Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
File: 04593af5-4653-4d6a-8bb5-65270db84a4f.roa (raw, json)
Hash identifier: rUEbxTlvl361RxZnOlom6lZntFyTwGeh+Yf7PcA+5MM=
Subject key identifier: 81:78:AA:BA:F6:C4:FE:03:F8:B8:37:AE:2D:B9:54:66:61:53:0E:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3DB2C612BA9518FCE315E50FEA4C912715D7E958
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
Signing time: Mon 01 Sep 2025 21:21:12 +0000
ROA not before: Mon 01 Sep 2025 21:21:12 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02d::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:b2:c6:12:ba:95:18:fc:e3:15:e5:0f:ea:4c:91:27:15:d7:e9:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:21:12 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=2917ddca14fc8900002d6230684744d5fd4c53d32b962c4a2fd0f3862f9b1d8d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e8:9e:bb:fc:b2:77:4d:64:32:57:89:a3:13:
69:8a:44:46:c7:8d:8c:28:d0:57:fb:bb:1e:af:76:
1d:44:fe:14:d7:9f:67:68:0c:f7:51:cf:60:ff:ef:
2e:26:e3:25:c0:47:f6:c3:2b:c2:01:46:93:d8:cf:
ff:e2:32:85:73:32:32:fb:62:df:35:d8:e5:da:6f:
71:46:12:96:90:eb:87:43:b6:5a:4b:12:0a:84:84:
b5:71:11:45:c7:d0:ae:e7:90:72:88:c7:c3:ee:99:
02:76:59:b9:6c:6b:28:c1:ae:79:eb:a9:7b:bd:ca:
a5:cf:c3:a5:1c:a4:09:36:7f:fa:60:3a:26:d4:b4:
d3:c4:33:80:e9:f6:6a:ff:7c:70:bb:4b:f9:24:aa:
a9:4c:87:9b:3b:b7:9f:6e:69:da:eb:10:b8:11:1d:
78:e2:7d:63:75:fc:bb:90:63:19:45:b6:59:54:89:
48:cb:39:d0:72:49:78:ba:ca:f0:4f:6e:cf:c7:5a:
51:40:59:a4:f3:4b:89:74:84:09:9d:d8:2a:52:a6:
7e:97:aa:4c:de:cb:15:81:e3:b9:14:46:90:bf:d7:
ae:a7:96:66:ec:37:31:c8:89:6e:92:2d:47:66:5a:
71:83:d7:4b:c3:30:a1:c4:a9:4d:03:eb:be:1d:48:
d6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:78:AA:BA:F6:C4:FE:03:F8:B8:37:AE:2D:B9:54:66:61:53:0E:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02d::/36
Signature Algorithm: sha256WithRSAEncryption
78:4a:f1:9c:8d:06:69:17:dc:25:1a:67:03:29:d3:38:c4:86:
44:1a:76:b3:67:e9:cb:d4:4b:2b:9f:a5:a5:2e:5b:44:2a:33:
03:9a:3f:96:d8:b4:a5:60:fe:6a:36:80:16:02:86:86:9b:e0:
13:3e:a4:9b:3f:1c:15:1b:0c:06:1f:4e:5e:4f:8e:f9:e1:33:
93:f6:66:97:95:58:38:15:e3:2c:a4:23:d2:9c:0f:d5:7b:9f:
6c:82:7a:db:07:21:95:87:6a:a3:1b:e2:19:4a:66:e1:59:d5:
55:99:f6:f7:fc:ea:39:53:25:24:be:74:46:a0:91:82:c9:26:
96:18:d6:66:9d:28:5b:7b:84:da:2b:c5:49:ab:1b:27:26:e3:
e2:a1:a6:a0:b8:70:5a:c6:6c:47:ae:3d:a0:8c:cd:bf:6a:97:
bf:e3:ca:8d:93:ca:fa:3f:d9:1a:8f:6d:4c:0e:0e:6c:85:75:
3b:54:f2:0a:72:b4:51:42:7d:88:ec:c0:34:7d:b9:82:7d:43:
76:5f:62:ea:21:5f:1e:9a:56:6e:e2:32:f7:fc:64:fd:e3:b2:
a3:50:85:c0:72:e5:e8:ab:9d:e4:ad:47:c5:9b:36:9d:69:f4:
61:59:86:54:f0:10:30:9f:3c:8f:3b:b7:6a:a9:49:e4:8c:6c:
98:0a:36:2e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPbLGErqVGPzjFeUP6kyRJxXX6VgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIxMTJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5MTdkZGNhMTRmYzg5MDAwMDJkNjIzMDY4NDc0NGQ1ZmQ0YzUzZDMyYjk2
MmM0YTJmZDBmMzg2MmY5YjFkOGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbonrv8sndNZDJXiaMTaYpERseNjCjQV/u7Hq92HUT+FNefZ2gM91HPYP/v
LibjJcBH9sMrwgFGk9jP/+IyhXMyMvti3zXY5dpvcUYSlpDrh0O2WksSCoSEtXER
RcfQrueQcojHw+6ZAnZZuWxrKMGueeupe73Kpc/DpRykCTZ/+mA6JtS008QzgOn2
av98cLtL+SSqqUyHmzu3n25p2usQuBEdeOJ9Y3X8u5BjGUW2WVSJSMs50HJJeLrK
8E9uz8daUUBZpPNLiXSECZ3YKlKmfpeqTN7LFYHjuRRGkL/XrqeWZuw3MciJbpIt
R2ZacYPXS8MwocSpTQPrvh1I1i8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSBeKq6
9sT+A/i4N64tuVRmYVMOqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQ1OTNhZjUtNDY1My00ZDZhLThiYjUtNjUyNzBkYjg0YTRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C0A
MA0GCSqGSIb3DQEBCwUAA4IBAQB4SvGcjQZpF9wlGmcDKdM4xIZEGnazZ+nL1Esr
n6WlLltEKjMDmj+W2LSlYP5qNoAWAoaGm+ATPqSbPxwVGwwGH05eT4754TOT9maX
lVg4FeMspCPSnA/Ve59sgnrbByGVh2qjG+IZSmbhWdVVmfb3/Oo5UyUkvnRGoJGC
ySaWGNZmnShbe4TaK8VJqxsnJuPioaaguHBaxmxHrj2gjM2/ape/48qNk8r6P9ka
j21MDg5shXU7VPIKcrRRQn2I7MA0fbmCfUN2X2LqIV8emlZu4jL3/GT947KjUIXA
cuXoq53krUfFmzadafRhWYZU8BAwnzyPO7dqqUnkjGyYCjYu
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:09:27 2025 by rpki-client