Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
File: 8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa (raw, json)
Hash identifier: NwhtTnD3FJqj9fXIspMwa+NIdG+D0LrOJejY3EwU3Fg=
Subject key identifier: B5:35:54:43:7F:44:AF:34:FF:7E:3D:43:60:EC:33:EB:77:17:FC:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 569F1365E388DD01A1DE84D90A440FF9D17EE96B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
Signing time: Fri 11 Jul 2025 20:41:31 +0000
ROA not before: Fri 11 Jul 2025 20:41:31 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:9f:13:65:e3:88:dd:01:a1:de:84:d9:0a:44:0f:f9:d1:7e:e9:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:41:31 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=90c583a4a00573bf0cbab98db5ba97219a0bfc8235621a93d72368508bbf25d9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:df:7a:ea:e7:34:b4:16:38:f3:92:9f:70:05:
db:37:c7:ed:70:de:6f:c5:03:22:7f:75:47:38:16:
2a:a1:b7:9f:38:49:57:9e:df:fc:2d:82:3d:c7:44:
1d:cc:85:d3:5e:c1:92:93:c8:a1:80:0e:c0:8d:96:
d1:fa:0d:9f:04:37:78:63:2d:b0:5c:f0:55:14:df:
04:92:0d:8d:ee:e5:76:2a:1b:b5:76:e4:2d:c3:75:
44:59:ea:f1:24:df:16:1e:a4:6c:ff:b8:be:ff:65:
61:3a:61:6a:01:e2:4c:78:be:1d:53:17:21:33:68:
ad:06:26:9f:3c:44:77:1d:2d:83:b7:9a:28:c7:6c:
9e:00:6f:ea:21:73:8e:09:28:60:1b:86:1d:12:9c:
a2:af:c9:ac:c3:d4:01:e7:7e:dd:f7:8e:2e:42:5d:
79:9d:f8:29:c2:8d:36:8a:2d:ae:2e:b4:a8:7c:56:
71:d8:47:3c:51:f3:30:73:f3:47:3b:3a:51:7f:f7:
f7:b0:7b:e4:3a:13:8b:c9:2b:61:62:ef:70:44:05:
86:09:f8:63:f1:d3:70:be:8c:88:ba:1d:f6:6a:d7:
03:66:1b:57:df:32:e9:0d:11:9a:b8:05:f6:3a:e4:
ae:eb:99:4b:74:31:6a:e7:a9:07:65:ae:1e:d1:10:
7c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:35:54:43:7F:44:AF:34:FF:7E:3D:43:60:EC:33:EB:77:17:FC:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a:800::/38
Signature Algorithm: sha256WithRSAEncryption
ae:f1:db:c9:70:e0:99:01:49:19:51:35:e3:23:16:a8:66:7e:
ad:da:1c:64:ae:fa:cd:04:5d:6c:b0:30:2c:b3:28:69:34:a4:
9e:02:83:ea:d0:12:5f:94:fb:6a:b0:4e:f5:17:3d:f2:c8:3c:
84:57:d9:b4:66:dd:79:68:80:21:84:8b:a7:90:79:e2:21:ed:
e1:95:ca:fd:ae:06:f7:70:f5:b2:81:59:3c:d4:fe:c8:cb:c2:
b4:22:96:a8:48:0a:58:99:fd:61:49:b4:fa:81:68:dc:ce:94:
c6:c1:fe:69:60:72:e1:73:72:20:d1:92:0b:d1:55:2c:92:e9:
32:27:4b:f9:9a:ea:30:b0:c6:f1:7e:e5:32:c4:e9:d7:9a:09:
96:a2:5c:4a:6f:1d:bf:ad:34:b8:31:cf:61:35:eb:74:42:fd:
f6:7f:ca:74:3a:0d:de:49:9f:4f:e5:96:86:36:24:77:af:49:
55:e5:8e:c6:bc:87:b3:85:f8:4c:02:d7:a5:3e:e2:7a:36:be:
af:5c:e3:35:1f:16:2b:8e:2f:b6:41:50:80:f4:dd:ba:af:b4:
07:c5:b3:d3:b5:b2:de:8e:7b:b3:db:96:b0:28:8f:b8:2e:dd:
ec:e5:4b:93:80:85:46:94:3b:3f:4f:c9:61:86:cf:77:7a:ef:
a3:b6:f5:a5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVp8TZeOI3QGh3oTZCkQP+dF+6WswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDQxMzFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwYzU4M2E0YTAwNTczYmYwY2JhYjk4ZGI1YmE5NzIxOWEwYmZjODIzNTYy
MWE5M2Q3MjM2ODUwOGJiZjI1ZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbfeurnNLQWOPOSn3AF2zfH7XDeb8UDIn91RzgWKqG3nzhJV57f/C2CPcdE
HcyF017BkpPIoYAOwI2W0foNnwQ3eGMtsFzwVRTfBJINje7ldiobtXbkLcN1RFnq
8STfFh6kbP+4vv9lYTphagHiTHi+HVMXITNorQYmnzxEdx0tg7eaKMdsngBv6iFz
jgkoYBuGHRKcoq/JrMPUAed+3feOLkJdeZ34KcKNNootri60qHxWcdhHPFHzMHPz
Rzs6UX/397B75DoTi8krYWLvcEQFhgn4Y/HTcL6MiLod9mrXA2YbV98y6Q0RmrgF
9jrkruuZS3QxauepB2WuHtEQfEUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS1NVRD
f0SvNP9+PUNg7DPrdxf85DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNhNTA3N2ItMDk4Ny00YTY1LWI4ZmYtYTFlMjdmNzZjZDFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoI
MA0GCSqGSIb3DQEBCwUAA4IBAQCu8dvJcOCZAUkZUTXjIxaoZn6t2hxkrvrNBF1s
sDAssyhpNKSeAoPq0BJflPtqsE71Fz3yyDyEV9m0Zt15aIAhhIunkHniIe3hlcr9
rgb3cPWygVk81P7Iy8K0IpaoSApYmf1hSbT6gWjczpTGwf5pYHLhc3Ig0ZIL0VUs
kukyJ0v5muowsMbxfuUyxOnXmgmWolxKbx2/rTS4Mc9hNet0Qv32f8p0Og3eSZ9P
5ZaGNiR3r0lV5Y7GvIezhfhMAtelPuJ6Nr6vXOM1HxYrji+2QVCA9N26r7QHxbPT
tbLejnuz25awKI+4Lt3s5UuTgIVGlDs/T8lhhs93eu+jtvWl
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:47 2025 by rpki-client