Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
File: 9a0196e5-a789-4daf-912c-37aa6951f379.roa (raw, json)
Hash identifier: LJl3EfDoiYIMI+deaLuVvJ4X7J/a/qumM1tz8QmrOT0=
Subject key identifier: 9C:E5:CD:BC:70:1D:22:91:AA:1E:E0:90:51:18:E6:E9:75:91:7F:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7ED9DFC1311EAF21C61C31A4425880B89FF6E8D5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
Signing time: Fri 22 Aug 2025 15:10:07 +0000
ROA not before: Fri 22 Aug 2025 15:10:07 +0000
ROA not after: Fri 26 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:d9:df:c1:31:1e:af:21:c6:1c:31:a4:42:58:80:b8:9f:f6:e8:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 22 15:10:07 2025 GMT
Not After : Sep 26 23:59:59 2025 GMT
Subject: serialNumber=485972fa6ff59c0098047ca3be2bddbd75c77444eb0b23ecb8e7c6c353660326, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bb:5c:b7:b8:3b:5c:49:4b:fd:7d:ee:4f:c3:
27:db:bc:c6:5f:54:e8:f2:1d:66:2b:92:2b:5a:84:
1a:6d:27:68:dc:fe:80:c5:9b:c6:55:1a:b8:47:9b:
37:f8:a9:d4:18:3b:2c:21:c4:a3:8e:5a:f6:37:f4:
f4:8e:f4:de:1d:f2:d3:a6:f4:d2:89:21:1a:e0:15:
e2:0a:23:09:55:c7:81:b3:4b:da:bc:af:fd:15:b6:
84:eb:4c:ba:f4:a3:8a:49:83:e6:75:62:91:e2:85:
cd:ac:2a:8b:7a:60:dc:2e:b2:28:3c:07:fb:6d:29:
97:c2:8d:4d:9a:d8:07:27:fe:2f:13:aa:92:43:06:
c8:75:fa:0e:87:c5:8c:97:53:f4:e9:70:08:1c:4d:
7c:9e:a1:fe:3a:63:55:9c:82:0d:ca:a3:ba:32:85:
3f:a6:b2:3d:ee:5b:62:28:c4:5a:3e:ae:92:36:e7:
f9:5e:30:c9:99:42:fa:b0:9a:32:a5:82:42:56:c3:
ad:f6:90:d5:d2:cf:97:ed:22:07:63:0e:69:9d:35:
6b:09:6e:d4:77:e4:af:0f:5c:ae:b4:c2:f4:6b:f4:
b6:a6:08:4b:84:1a:2c:b3:51:5b:ca:46:12:71:47:
b2:f0:15:05:6a:30:a7:0e:06:08:df:c7:da:86:f6:
ba:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:E5:CD:BC:70:1D:22:91:AA:1E:E0:90:51:18:E6:E9:75:91:7F:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:a000::/40
Signature Algorithm: sha256WithRSAEncryption
65:aa:1a:01:b1:5b:49:74:69:41:4a:eb:24:5f:e9:30:0b:9c:
bc:38:31:fb:ae:37:4a:ba:04:5b:7a:61:14:1e:95:dd:66:b2:
86:ae:4b:5e:2e:d4:33:b2:8c:51:ed:eb:cb:2c:4e:2c:54:3e:
26:ed:ec:37:89:ed:ad:7c:10:51:80:a9:2f:2c:a9:08:1c:2c:
5c:e4:46:e4:80:41:62:d0:c7:df:71:96:4c:70:c2:f7:1d:34:
12:a9:ad:6c:3c:01:d5:ad:be:6c:55:10:4e:a6:76:25:1e:66:
42:7c:0c:fe:9d:d6:da:9e:9c:35:e6:3e:86:70:42:d3:68:b6:
57:bf:31:f2:8e:a3:24:a9:a0:f8:78:72:05:f9:14:48:d5:ed:
80:5c:32:54:14:d1:c1:c6:56:37:42:95:7f:d1:7d:6c:97:dc:
07:d2:95:4b:6a:59:7d:63:e4:45:e3:60:32:95:74:22:f9:7b:
5a:a1:4f:b8:3c:8c:41:7f:6b:ea:09:2e:fe:22:5c:69:3a:03:
72:a5:bd:66:39:b6:10:bf:f6:a2:81:62:e8:da:18:29:7c:0a:
59:9b:b6:a3:ff:ba:14:54:3f:4d:e6:1d:32:3c:fb:8b:b0:73:
f4:21:66:ec:53:c6:04:46:89:30:ec:ef:1e:8b:9b:19:a4:10:
59:6d:1f:de
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUftnfwTEeryHGHDGkQliAuJ/26NUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjIxNTEwMDdaFw0yNTA5MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4NTk3MmZhNmZmNTljMDA5ODA0N2NhM2JlMmJkZGJkNzVjNzc0NDRlYjBi
MjNlY2I4ZTdjNmMzNTM2NjAzMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALW7XLe4O1xJS/197k/DJ9u8xl9U6PIdZiuSK1qEGm0naNz+gMWbxlUauEeb
N/ip1Bg7LCHEo45a9jf09I703h3y06b00okhGuAV4gojCVXHgbNL2ryv/RW2hOtM
uvSjikmD5nVikeKFzawqi3pg3C6yKDwH+20pl8KNTZrYByf+LxOqkkMGyHX6DofF
jJdT9OlwCBxNfJ6h/jpjVZyCDcqjujKFP6ayPe5bYijEWj6ukjbn+V4wyZlC+rCa
MqWCQlbDrfaQ1dLPl+0iB2MOaZ01awlu1Hfkrw9crrTC9Gv0tqYIS4QaLLNRW8pG
EnFHsvAVBWowpw4GCN/H2ob2umUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSc5c28
cB0ikaoe4JBRGObpdZF/HzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWEwMTk2ZTUtYTc4OS00ZGFmLTkxMmMtMzdhYTY5NTFmMzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCg
MA0GCSqGSIb3DQEBCwUAA4IBAQBlqhoBsVtJdGlBSuskX+kwC5y8ODH7rjdKugRb
emEUHpXdZrKGrkteLtQzsoxR7evLLE4sVD4m7ew3ie2tfBBRgKkvLKkIHCxc5Ebk
gEFi0MffcZZMcML3HTQSqa1sPAHVrb5sVRBOpnYlHmZCfAz+ndbanpw15j6GcELT
aLZXvzHyjqMkqaD4eHIF+RRI1e2AXDJUFNHBxlY3QpV/0X1sl9wH0pVLall9Y+RF
42AylXQi+XtaoU+4PIxBf2vqCS7+IlxpOgNypb1mObYQv/aigWLo2hgpfApZm7aj
/7oUVD9N5h0yPPuLsHP0IWbsU8YERokw7O8ei5sZpBBZbR/e
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:10 2025 by rpki-client