Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c150fc-dcb5-402c-9bf0-5a46c2b58d35.roa
File: 11c150fc-dcb5-402c-9bf0-5a46c2b58d35.roa (raw, json)
Hash identifier: P4cFviTsbU4M2/D2g8yZ61z6bs6/ZV1M+ZVx1Xu2Cr8=
Subject key identifier: 2C:80:00:15:CA:67:CD:62:77:BF:9C:69:A7:31:55:5A:CD:C0:A9:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33421EF652BA5FE00F48D981B21935B7BB052F1A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c150fc-dcb5-402c-9bf0-5a46c2b58d35.roa
Signing time: Mon 01 Sep 2025 21:20:21 +0000
ROA not before: Mon 01 Sep 2025 21:20:21 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01b:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:42:1e:f6:52:ba:5f:e0:0f:48:d9:81:b2:19:35:b7:bb:05:2f:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:20:21 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=a3281002d10da2d21a413f8e6fa53c8adabf158ea1fc0012e03dc22552f37c89, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2e:9a:5a:19:7d:65:5a:78:9b:00:4e:c4:3f:
dd:5d:5d:24:6d:41:6c:55:57:51:aa:ad:27:ec:47:
24:6e:76:6f:9a:9c:b1:aa:2d:2c:23:da:e0:6d:fa:
ab:96:8e:5b:f0:e2:6a:4c:07:e3:94:a2:17:48:83:
22:f9:7a:46:5d:7a:d4:8f:ff:eb:02:76:ec:ae:c4:
75:d1:6a:a6:13:f6:8e:3e:c4:4c:4a:15:58:de:f9:
b2:aa:ee:67:54:44:07:10:38:b3:9e:0f:6b:bc:62:
b0:31:ab:16:2d:c5:cf:43:5a:f2:f5:03:79:c1:56:
ea:e1:34:3d:60:be:77:eb:ce:3b:ca:e1:f9:77:61:
ba:93:3c:38:c1:27:df:18:90:78:38:7a:93:f5:ef:
3a:5c:99:4a:c2:c0:52:f3:4b:8d:a1:12:73:04:dc:
b0:6b:d1:25:b3:61:e9:26:9c:79:72:a6:34:b8:a5:
d8:8c:b1:1d:48:95:d7:22:2f:55:f2:f4:9f:24:ad:
92:68:31:8c:c2:e8:3b:85:88:99:bd:a8:62:30:d6:
4e:ae:7d:95:e3:34:ef:3e:ad:0d:22:1b:05:d3:13:
67:46:3b:c6:2b:13:59:16:22:9d:07:8e:91:a6:a4:
4b:50:09:d0:0e:9e:06:33:1d:a2:b1:93:3f:94:55:
78:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:80:00:15:CA:67:CD:62:77:BF:9C:69:A7:31:55:5A:CD:C0:A9:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11c150fc-dcb5-402c-9bf0-5a46c2b58d35.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01b:800::/37
Signature Algorithm: sha256WithRSAEncryption
4e:ac:90:80:2d:9f:e0:6c:66:7e:86:ea:f5:85:f5:ed:cc:fb:
29:a7:45:cd:5a:01:7d:64:68:af:60:23:d7:b2:e8:8d:f0:77:
72:38:b3:27:35:fd:b9:9d:9b:ad:c7:b7:b9:e8:17:5d:3a:7f:
af:f4:8e:6e:9c:ff:8a:fe:3c:40:2c:3a:4a:b9:8f:9a:ce:d3:
c8:b1:46:a7:32:8e:28:aa:4e:f9:87:71:5d:2a:91:b4:7e:01:
fb:e5:65:e3:25:43:24:6a:a2:e6:41:e6:b4:aa:0e:21:b0:de:
d9:31:e9:1a:d7:4e:b6:c0:3e:46:ef:e9:11:3e:f0:bf:32:68:
15:df:ce:d7:d7:dd:6d:20:6e:a1:35:0c:16:8b:ec:f1:b7:6d:
a8:9c:d9:79:25:63:4f:51:5b:c4:57:a2:27:70:ee:40:0c:f5:
ab:09:eb:f4:92:db:04:94:41:af:19:70:42:64:09:4c:ba:06:
69:47:52:25:af:51:63:c0:9a:75:17:8d:59:30:65:af:74:22:
35:ef:07:90:af:b8:f5:f1:7a:3c:ca:e3:00:83:eb:4f:46:4e:
62:41:03:72:5a:52:2a:35:c3:ba:af:ff:01:08:6d:e4:06:ca:
5e:9e:8a:97:f0:13:dd:6b:a8:25:eb:76:ee:61:69:f1:d8:bc:
56:d7:79:14
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM0Ie9lK6X+APSNmBshk1t7sFLxowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIwMjFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzMjgxMDAyZDEwZGEyZDIxYTQxM2Y4ZTZmYTUzYzhhZGFiZjE1OGVhMWZj
MDAxMmUwM2RjMjI1NTJmMzdjODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAumloZfWVaeJsATsQ/3V1dJG1BbFVXUaqtJ+xHJG52b5qcsaotLCPa4G36
q5aOW/DiakwH45SiF0iDIvl6Rl161I//6wJ27K7EddFqphP2jj7ETEoVWN75sqru
Z1REBxA4s54Pa7xisDGrFi3Fz0Na8vUDecFW6uE0PWC+d+vOO8rh+XdhupM8OMEn
3xiQeDh6k/XvOlyZSsLAUvNLjaEScwTcsGvRJbNh6SaceXKmNLil2IyxHUiV1yIv
VfL0nyStkmgxjMLoO4WImb2oYjDWTq59leM07z6tDSIbBdMTZ0Y7xisTWRYinQeO
kaakS1AJ0A6eBjMdorGTP5RVeBkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQsgAAV
ymfNYne/nGmnMVVazcCpfTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTFjMTUwZmMtZGNiNS00MDJjLTliZjAtNWE0NmMyYjU4ZDM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0BsI
MA0GCSqGSIb3DQEBCwUAA4IBAQBOrJCALZ/gbGZ+hur1hfXtzPspp0XNWgF9ZGiv
YCPXsuiN8HdyOLMnNf25nZutx7e56BddOn+v9I5unP+K/jxALDpKuY+aztPIsUan
Mo4oqk75h3FdKpG0fgH75WXjJUMkaqLmQea0qg4hsN7ZMeka1062wD5G7+kRPvC/
MmgV387X191tIG6hNQwWi+zxt22onNl5JWNPUVvEV6IncO5ADPWrCev0ktsElEGv
GXBCZAlMugZpR1Ilr1FjwJp1F41ZMGWvdCI17weQr7j18Xo8yuMAg+tPRk5iQQNy
WlIqNcO6r/8BCG3kBspenoqX8BPda6gl63buYWnx2LxW13kU
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:49 2025 by rpki-client