Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
File: 94b69c02-a117-42df-89a0-b463fa809f2d.roa (raw, json)
Hash identifier: 0J/72kxYEgXuNNtrN7FwVqXGD5Imh3rGhpWo/7mH3dg=
Subject key identifier: 90:58:7C:FC:81:15:DD:66:6D:EB:CA:AB:45:EC:A2:2D:60:0E:45:05
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 75EA5739E526A650EA7FB55DEC507D39846A1BD5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
Signing time: Tue 05 Aug 2025 19:50:07 +0000
ROA not before: Tue 05 Aug 2025 19:50:07 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:ea:57:39:e5:26:a6:50:ea:7f:b5:5d:ec:50:7d:39:84:6a:1b:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:50:07 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=049bba0e3de1989f3435cc203a1b489cde32353ebda1dcca6c5724b6f6d2ee1b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:14:ee:31:75:ea:32:59:11:04:cc:aa:4b:4e:
3b:5b:2b:b4:f8:f1:1c:46:88:1f:50:50:55:9b:5b:
40:68:07:0d:ad:0c:27:9a:e1:97:35:7c:c0:57:73:
16:c1:1e:70:32:4c:18:d7:1b:50:95:1e:cc:d8:6f:
e0:52:35:4f:8c:ea:d8:78:d1:cf:42:6e:58:93:80:
85:40:ea:93:6a:95:2f:4a:29:73:ae:04:d9:1a:4d:
16:79:a7:29:cd:7a:c6:13:ee:e3:f8:71:86:00:ef:
cd:7b:5a:13:6f:19:0d:00:9f:e3:03:ff:d5:02:c5:
77:a6:7e:ea:15:b6:37:f5:14:81:8f:c1:80:3d:60:
c7:cf:a0:a8:43:f5:9e:0a:a9:d7:6f:ed:d9:d5:77:
01:1f:3c:bf:a1:3a:a7:ad:7d:78:66:0a:cd:6a:58:
3c:e9:6e:bb:28:76:d7:53:a1:a7:b2:a3:d3:05:92:
2f:0d:d8:57:0e:85:54:83:f7:9d:8a:e4:b9:ea:8e:
f7:38:ff:1f:f2:0b:1e:ce:46:52:c2:db:53:78:47:
35:b6:09:55:cd:88:30:78:f6:77:7c:47:a4:14:63:
1a:07:09:2e:59:45:29:05:b5:f4:85:93:2b:47:12:
05:30:50:ad:35:91:3e:7f:55:3d:9a:f3:bf:a2:5d:
d2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:58:7C:FC:81:15:DD:66:6D:EB:CA:AB:45:EC:A2:2D:60:0E:45:05
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:2000::/40
Signature Algorithm: sha256WithRSAEncryption
a2:30:ac:bc:75:43:8e:2f:09:3c:86:c6:25:cd:30:b0:fb:f5:
be:fb:bf:3c:e3:e7:cd:a9:f2:2b:88:09:48:ab:83:7a:2a:fb:
c3:3b:01:77:ac:9f:81:a7:f9:42:c5:7f:99:48:63:00:35:76:
ef:6e:e4:77:a3:9a:0a:1e:c2:86:9b:2b:6e:af:16:56:05:44:
88:da:e5:17:ec:47:96:4a:38:c7:af:5e:5d:c1:a1:b8:b2:24:
ac:7e:2b:54:c0:23:e2:21:7d:0e:17:df:f3:ce:fa:18:df:c9:
20:4a:90:f1:f8:a4:10:ea:77:3c:16:e3:f1:9b:06:9a:02:2a:
a5:1b:d6:a9:32:5f:37:ba:3c:88:a6:6e:69:6b:1d:60:f1:23:
4e:72:79:76:68:09:c2:a5:5d:8c:38:b6:3b:2e:e4:02:48:ff:
97:89:2a:1d:99:a5:01:ea:96:f0:7a:5d:a5:a1:fc:cf:b5:0e:
1d:63:3e:e8:3c:b9:2c:3c:bc:cf:c7:f7:63:cb:95:11:cd:e7:
0e:41:0e:b6:92:db:38:8b:b2:8e:0c:c9:ee:13:8c:b9:77:8c:
6f:c7:eb:c1:a4:f6:d5:c1:5b:a3:95:9d:eb:15:f5:f0:a2:08:
6a:45:5e:d9:d8:80:eb:cb:ac:92:a0:4e:41:0a:ae:ea:4e:40:
db:7e:19:4c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdepXOeUmplDqf7Vd7FB9OYRqG9UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUwMDdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0OWJiYTBlM2RlMTk4OWYzNDM1Y2MyMDNhMWI0ODljZGUzMjM1M2ViZGEx
ZGNjYTZjNTcyNGI2ZjZkMmVlMWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJcU7jF16jJZEQTMqktOO1srtPjxHEaIH1BQVZtbQGgHDa0MJ5rhlzV8wFdz
FsEecDJMGNcbUJUezNhv4FI1T4zq2HjRz0JuWJOAhUDqk2qVL0opc64E2RpNFnmn
Kc16xhPu4/hxhgDvzXtaE28ZDQCf4wP/1QLFd6Z+6hW2N/UUgY/BgD1gx8+gqEP1
ngqp12/t2dV3AR88v6E6p619eGYKzWpYPOluuyh211Ohp7Kj0wWSLw3YVw6FVIP3
nYrkueqO9zj/H/ILHs5GUsLbU3hHNbYJVc2IMHj2d3xHpBRjGgcJLllFKQW19IWT
K0cSBTBQrTWRPn9VPZrzv6Jd0m8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSQWHz8
gRXdZm3ryqtF7KItYA5FBTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRiNjljMDItYTExNy00MmRmLTg5YTAtYjQ2M2ZhODA5ZjJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYg
MA0GCSqGSIb3DQEBCwUAA4IBAQCiMKy8dUOOLwk8hsYlzTCw+/W++7884+fNqfIr
iAlIq4N6KvvDOwF3rJ+Bp/lCxX+ZSGMANXbvbuR3o5oKHsKGmyturxZWBUSI2uUX
7EeWSjjHr15dwaG4siSsfitUwCPiIX0OF9/zzvoY38kgSpDx+KQQ6nc8FuPxmwaa
AiqlG9apMl83ujyIpm5pax1g8SNOcnl2aAnCpV2MOLY7LuQCSP+XiSodmaUB6pbw
el2lofzPtQ4dYz7oPLksPLzPx/djy5URzecOQQ62kts4i7KODMnuE4y5d4xvx+vB
pPbVwVujlZ3rFfXwoghqRV7Z2IDry6ySoE5BCq7qTkDbfhlM
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:55 2025 by rpki-client