0c:77:37:7a:85:e9:71:76:53:
33:bf:10:51:e8:9b:5d:e6:59:fa:dc:60:1a:d4:d1:
77:d1:f9:a7:da:e6:28:49:30:59:da:94:d5:1e:d0:
d8:29:5c:2d:72:4a:83:16:84:ea:5b:c5:d4:ae:cb:
69:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:69:4E:10:A9:C6:FC:88:F5:71:06:2E:52:20:0A:B7:7C:D6:0C:F6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8020::/48
Signature Algorithm: sha256WithRSAEncryption
9f:49:28:d2:19:e9:41:a6:91:88:89:f4:a1:f2:1d:c2:aa:4d:
0b:bf:6a:d8:34:62:43:18:01:fc:d3:ac:d9:5f:a5:0d:87:3b:
4d:77:e5:56:ef:ce:67:17:86:20:8d:1c:b5:f0:9b:b8:6d:6a:
2b:ec:0d:2c:4e:d9:97:46:a8:b0:21:84:0d:bb:09:7f:86:69:
7d:9a:f4:8f:f0:be:6f:2b:d0:fd:1e:84:6b:15:9d:4e:02:46:
d1:cd:5d:7f:46:bf:88:09:81:39:36:61:56:30:15:1a:12:66:
1d:42:23:c3:e5:f2:13:04:49:62:84:25:61:7d:aa:90:82:93:
35:f0:68:ba:b0:46:7d:59:dc:f2:ee:7b:7c:13:af:8f:95:39:
5d:0f:9b:18:d8:71:98:6c:76:ce:36:a2:e6:8e:c9:63:25:3b:
04:1c:89:69:a2:04:4c:44:d8:a1:2b:8e:d6:d9:8c:9b:dc:8a:
ba:50:08:17:5f:23:2d:6e:5b:7e:59:b8:9a:aa:cd:f1:0d:7a:
ad:dc:b6:4d:72:c1:05:9d:6a:ed:fb:4f:86:32:7a:9d:7c:0a:
6a:d8:6a:c0:da:65:a9:f8:e0:3e:81:cf:35:73:2a:b9:e0:4f:
a0:18:f1:04:2a:94:53:1e:4b:10:48:74:f5:f3:1f:84:ef:bd:
04:9e:a6:f6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbeIW730EmsPE06Q3D5gXIgLWg/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTExMTdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkZWU2YzM3ZDNhMzIwM2U1OWE0ZGZhMWM3NmIzZjgwZGJhNTZlMTQ3Nzg1
NDU4MWNmOTRhMTE1NTc3ZWVlODcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJNnrjoO4EBQCBF/IRVtg1XZ563bo3+uOb+v5opwhHsHX/2eY/KiqZ6EJhr+
qBZthqm/wB0Wdj8yTwTo9VpJGeNk+uOdfpQlvPaqRMnsodfb+qHH4s1hVGHxx6Xk
cEh1+xHXflrsPtOAX2lNcR3O+YW5dS03937FkszucAx0FlYsMZnrfsMQvachRZea
p++37Fd08heodq1CA+A7d48zli4+SIB+Yo+GghXn2aA35govF8Iy81F1jW3nep+X
Zy9fIFZwAbmo7cxgDHc3eoXpcXZTM78QUeibXeZZ+txgGtTRd9H5p9rmKEkwWdqU
1R7Q2ClcLXJKgxaE6lvF1K7LaQ8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQJaU4Q
qcb8iPVxBi5SIAq3fNYM9jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDlmNjRlZGEtMmI5Yy00Yzg5LThlYjQtN2NmYjA4YjJiYTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
IDANBgkqhkiG9w0BAQsFAAOCAQEAn0ko0hnpQaaRiIn0ofIdwqpNC79q2DRiQxgB
/NOs2V+lDYc7TXflVu/OZxeGII0ctfCbuG1qK+wNLE7Zl0aosCGEDbsJf4ZpfZr0
j/C+byvQ/R6EaxWdTgJG0c1df0a/iAmBOTZhVjAVGhJmHUIjw+XyEwRJYoQlYX2q
kIKTNfBourBGfVnc8u57fBOvj5U5XQ+bGNhxmGx2zjai5o7JYyU7BByJaaIETETY
oSuO1tmMm9yKulAIF18jLW5bflm4mqrN8Q16rdy2TXLBBZ1q7ftPhjJ6nXwKathq
wNplqfjgPoHPNXMqueBPoBjxBCqUUx5LEEh09fMfhO+9BJ6m9g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:50:04 2025 by rpki-client