Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/63af811a-6e40-455f-b7a8-223951036a11.roa
File: 63af811a-6e40-455f-b7a8-223951036a11.roa (raw, json)
Hash identifier: fFO1MSXEH39au0VCvqr5/DIrpPlYqKd0HfzHsReqXh0=
Subject key identifier: AB:71:F6:D6:10:EC:67:9A:0B:BB:C6:6D:D6:E7:08:C9:74:F9:51:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5EC4CDB214FF8BC9A37222DD4E4975DA6ECD6294
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/63af811a-6e40-455f-b7a8-223951036a11.roa
Signing time: Tue 05 Aug 2025 19:30:19 +0000
ROA not before: Tue 05 Aug 2025 19:30:19 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:c4:cd:b2:14:ff:8b:c9:a3:72:22:dd:4e:49:75:da:6e:cd:62:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:30:19 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=a0d3656e65f04571a18eacbc592e7c2690a99de1e3283971536ccc2e1dab5e4c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8e:5e:ed:22:e0:f2:95:f0:d6:46:5c:71:09:
76:3c:e4:af:3b:a0:88:e5:a9:52:59:9a:40:74:0f:
a6:39:40:fa:0f:b0:60:d5:05:61:73:fc:34:a7:be:
44:0a:43:92:e7:6d:17:8d:3a:fc:24:2d:b2:5b:be:
3a:f8:eb:2f:89:ad:28:4e:2d:4f:26:ae:75:8a:e2:
88:dc:c0:86:f4:10:ab:08:e9:c6:f2:77:19:51:88:
24:06:59:a7:ca:8b:20:3e:9e:1c:ea:88:cc:19:6c:
80:b4:43:bf:57:4e:85:3c:07:e5:f7:91:86:f6:53:
f6:ae:80:b7:9e:3b:ae:a8:e6:69:76:ed:3f:ce:01:
7c:e1:e2:b7:97:b9:81:42:4c:ac:3e:ff:bc:cd:3d:
4b:cc:95:b1:68:bb:8c:16:be:c7:7d:4d:77:d3:e6:
c2:e2:d9:97:1f:2f:34:ea:0d:e7:3c:46:a2:ba:19:
48:48:01:16:63:1b:34:c4:e0:79:82:da:15:a8:ba:
10:01:cf:0f:2f:3e:1a:26:35:96:10:92:ae:69:b0:
1b:db:40:17:ee:fc:82:f7:31:fe:3a:2c:3b:6a:67:
c4:7c:a7:bc:e9:ae:a0:90:3c:ed:03:9a:5b:0e:cf:
3f:71:03:0f:76:16:a9:3b:30:7e:46:94:7d:fa:f0:
cb:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:71:F6:D6:10:EC:67:9A:0B:BB:C6:6D:D6:E7:08:C9:74:F9:51:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/63af811a-6e40-455f-b7a8-223951036a11.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:9000::/40
Signature Algorithm: sha256WithRSAEncryption
83:be:5d:2a:24:6d:f6:75:8b:04:09:c5:2b:3e:23:27:f5:88:
ba:ea:e5:b9:8c:bb:d1:a2:6c:6a:96:b2:6f:70:67:b7:b0:55:
e8:7c:1a:c7:7b:89:b7:b1:27:f6:72:0d:63:b0:14:07:43:2b:
e3:01:12:67:fd:ae:9c:91:04:c6:8c:76:4d:05:bb:04:c1:a1:
17:70:c1:89:ad:e6:d5:cf:ee:aa:c3:42:a2:22:f9:37:0d:c2:
ae:b6:af:7a:74:9f:91:44:c4:b3:56:29:ba:93:f2:32:09:e0:
ce:f1:2e:0f:79:53:76:79:12:ad:8a:a6:55:d3:53:5e:82:d5:
9e:15:eb:5f:4e:bf:bb:7b:cc:cc:d9:e3:54:4a:e8:37:1b:11:
aa:37:74:37:de:18:bc:51:a1:49:6b:62:78:4b:24:6a:a7:87:
f4:e2:3a:d5:4f:48:44:be:53:25:9c:c1:02:29:cf:c3:2d:04:
2a:09:b2:6e:a2:62:66:27:23:e6:26:f5:15:f0:f3:65:45:3b:
66:a0:bf:c7:16:05:35:41:dc:10:23:35:f9:63:84:6f:bf:57:
ae:c7:4d:0d:78:5a:d2:ef:ec:76:e2:b8:58:7f:d1:fd:cc:94:
d0:29:e5:f1:2d:31:03:f3:f0:00:f6:5c:88:cb:a4:5d:41:b2:
50:3b:c1:69
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXsTNshT/i8mjciLdTkl12m7NYpQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMwMTlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwZDM2NTZlNjVmMDQ1NzFhMThlYWNiYzU5MmU3YzI2OTBhOTlkZTFlMzI4
Mzk3MTUzNmNjYzJlMWRhYjVlNGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJqOXu0i4PKV8NZGXHEJdjzkrzugiOWpUlmaQHQPpjlA+g+wYNUFYXP8NKe+
RApDkudtF406/CQtslu+OvjrL4mtKE4tTyaudYriiNzAhvQQqwjpxvJ3GVGIJAZZ
p8qLID6eHOqIzBlsgLRDv1dOhTwH5feRhvZT9q6At547rqjmaXbtP84BfOHit5e5
gUJMrD7/vM09S8yVsWi7jBa+x31Nd9PmwuLZlx8vNOoN5zxGoroZSEgBFmMbNMTg
eYLaFai6EAHPDy8+GiY1lhCSrmmwG9tAF+78gvcx/josO2pnxHynvOmuoJA87QOa
Ww7PP3EDD3YWqTswfkaUffrwy60CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSrcfbW
EOxnmgu7xm3W5wjJdPlRdTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjNhZjgxMWEtNmU0MC00NTVmLWI3YTgtMjIzOTUxMDM2YTExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCDvl0qJG32dYsECcUrPiMn9Yi66uW5jLvRomxq
lrJvcGe3sFXofBrHe4m3sSf2cg1jsBQHQyvjARJn/a6ckQTGjHZNBbsEwaEXcMGJ
rebVz+6qw0KiIvk3DcKutq96dJ+RRMSzVim6k/IyCeDO8S4PeVN2eRKtiqZV01Ne
gtWeFetfTr+7e8zM2eNUSug3GxGqN3Q33hi8UaFJa2J4SyRqp4f04jrVT0hEvlMl
nMECKc/DLQQqCbJuomJmJyPmJvUV8PNlRTtmoL/HFgU1QdwQIzX5Y4Rvv1eux00N
eFrS7+x24rhYf9H9zJTQKeXxLTED8/AA9lyIy6RdQbJQO8Fp
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:44:46 2025 by rpki-client