Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0141b806-c012-49b3-a8da-73590b0cd2b5.roa
File: 0141b806-c012-49b3-a8da-73590b0cd2b5.roa (raw, json)
Hash identifier: OmyiEzIIzausurjoRasoo7jfIrBhUvwkJWtdooydf4c=
Subject key identifier: CA:58:BD:CD:AA:FE:29:14:43:0B:0C:2E:5E:32:5B:AB:20:52:43:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 442993237253B213E548434CD909197CE79C8211
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0141b806-c012-49b3-a8da-73590b0cd2b5.roa
Signing time: Mon 01 Sep 2025 20:00:14 +0000
ROA not before: Mon 01 Sep 2025 20:00:14 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:50c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:29:93:23:72:53:b2:13:e5:48:43:4c:d9:09:19:7c:e7:9c:82:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:00:14 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=0e93f25da11ee1d0b12366999af252535024bde56a9b4dc28f3554db9112166c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:81:ee:ab:97:10:81:c0:b8:6a:6b:62:3d:06:
45:c3:42:fa:41:f0:27:42:f8:26:3e:8d:b8:1e:71:
ba:8c:97:16:af:d8:bd:04:9b:3f:9f:a4:82:ea:ed:
82:eb:bf:0f:a8:f3:5e:90:47:9d:c1:80:c7:ef:e7:
7c:b1:04:7a:8c:8c:26:f1:84:0d:3e:43:b8:4f:09:
bb:42:f7:ba:ef:4c:03:a8:7d:e3:23:8c:15:e0:17:
8e:86:a1:ca:26:2a:47:36:bb:0f:ad:aa:a8:b6:06:
b5:0a:cd:d7:38:c2:6c:f1:55:32:0a:0b:f2:98:30:
f9:a1:36:d5:39:c7:b8:b6:8f:29:cc:0c:1e:56:fc:
bf:34:fa:11:7a:32:3c:1c:0a:67:15:ce:81:e6:7f:
7a:dc:ce:76:c6:2e:f9:5d:70:08:a7:ae:9b:a7:7d:
5d:7d:de:70:5f:52:8a:64:fe:d9:7c:f4:ec:9f:70:
0f:31:03:76:49:21:a9:9d:4c:16:cf:0e:42:88:2e:
1c:19:65:71:82:c3:33:6e:93:1d:77:81:17:0b:e1:
a8:7a:01:08:77:56:59:40:59:05:48:19:9f:fb:f5:
31:ef:5a:18:63:a1:e3:b6:82:df:ba:92:38:1f:77:
41:8c:f0:9b:e1:f2:c5:f4:67:77:ed:76:33:0d:27:
8d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:58:BD:CD:AA:FE:29:14:43:0B:0C:2E:5E:32:5B:AB:20:52:43:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0141b806-c012-49b3-a8da-73590b0cd2b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:50c0::/48
Signature Algorithm: sha256WithRSAEncryption
81:f4:eb:6f:88:6f:08:5c:9c:9f:b3:be:7c:73:fe:d9:28:85:
97:5f:32:f7:e1:3d:1f:29:30:b8:9a:09:80:66:c7:4e:ce:c3:
f6:32:f1:da:97:83:e3:7a:7b:56:92:6a:24:74:84:bb:ee:4f:
a1:0f:83:7c:3d:65:13:fb:6c:b0:18:b8:bb:bf:97:70:03:03:
5b:85:3b:00:08:ba:b5:e0:4d:bd:bb:30:2e:ea:b7:38:fc:7f:
3d:c0:2d:07:da:4f:a8:28:54:92:ee:71:2e:5a:9e:34:8e:e8:
0f:3b:de:e2:3b:5a:27:d0:08:be:00:d9:e8:65:6e:88:b7:d6:
c1:8d:00:8a:5d:f9:1f:04:a0:2f:44:6d:01:d3:b7:0a:dd:c1:
a9:69:15:e7:17:e5:ef:fb:5d:9e:45:02:09:6b:70:2e:76:4f:
ed:ed:d5:7f:db:c2:e1:8e:39:27:19:96:6e:c0:cd:08:a5:c0:
a8:1c:12:a9:17:5a:f1:97:d7:e0:4c:44:50:23:af:26:cc:8b:
bd:51:7b:e6:fe:59:79:7b:4e:81:33:95:80:e7:a4:fa:57:64:
31:b4:3f:80:53:e8:11:fe:54:be:09:db:a7:b6:62:6e:a7:f1:
24:41:2f:b6:ec:5c:74:cf:df:95:61:bc:6e:91:3a:28:04:96:
87:68:a5:19
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURCmTI3JTshPlSENM2QkZfOecghEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDAwMTRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlOTNmMjVkYTExZWUxZDBiMTIzNjY5OTlhZjI1MjUzNTAyNGJkZTU2YTli
NGRjMjhmMzU1NGRiOTExMjE2NmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyB7quXEIHAuGprYj0GRcNC+kHwJ0L4Jj6NuB5xuoyXFq/YvQSbP5+kgurt
guu/D6jzXpBHncGAx+/nfLEEeoyMJvGEDT5DuE8Ju0L3uu9MA6h94yOMFeAXjoah
yiYqRza7D62qqLYGtQrN1zjCbPFVMgoL8pgw+aE21TnHuLaPKcwMHlb8vzT6EXoy
PBwKZxXOgeZ/etzOdsYu+V1wCKeum6d9XX3ecF9SimT+2Xz07J9wDzEDdkkhqZ1M
Fs8OQoguHBllcYLDM26THXeBFwvhqHoBCHdWWUBZBUgZn/v1Me9aGGOh47aC37qS
OB93QYzwm+HyxfRnd+12Mw0njRUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTKWL3N
qv4pFEMLDC5eMlurIFJD0DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDE0MWI4MDYtYzAxMi00OWIzLWE4ZGEtNzM1OTBiMGNkMmI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAgfTrb4hvCFycn7O+fHP+2SiFl18y9+E9Hykw
uJoJgGbHTs7D9jLx2peD43p7VpJqJHSEu+5PoQ+DfD1lE/tssBi4u7+XcAMDW4U7
AAi6teBNvbswLuq3OPx/PcAtB9pPqChUku5xLlqeNI7oDzve4jtaJ9AIvgDZ6GVu
iLfWwY0Ail35HwSgL0RtAdO3Ct3BqWkV5xfl7/tdnkUCCWtwLnZP7e3Vf9vC4Y45
JxmWbsDNCKXAqBwSqRda8ZfX4ExEUCOvJsyLvVF75v5ZeXtOgTOVgOek+ldkMbQ/
gFPoEf5Uvgnbp7ZibqfxJEEvtuxcdM/flWG8bpE6KASWh2ilGQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:09 2025 by rpki-client