Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
File: 1af8ee5d-0148-4672-a9da-a1980cfe4768.roa (raw, json)
Hash identifier: I3MHsRCLOCMPnWZtXRv/jty5gO8fqllqRzwbjD2oJDo=
Subject key identifier: 22:C5:44:9E:46:FA:02:CE:CB:76:F9:2A:EA:05:F2:94:38:36:49:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29B1A77604E9248E2D825C05CB215F90ED875EDB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
Signing time: Mon 01 Sep 2025 20:20:55 +0000
ROA not before: Mon 01 Sep 2025 20:20:55 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:b1:a7:76:04:e9:24:8e:2d:82:5c:05:cb:21:5f:90:ed:87:5e:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:20:55 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=50f5c398795a6a48b894327afd22a79a3416facbea5a82d38beea05e1bf38e96, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0c:8e:e1:54:28:d1:77:5e:fe:ec:5c:f4:37:
18:8f:be:e2:6a:66:9b:0c:1f:74:8a:89:44:9f:47:
96:93:87:0b:6c:42:7a:4b:29:af:4f:e3:0f:66:d4:
df:60:c2:27:ed:33:2c:19:96:11:b9:9f:bb:6b:99:
2a:99:79:50:0b:73:ed:22:f8:71:33:32:5b:5c:3c:
4d:d5:62:48:3d:98:27:d2:5e:65:d9:29:ed:f2:3e:
80:af:ca:d7:26:e1:5b:75:96:04:ff:11:77:54:6b:
e4:7f:50:08:54:44:be:b8:bd:b2:62:1b:df:27:94:
b6:f9:0b:95:8b:82:bb:10:fc:e4:04:3c:df:30:38:
de:dd:46:02:24:c1:b1:6f:e6:59:82:7f:10:3e:93:
4c:12:24:89:13:cc:a4:1f:a7:af:19:b5:63:c3:9b:
f5:e5:bb:30:b6:26:81:cf:b5:2e:27:69:f5:71:35:
9d:3a:f2:88:fe:b3:ab:85:80:66:a1:ef:b6:03:60:
29:68:63:35:e2:07:43:4d:b1:90:e4:42:23:c7:ee:
38:76:6d:a6:69:e2:4d:39:50:d5:c3:c5:66:79:51:
5a:e0:c5:f5:c2:5c:2c:75:57:8f:34:5e:0d:6e:7e:
5d:16:dd:bb:70:10:00:73:c6:8a:32:09:d0:f7:ce:
c4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C5:44:9E:46:FA:02:CE:CB:76:F9:2A:EA:05:F2:94:38:36:49:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8080::/48
Signature Algorithm: sha256WithRSAEncryption
68:b4:88:83:4a:2c:14:b2:c4:03:37:b2:48:60:25:92:0a:10:
09:16:72:88:7e:7e:fd:8a:7a:62:1a:28:6f:46:73:24:9a:e7:
80:69:bf:a3:40:ea:7f:43:78:f5:25:c7:51:00:2a:27:25:7b:
1a:94:7c:b2:5d:4e:7d:06:a8:28:e6:af:97:b0:08:33:b5:81:
71:e0:37:73:1c:be:4f:4d:00:1e:90:45:ff:b7:49:0c:7e:92:
9d:d8:ff:8d:f7:54:13:3c:87:dc:06:dd:68:3e:4c:18:58:8e:
38:50:4d:fc:0d:12:cb:4b:65:54:52:86:57:30:85:b9:c8:2a:
c1:09:16:38:3e:4c:d5:9c:a1:b4:45:fd:48:fe:9c:41:30:eb:
43:50:bd:31:db:ee:56:16:af:1c:d7:d2:e9:cf:de:fe:3e:14:
d9:55:46:92:89:e2:c1:51:0e:63:8d:0f:5a:dc:30:32:c4:39:
0e:43:47:80:6c:2e:7c:00:e8:0b:9c:57:79:d3:88:1d:7d:b5:
e4:3a:41:54:05:24:b6:6e:47:31:89:7f:ae:ca:40:e0:27:88:
60:54:00:8c:0c:b3:89:e2:22:5b:08:fe:01:f4:e0:75:58:2a:
85:cb:c5:0c:8c:c5:c1:cf:55:32:e6:c1:36:e3:a5:6e:45:6a:
b6:1c:23:59
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKbGndgTpJI4tglwFyyFfkO2HXtswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIwNTVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwZjVjMzk4Nzk1YTZhNDhiODk0MzI3YWZkMjJhNzlhMzQxNmZhY2JlYTVh
ODJkMzhiZWVhMDVlMWJmMzhlOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAMjuFUKNF3Xv7sXPQ3GI++4mpmmwwfdIqJRJ9HlpOHC2xCekspr0/jD2bU
32DCJ+0zLBmWEbmfu2uZKpl5UAtz7SL4cTMyW1w8TdViSD2YJ9JeZdkp7fI+gK/K
1ybhW3WWBP8Rd1Rr5H9QCFREvri9smIb3yeUtvkLlYuCuxD85AQ83zA43t1GAiTB
sW/mWYJ/ED6TTBIkiRPMpB+nrxm1Y8Ob9eW7MLYmgc+1Lidp9XE1nTryiP6zq4WA
ZqHvtgNgKWhjNeIHQ02xkORCI8fuOHZtpmniTTlQ1cPFZnlRWuDF9cJcLHVXjzRe
DW5+XRbdu3AQAHPGijIJ0PfOxKsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQixUSe
RvoCzst2+SrqBfKUODZJrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWFmOGVlNWQtMDE0OC00NjcyLWE5ZGEtYTE5ODBjZmU0NzY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA
gDANBgkqhkiG9w0BAQsFAAOCAQEAaLSIg0osFLLEAzeySGAlkgoQCRZyiH5+/Yp6
Yhoob0ZzJJrngGm/o0Dqf0N49SXHUQAqJyV7GpR8sl1OfQaoKOavl7AIM7WBceA3
cxy+T00AHpBF/7dJDH6Sndj/jfdUEzyH3AbdaD5MGFiOOFBN/A0Sy0tlVFKGVzCF
ucgqwQkWOD5M1ZyhtEX9SP6cQTDrQ1C9MdvuVhavHNfS6c/e/j4U2VVGkoniwVEO
Y40PWtwwMsQ5DkNHgGwufADoC5xXedOIHX215DpBVAUktm5HMYl/rspA4CeIYFQA
jAyzieIiWwj+AfTgdVgqhcvFDIzFwc9VMubBNuOlbkVqthwjWQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:21 2025 by rpki-client