Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
File: 93932fd5-a431-4690-94d6-ed2f97f585c1.roa (raw, json)
Hash identifier: xM3zm5rXfeAP8SbVVAg5+M8w+wMNXUcKap71c0SoXco=
Subject key identifier: 15:2A:C2:0C:27:E7:61:B6:F8:0F:8B:56:CF:0E:C7:67:9C:8E:42:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E39D18CFC4D2D5C39CBAB2D7D161416E6200A5A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
Signing time: Fri 11 Jul 2025 20:31:04 +0000
ROA not before: Fri 11 Jul 2025 20:31:04 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:39:d1:8c:fc:4d:2d:5c:39:cb:ab:2d:7d:16:14:16:e6:20:0a:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:31:04 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=d489877d03fa8168697550b3ddfa983a7f833a2f5237175764bdc0b2f8e0d686, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0a:cf:d9:80:fc:f7:81:a0:d0:41:11:40:b5:
fc:ef:de:ef:ef:06:45:4e:5d:dd:d7:71:ce:bd:63:
b8:14:78:50:3a:02:dc:ff:d8:aa:73:37:e1:e6:e9:
9c:fd:6b:55:7e:87:1f:a1:17:e7:38:7a:96:d2:f7:
e8:ba:98:f8:3d:a1:bf:03:18:9f:81:db:8b:3b:26:
8a:91:bd:af:23:2d:04:bf:a7:3a:e0:28:a2:17:c6:
15:b9:7d:a6:b7:dc:87:ad:73:62:fd:fb:83:3a:04:
78:ed:00:ac:56:29:7b:47:f2:ad:dc:41:4b:28:6e:
82:72:7b:b5:17:ef:92:3c:e0:7a:90:1f:e9:61:b9:
4e:b1:cb:07:eb:85:89:59:16:10:78:02:4b:6c:8c:
7a:1a:7b:0e:14:b0:64:7a:7c:0b:94:1a:f3:70:a2:
4e:2e:5b:29:23:4f:05:e3:61:42:a8:c2:fb:0f:fe:
0f:2f:c4:d5:07:b1:3e:e8:f2:7b:fa:58:28:b5:2e:
3e:6d:f7:73:51:ab:e2:e1:85:ff:68:af:8c:79:a5:
b3:8e:77:18:6a:d0:ab:2c:b7:40:16:8c:76:d8:9f:
da:bc:8d:3f:45:c3:3b:ff:b6:bf:fc:5d:e0:4c:ed:
11:d2:82:39:53:5c:3d:8c:8a:9b:4f:16:12:de:b1:
46:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:2A:C2:0C:27:E7:61:B6:F8:0F:8B:56:CF:0E:C7:67:9C:8E:42:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:800::/38
Signature Algorithm: sha256WithRSAEncryption
33:1f:6e:ae:92:77:34:e5:a6:ee:8e:56:cc:92:0b:de:4b:46:
f2:4e:e7:3a:29:f6:c5:e5:4a:51:f3:1a:5a:c1:9f:ae:ca:b7:
40:58:4d:75:9c:f5:93:54:04:3d:1f:b4:4f:96:c6:24:0f:06:
e9:46:56:1c:6c:3c:71:09:6d:19:61:ba:7e:40:96:75:fb:a6:
06:29:5f:88:22:ae:e7:cb:97:0b:3f:3c:e1:90:18:74:22:10:
48:10:71:89:d9:de:98:c9:ba:31:8f:56:2a:3a:59:9c:18:6c:
85:97:e7:9b:af:b2:7a:81:d9:7d:93:b3:4c:ba:39:f4:1c:da:
af:fb:98:ef:80:55:8e:d4:31:93:3f:3e:55:0f:f5:e6:f2:5f:
53:49:4d:ef:fa:db:47:6b:94:93:79:c1:9e:dd:d1:f5:cc:33:
60:22:54:09:f2:b9:7d:fe:58:7f:77:6b:5d:f9:3d:82:28:e9:
0a:df:90:ef:b2:6f:f1:97:1f:1f:a2:16:9f:56:91:8e:f5:e7:
65:8a:52:96:e9:f9:46:65:7b:a5:b8:5a:be:9c:cc:3b:63:6e:
8f:56:57:13:2f:41:92:bb:54:b6:92:ec:fa:43:c7:d8:ef:6a:
cf:be:60:04:6e:50:13:38:7a:cb:48:36:ac:bc:a0:9d:d4:77:
12:67:3b:83
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTjnRjPxNLVw5y6stfRYUFuYgClowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDMxMDRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0ODk4NzdkMDNmYTgxNjg2OTc1NTBiM2RkZmE5ODNhN2Y4MzNhMmY1MjM3
MTc1NzY0YmRjMGIyZjhlMGQ2ODYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYKz9mA/PeBoNBBEUC1/O/e7+8GRU5d3ddxzr1juBR4UDoC3P/YqnM34ebp
nP1rVX6HH6EX5zh6ltL36LqY+D2hvwMYn4HbizsmipG9ryMtBL+nOuAoohfGFbl9
prfch61zYv37gzoEeO0ArFYpe0fyrdxBSyhugnJ7tRfvkjzgepAf6WG5TrHLB+uF
iVkWEHgCS2yMehp7DhSwZHp8C5Qa83CiTi5bKSNPBeNhQqjC+w/+Dy/E1QexPujy
e/pYKLUuPm33c1Gr4uGF/2ivjHmls453GGrQqyy3QBaMdtif2ryNP0XDO/+2v/xd
4EztEdKCOVNcPYyKm08WEt6xRr8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQVKsIM
J+dhtvgPi1bPDsdnnI5CFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM5MzJmZDUtYTQzMS00NjkwLTk0ZDYtZWQyZjk3ZjU4NWMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BII
MA0GCSqGSIb3DQEBCwUAA4IBAQAzH26uknc05abujlbMkgveS0byTuc6KfbF5UpR
8xpawZ+uyrdAWE11nPWTVAQ9H7RPlsYkDwbpRlYcbDxxCW0ZYbp+QJZ1+6YGKV+I
Iq7ny5cLPzzhkBh0IhBIEHGJ2d6Yyboxj1YqOlmcGGyFl+ebr7J6gdl9k7NMujn0
HNqv+5jvgFWO1DGTPz5VD/Xm8l9TSU3v+ttHa5STecGe3dH1zDNgIlQJ8rl9/lh/
d2td+T2CKOkK35Dvsm/xlx8fohafVpGO9edlilKW6flGZXuluFq+nMw7Y26PVlcT
L0GSu1S2kuz6Q8fY72rPvmAEblATOHrLSDasvKCd1HcSZzuD
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:51:43 2025 by rpki-client