Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/007aa6ae-ee04-4168-a465-d2d3db70f19f.roa
File: 007aa6ae-ee04-4168-a465-d2d3db70f19f.roa (raw, json)
Hash identifier: TZ5xWH5o8qpVcDi1aLdJw6VlG6vFOByAv5HDFvMRyLA=
Subject key identifier: 91:9B:6A:D4:A2:6D:82:76:90:53:A0:B1:97:9E:D0:68:F6:70:70:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0FFFC119D60BBA41BF36C9605B16D15FAC06A431
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/007aa6ae-ee04-4168-a465-d2d3db70f19f.roa
Signing time: Fri 11 Jul 2025 18:40:06 +0000
ROA not before: Fri 11 Jul 2025 18:40:06 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:ff:c1:19:d6:0b:ba:41:bf:36:c9:60:5b:16:d1:5f:ac:06:a4:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 18:40:06 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=69e3b70d41fbd78a34b2f354b4edf25ec860acf14493178bfc24cbb313878099, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:53:ab:f4:69:8b:59:66:29:ec:7e:fa:77:ee:
34:71:92:f7:27:55:fc:04:e3:47:f5:88:14:a2:71:
ba:ce:b1:dc:e8:47:d9:e8:c5:27:26:d9:80:8d:2d:
ce:3b:1e:79:17:94:c9:91:b6:b1:84:6f:78:62:da:
d6:1c:77:09:1e:9d:0f:3f:b8:8b:57:1c:27:50:03:
b1:e9:97:02:39:c0:30:09:e1:8a:cc:ab:21:f0:2f:
80:0a:2e:01:e4:76:6f:29:e1:92:b6:1f:e4:f1:7f:
7d:6b:75:4d:63:31:3c:a7:3d:fc:0c:a8:98:d7:c8:
d7:b8:6a:0f:05:9c:7b:62:03:87:71:18:6a:2f:15:
66:24:47:28:27:d6:71:b8:18:77:8f:72:74:db:e1:
3a:8e:08:62:7c:31:54:32:34:dc:1a:82:5a:15:84:
8d:79:d6:8b:6b:18:36:16:17:8e:26:66:20:a6:d3:
ea:31:db:97:75:71:11:87:62:0e:c2:d4:27:ac:89:
e0:bc:f3:11:f6:f5:f7:1a:57:ca:4e:2a:e6:17:df:
f7:fc:1a:6e:ee:ab:ce:e3:d9:b0:b2:f6:7c:fe:78:
74:ab:dd:99:b7:aa:42:77:fd:e4:e8:51:c4:6e:66:
99:3b:09:ba:1b:1d:e3:39:77:55:15:28:20:41:0d:
72:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:9B:6A:D4:A2:6D:82:76:90:53:A0:B1:97:9E:D0:68:F6:70:70:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/007aa6ae-ee04-4168-a465-d2d3db70f19f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:1040::/48
Signature Algorithm: sha256WithRSAEncryption
c4:c7:c5:af:74:f6:27:1b:85:b0:5e:91:35:75:7d:b8:3f:76:
b2:ed:45:e8:41:6f:9c:6f:a3:fc:17:26:33:e8:99:9a:bd:ba:
8f:6d:79:65:cb:76:f3:e4:a8:27:c6:c6:5e:1d:9f:d3:b5:88:
c2:ea:f6:aa:79:13:75:6e:a2:56:e3:16:5f:32:33:ad:ca:cf:
5c:40:c7:65:4a:a6:b4:0e:d5:f3:a0:66:81:72:1e:15:24:42:
5b:30:fc:91:ac:df:d1:8d:37:dc:67:b9:d9:72:52:3a:46:ba:
85:43:ee:16:b7:2e:ba:66:1c:50:5b:db:3d:20:92:ff:9d:a9:
e1:8f:f0:dd:8c:2a:f3:a5:ce:0c:8b:48:ec:bc:f3:28:0a:b5:
26:59:47:d0:ac:d1:3d:6b:cc:aa:c0:8e:10:fe:0b:f7:00:21:
a0:11:58:5e:78:e3:f6:cd:6f:21:2c:6f:2b:50:0c:cf:32:95:
28:49:6e:75:34:5b:e1:fb:4f:d4:cc:92:72:84:e4:5c:f5:39:
0d:6f:1d:62:96:90:15:be:20:3e:15:fb:1a:40:ca:bf:58:61:
e8:e5:64:dd:80:50:af:a8:ed:d2:3b:b6:cc:6f:d6:fa:ac:72:
ee:81:f8:44:15:78:98:3f:1f:c1:ea:3f:7d:d3:cc:be:c0:d3:
a1:27:e0:5a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUD//BGdYLukG/NslgWxbRX6wGpDEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExODQwMDZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5ZTNiNzBkNDFmYmQ3OGEzNGIyZjM1NGI0ZWRmMjVlYzg2MGFjZjE0NDkz
MTc4YmZjMjRjYmIzMTM4NzgwOTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPxTq/Rpi1lmKex++nfuNHGS9ydV/ATjR/WIFKJxus6x3OhH2ejFJybZgI0t
zjseeReUyZG2sYRveGLa1hx3CR6dDz+4i1ccJ1ADsemXAjnAMAnhisyrIfAvgAou
AeR2bynhkrYf5PF/fWt1TWMxPKc9/AyomNfI17hqDwWce2IDh3EYai8VZiRHKCfW
cbgYd49ydNvhOo4IYnwxVDI03BqCWhWEjXnWi2sYNhYXjiZmIKbT6jHbl3VxEYdi
DsLUJ6yJ4LzzEfb19xpXyk4q5hff9/wabu6rzuPZsLL2fP54dKvdmbeqQnf95OhR
xG5mmTsJuhsd4zl3VRUoIEENclMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSRm2rU
om2CdpBToLGXntBo9nBwbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDA3YWE2YWUtZWUwNC00MTY4LWE0NjUtZDJkM2RiNzBmMTlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAxMfFr3T2JxuFsF6RNXV9uD92su1F6EFvnG+j
/BcmM+iZmr26j215Zct28+SoJ8bGXh2f07WIwur2qnkTdW6iVuMWXzIzrcrPXEDH
ZUqmtA7V86BmgXIeFSRCWzD8kazf0Y033Ge52XJSOka6hUPuFrcuumYcUFvbPSCS
/52p4Y/w3Ywq86XODItI7LzzKAq1JllH0KzRPWvMqsCOEP4L9wAhoBFYXnjj9s1v
ISxvK1AMzzKVKEludTRb4ftP1MyScoTkXPU5DW8dYpaQFb4gPhX7GkDKv1hh6OVk
3YBQr6jt0ju2zG/W+qxy7oH4RBV4mD8fweo/fdPMvsDToSfgWg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:35:16 2025 by rpki-client