Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
File: 0e68fbde-eead-4e29-b902-4eed053693ac.roa (raw, json)
Hash identifier: x2R2VL6zAB9hvnYUqd4y9ZXugy8ygF0U/mFNE56QpzI=
Subject key identifier: 37:4A:20:94:41:E3:78:32:87:C6:7C:20:D4:A7:9E:44:7A:41:EF:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5309D40F256031935E2B505ED2BE3229E8E0105A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
Signing time: Tue 05 Aug 2025 20:10:54 +0000
ROA not before: Tue 05 Aug 2025 20:10:54 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:09:d4:0f:25:60:31:93:5e:2b:50:5e:d2:be:32:29:e8:e0:10:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:10:54 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=9103d87f83cf4f86595c47876b571367ebb474e1adaa9a311f00b660437427d3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:92:c5:d7:21:f9:c8:10:21:01:3c:2d:0a:a9:
9d:d9:f1:75:cc:bc:f4:03:3c:e9:5b:b2:91:8d:81:
9c:bc:55:33:8f:e7:1a:7a:5f:0f:e1:46:0a:11:e9:
08:ad:c0:8c:73:9c:93:76:47:0b:2d:4e:31:54:f7:
0b:90:0d:9f:e1:39:51:5a:4a:62:55:bd:ed:1a:67:
fc:e8:a6:6e:89:61:67:15:77:51:ea:69:b0:9f:17:
4e:eb:b9:b1:e1:f6:e4:ca:35:14:48:f2:f2:35:fd:
ce:fb:da:32:93:c3:7b:07:d9:b6:b4:db:83:af:fa:
a9:44:26:11:81:f6:32:7d:14:5c:c9:a6:f1:3f:ca:
ef:0c:1b:cd:b1:71:d1:0d:0f:d5:06:d8:42:cf:6b:
b2:e4:e8:24:9c:fc:b0:c8:9c:2f:b6:c9:88:79:b0:
d8:67:95:1c:0d:a9:d9:64:54:08:61:e6:b9:85:15:
22:00:4f:f6:5c:10:41:66:76:66:76:bc:b2:fa:aa:
32:58:c4:87:0b:0d:8f:5b:35:ed:5b:39:0e:ba:a0:
b9:ee:62:24:6e:c1:fc:4e:95:18:84:16:9c:14:9e:
df:46:7b:b6:b2:89:46:ac:7b:63:a6:bb:a7:22:89:
8a:8c:7e:2f:07:5c:51:c2:f1:30:d3:c1:ba:16:0e:
50:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:4A:20:94:41:E3:78:32:87:C6:7C:20:D4:A7:9E:44:7A:41:EF:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b::/36
Signature Algorithm: sha256WithRSAEncryption
59:05:33:33:cf:ec:64:1e:d7:21:ab:31:a2:29:88:fb:37:8d:
60:10:e3:40:19:41:2d:6f:60:4f:18:5f:87:26:c3:03:cc:6f:
1a:f3:99:aa:41:ba:e0:3c:e0:2f:5d:a6:0d:0d:cc:b4:bf:3d:
a6:13:64:4a:36:16:98:f0:4c:5a:02:e1:e3:df:a7:a0:5e:9c:
b9:6e:db:87:dc:a0:d7:bc:48:47:93:88:48:7e:29:24:fb:5c:
13:79:a8:70:b2:fa:c3:10:75:44:5b:53:52:fa:fa:63:5f:66:
6b:6f:f1:85:ba:96:4d:34:ea:48:9e:f9:e1:af:d3:bf:5e:b8:
35:01:92:94:fc:f4:ec:9b:1b:0b:0a:be:dc:aa:a5:25:b3:f8:
08:dc:bf:98:78:8d:e9:d4:04:5d:66:cb:f7:6a:de:d2:af:4a:
86:fc:82:a5:f8:3c:ab:45:8f:fc:56:f1:c4:41:76:17:4f:62:
60:f0:17:b2:31:36:28:4d:73:e8:47:84:19:1b:d9:80:46:0e:
47:77:8c:dd:1c:59:67:74:91:9f:70:37:bd:88:9c:8f:15:78:
b8:c7:91:f9:6e:13:aa:f5:22:f6:24:7c:53:d9:62:20:02:6e:
98:a3:7f:82:d7:51:2c:a0:0d:90:e1:6b:f9:58:35:55:f0:47:
c1:47:13:8c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUwnUDyVgMZNeK1Be0r4yKejgEFowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDEwNTRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxMDNkODdmODNjZjRmODY1OTVjNDc4NzZiNTcxMzY3ZWJiNDc0ZTFhZGFh
OWEzMTFmMDBiNjYwNDM3NDI3ZDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmSxdch+cgQIQE8LQqpndnxdcy89AM86VuykY2BnLxVM4/nGnpfD+FGChHp
CK3AjHOck3ZHCy1OMVT3C5ANn+E5UVpKYlW97Rpn/OimbolhZxV3UeppsJ8XTuu5
seH25Mo1FEjy8jX9zvvaMpPDewfZtrTbg6/6qUQmEYH2Mn0UXMmm8T/K7wwbzbFx
0Q0P1QbYQs9rsuToJJz8sMicL7bJiHmw2GeVHA2p2WRUCGHmuYUVIgBP9lwQQWZ2
Zna8svqqMljEhwsNj1s17Vs5Drqgue5iJG7B/E6VGIQWnBSe30Z7trKJRqx7Y6a7
pyKJiox+LwdcUcLxMNPBuhYOUCcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3SiCU
QeN4MofGfCDUp55EekHv0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGU2OGZiZGUtZWVhZC00ZTI5LWI5MDItNGVlZDA1MzY5M2FjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BsA
MA0GCSqGSIb3DQEBCwUAA4IBAQBZBTMzz+xkHtchqzGiKYj7N41gEONAGUEtb2BP
GF+HJsMDzG8a85mqQbrgPOAvXaYNDcy0vz2mE2RKNhaY8ExaAuHj36egXpy5btuH
3KDXvEhHk4hIfikk+1wTeahwsvrDEHVEW1NS+vpjX2Zrb/GFupZNNOpInvnhr9O/
Xrg1AZKU/PTsmxsLCr7cqqUls/gI3L+YeI3p1ARdZsv3at7Sr0qG/IKl+DyrRY/8
VvHEQXYXT2Jg8BeyMTYoTXPoR4QZG9mARg5Hd4zdHFlndJGfcDe9iJyPFXi4x5H5
bhOq9SL2JHxT2WIgAm6Yo3+C11EsoA2Q4Wv5WDVV8EfBRxOM
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:59:48 2025 by rpki-client