Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/507c534d-189b-43b3-945a-dd040ee200d5.roa
File: 507c534d-189b-43b3-945a-dd040ee200d5.roa (raw, json)
Hash identifier: MJQkKF/7HTsWFYlZOPMiQ8l5lfTV+0PZPxkZnoqGwb4=
Subject key identifier: A9:01:63:5A:ED:52:4A:38:61:90:44:4E:10:90:00:B6:BB:CB:ED:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17139CF0C72FAC0EC74D5E4DA3F51A367A6BBF1A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/507c534d-189b-43b3-945a-dd040ee200d5.roa
Signing time: Tue 05 Aug 2025 19:40:06 +0000
ROA not before: Tue 05 Aug 2025 19:40:06 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:13:9c:f0:c7:2f:ac:0e:c7:4d:5e:4d:a3:f5:1a:36:7a:6b:bf:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:40:06 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=9ff4760a54ae58fe21011d0741016566eb86b84e6d06a7195983ed28853b9f37, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:19:04:bd:93:12:50:e9:73:dd:fa:12:5c:36:
8e:de:7d:bb:6b:10:5a:9b:55:5f:d0:30:bf:57:f7:
c1:ad:8e:f6:d3:9a:fd:ed:e6:87:42:8a:6e:5b:1c:
a8:57:ce:eb:66:80:f8:8d:cb:70:29:0f:ab:8e:17:
b4:fe:53:7b:a1:6f:f5:31:5c:c7:3f:d0:97:1a:c0:
eb:c0:45:ef:90:e4:d9:c9:82:9d:7c:16:31:0d:6c:
be:c1:4d:6e:c5:18:dd:37:50:7b:23:91:a8:44:12:
ba:ad:e1:20:06:47:71:81:ba:33:2c:7c:d0:49:33:
b5:d6:ba:3c:30:79:0b:cb:1c:ba:d8:ee:b1:d5:be:
f8:bf:29:5d:cb:7a:e4:49:94:5a:cc:3c:7a:8d:7e:
20:f6:cb:e6:94:3d:09:67:bb:f5:7f:cc:e7:d6:2e:
b4:5e:64:6d:15:b9:9c:98:9a:9f:a3:be:93:bf:5a:
15:3d:50:05:93:32:07:af:f5:1b:0e:9e:dd:36:f0:
75:75:96:78:c1:e9:3f:1f:15:12:cd:7b:a1:5e:9c:
7f:7a:aa:32:c2:2d:49:df:1a:cc:24:46:c5:92:81:
cf:9a:f8:f9:0a:d0:e5:b6:13:c5:df:3f:a9:37:d8:
86:89:4f:52:cf:62:bd:5c:2e:88:54:e9:ea:a6:4d:
04:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:01:63:5A:ED:52:4A:38:61:90:44:4E:10:90:00:B6:BB:CB:ED:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/507c534d-189b-43b3-945a-dd040ee200d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:9000::/40
Signature Algorithm: sha256WithRSAEncryption
42:63:23:f6:1d:b4:c6:88:46:36:58:d3:99:e3:92:7f:54:75:
5e:09:11:71:32:7b:7c:02:94:da:d8:02:ee:3a:7d:89:48:0c:
e5:f1:a9:e4:dd:89:67:65:e0:b9:79:72:d2:28:48:7c:5c:24:
f0:5b:8b:6f:fa:9c:21:6a:2f:44:26:c9:ff:00:0c:b8:39:0f:
c4:c6:57:93:9d:57:2f:86:f0:4d:1d:e9:14:e7:18:68:c1:8b:
98:1a:39:a2:2e:ba:52:d1:76:f7:ab:2d:f5:cc:cf:b0:88:eb:
7e:79:44:4f:18:f2:62:5c:b8:bd:26:8e:25:93:40:3c:3a:f5:
d1:6a:52:b1:12:10:2b:2b:3a:8f:d6:8c:b0:f4:3f:b5:90:39:
5e:b7:43:64:26:ca:c1:6f:51:69:81:67:e9:93:fe:7d:99:13:
fc:fb:c7:7d:b1:e0:5c:83:11:5c:fc:dd:53:db:3b:41:42:da:
5d:ab:fe:b8:7e:b4:e2:31:90:6d:28:88:be:78:bd:ae:df:38:
5e:6e:8b:05:61:b1:22:22:df:8c:c9:b0:79:73:9c:52:b9:04:
41:84:e7:44:90:45:dc:b2:00:4d:f7:53:af:a5:e9:21:58:cc:
f1:48:05:20:65:6d:25:07:78:92:af:a8:89:59:37:b6:fb:6f:
e9:73:26:dd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFxOc8McvrA7HTV5No/UaNnprvxowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQwMDZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmZjQ3NjBhNTRhZTU4ZmUyMTAxMWQwNzQxMDE2NTY2ZWI4NmI4NGU2ZDA2
YTcxOTU5ODNlZDI4ODUzYjlmMzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIZBL2TElDpc936Elw2jt59u2sQWptVX9Awv1f3wa2O9tOa/e3mh0KKblsc
qFfO62aA+I3LcCkPq44XtP5Te6Fv9TFcxz/QlxrA68BF75Dk2cmCnXwWMQ1svsFN
bsUY3TdQeyORqEQSuq3hIAZHcYG6Myx80Ekztda6PDB5C8scutjusdW++L8pXct6
5EmUWsw8eo1+IPbL5pQ9CWe79X/M59YutF5kbRW5nJian6O+k79aFT1QBZMyB6/1
Gw6e3TbwdXWWeMHpPx8VEs17oV6cf3qqMsItSd8azCRGxZKBz5r4+QrQ5bYTxd8/
qTfYholPUs9ivVwuiFTp6qZNBCMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSpAWNa
7VJKOGGQRE4QkAC2u8vtBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTA3YzUzNGQtMTg5Yi00M2IzLTk0NWEtZGQwNDBlZTIwMGQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DqQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBCYyP2HbTGiEY2WNOZ45J/VHVeCRFxMnt8ApTa
2ALuOn2JSAzl8ank3YlnZeC5eXLSKEh8XCTwW4tv+pwhai9EJsn/AAy4OQ/ExleT
nVcvhvBNHekU5xhowYuYGjmiLrpS0Xb3qy31zM+wiOt+eURPGPJiXLi9Jo4lk0A8
OvXRalKxEhArKzqP1oyw9D+1kDlet0NkJsrBb1FpgWfpk/59mRP8+8d9seBcgxFc
/N1T2ztBQtpdq/64frTiMZBtKIi+eL2u3zhebosFYbEiIt+MybB5c5xSuQRBhOdE
kEXcsgBN91OvpekhWMzxSAUgZW0lB3iSr6iJWTe2+2/pcybd
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:54:07 2025 by rpki-client