Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
File: fad76837-d6e1-4885-9781-3088c0b0c06c.roa (raw, json)
Hash identifier: /3ufASDxSdYKtj5sWknrIikrqRSC5GiikPb93tdWdUI=
Subject key identifier: 0B:C9:7A:3D:63:C2:A6:77:9D:E4:EA:10:E2:F4:DF:BB:D7:83:38:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 562041150C44B194122E5AD67FAF5C15DA72398F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
Signing time: Wed 06 Aug 2025 00:50:57 +0000
ROA not before: Wed 06 Aug 2025 00:50:57 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:20:41:15:0c:44:b1:94:12:2e:5a:d6:7f:af:5c:15:da:72:39:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:50:57 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=c00e29fae76e4ce4140ddaf8b6ed84fde582fc178f6cb43fae6b02bf43366119, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:44:f7:5f:46:ab:7d:e2:57:e2:9b:fe:16:36:
ae:35:18:e3:0e:a3:14:2e:d8:e4:97:a4:8e:0d:14:
42:24:ab:14:1f:8a:c4:d6:00:07:47:ec:72:00:40:
7c:b6:72:8c:d2:f6:6c:5c:91:9a:b3:51:44:bc:f0:
5e:aa:fd:ea:41:d0:e2:8b:f2:32:66:3a:42:81:a9:
e2:dc:f7:89:02:b5:9e:7b:73:d7:45:0d:2c:bf:aa:
d9:d6:87:41:b8:b6:b0:7b:47:91:75:d5:0b:b8:e3:
49:80:95:75:89:dc:ef:7d:71:94:7c:a1:e7:06:d1:
f8:60:29:61:5a:f4:c0:05:42:05:3e:1b:e3:c3:0e:
93:12:a2:a6:a4:e3:f6:a2:52:53:4d:38:83:49:55:
6c:96:1b:fb:54:4c:e7:7a:55:84:d0:11:3e:c9:b2:
c0:25:8c:6c:f6:37:74:9f:2d:72:71:66:77:f4:13:
0b:13:8f:cc:99:02:4b:ac:87:ae:ed:01:fa:ac:b5:
b9:f0:d8:81:b4:3b:cf:9d:22:75:4b:30:a6:44:0b:
22:20:d4:ba:69:53:36:fb:88:e9:a6:1f:b0:ed:81:
74:a9:e5:a6:6b:29:96:4c:6f:9a:0d:81:a8:5d:7a:
27:bb:c6:c4:54:fc:39:12:e0:b5:ce:e2:6b:42:73:
a4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:C9:7A:3D:63:C2:A6:77:9D:E4:EA:10:E2:F4:DF:BB:D7:83:38:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:6000::/40
Signature Algorithm: sha256WithRSAEncryption
37:f3:4d:21:53:57:7e:e8:68:05:af:2c:08:0f:a2:c3:25:f2:
12:ea:14:80:bd:af:dd:8e:5e:28:ca:4d:9b:73:e1:b3:aa:bb:
86:13:6c:18:67:3a:7b:53:7b:51:24:11:65:d8:6c:83:ab:c2:
a4:c0:57:eb:46:93:9a:54:17:24:41:86:02:9f:57:89:00:83:
c7:8c:11:35:2f:8b:14:97:f6:55:2e:80:43:4b:de:9b:33:d6:
3b:fd:e6:a9:67:22:46:81:a3:ba:58:a5:09:a3:03:e0:b4:6e:
ef:e4:1b:72:ab:49:22:34:3d:a8:c5:f5:cb:98:ea:b1:a5:3b:
a0:57:f5:33:c8:56:36:21:6e:b3:e7:9a:bc:f9:3b:71:fd:7e:
7c:26:e3:76:44:93:c5:8a:45:4b:15:49:01:62:89:85:bb:f6:
84:c0:11:03:03:73:54:f8:0c:f6:a9:9a:eb:e5:04:22:68:20:
e1:27:65:59:c4:70:cd:7e:f3:d4:61:6a:74:73:29:89:1f:b5:
9f:50:b4:5a:09:fb:94:31:fe:ae:a8:24:34:39:b5:ae:ab:eb:
77:cd:6b:8c:50:0b:38:fc:a7:39:1d:ac:d4:a2:f6:82:99:ff:
13:d2:88:54:60:5d:0e:6e:2a:85:30:cf:64:30:66:d6:9b:af:
aa:7f:76:4d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUViBBFQxEsZQSLlrWf69cFdpyOY8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUwNTdaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwMGUyOWZhZTc2ZTRjZTQxNDBkZGFmOGI2ZWQ4NGZkZTU4MmZjMTc4ZjZj
YjQzZmFlNmIwMmJmNDMzNjYxMTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO5E919Gq33iV+Kb/hY2rjUY4w6jFC7Y5Jekjg0UQiSrFB+KxNYAB0fscgBA
fLZyjNL2bFyRmrNRRLzwXqr96kHQ4ovyMmY6QoGp4tz3iQK1nntz10UNLL+q2daH
Qbi2sHtHkXXVC7jjSYCVdYnc731xlHyh5wbR+GApYVr0wAVCBT4b48MOkxKipqTj
9qJSU004g0lVbJYb+1RM53pVhNARPsmywCWMbPY3dJ8tcnFmd/QTCxOPzJkCS6yH
ru0B+qy1ufDYgbQ7z50idUswpkQLIiDUumlTNvuI6aYfsO2BdKnlpmsplkxvmg2B
qF16J7vGxFT8ORLgtc7ia0JzpEMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQLyXo9
Y8Kmd53k6hDi9N+714M4WTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmFkNzY4MzctZDZlMS00ODg1LTk3ODEtMzA4OGMwYjBjMDZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dhg
MA0GCSqGSIb3DQEBCwUAA4IBAQA3800hU1d+6GgFrywID6LDJfIS6hSAva/djl4o
yk2bc+GzqruGE2wYZzp7U3tRJBFl2GyDq8KkwFfrRpOaVBckQYYCn1eJAIPHjBE1
L4sUl/ZVLoBDS96bM9Y7/eapZyJGgaO6WKUJowPgtG7v5Btyq0kiND2oxfXLmOqx
pTugV/UzyFY2IW6z55q8+Ttx/X58JuN2RJPFikVLFUkBYomFu/aEwBEDA3NU+Az2
qZrr5QQiaCDhJ2VZxHDNfvPUYWp0cymJH7WfULRaCfuUMf6uqCQ0ObWuq+t3zWuM
UAs4/Kc5HazUovaCmf8T0ohUYF0ObiqFMM9kMGbWm6+qf3ZN
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:49:40 2025 by rpki-client