Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
File: 1ec007f6-6684-43b6-8751-2e5b258a98b3.roa (raw, json)
Hash identifier: fZ0dgvEBXi7MDD5aRp3b2Hqo9n6q5nX5k+r1d4ebdvY=
Subject key identifier: FE:58:1C:02:5D:02:75:EC:0A:4B:3C:DD:A3:5B:E1:17:A4:38:16:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4BC0BD944CD8FDE694458189B84AFA9093E97D9F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
Signing time: Mon 01 Sep 2025 20:30:43 +0000
ROA not before: Mon 01 Sep 2025 20:30:43 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:c0:bd:94:4c:d8:fd:e6:94:45:81:89:b8:4a:fa:90:93:e9:7d:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:43 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=b5f4e232bf3eb97167d02db1d6933ca9fb6c405baeca5d2c07e734bf74b3f5b3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7d:21:53:73:27:f5:03:34:e4:59:e1:ff:ce:
9b:67:16:d6:5b:b6:6b:9d:06:c5:b2:5b:d2:8f:84:
62:68:1b:de:9e:64:57:40:d4:39:07:ca:f8:2a:6d:
b3:bf:df:a6:ac:a1:cb:01:c3:ad:8e:a5:c1:93:94:
aa:74:1e:9a:a6:32:9e:67:4b:cd:6d:67:c4:b9:c0:
59:2b:97:71:01:df:3c:15:ef:7a:0c:79:48:15:ad:
a7:a7:33:9b:b9:56:f2:0c:38:8f:e4:73:f0:f2:a0:
04:42:26:0d:c7:d5:8f:0a:19:b1:94:6f:dd:74:6d:
32:dd:bd:4e:8f:ec:39:70:08:a0:87:5a:04:f8:5d:
61:74:d1:e5:35:8e:12:94:aa:25:9e:14:4a:56:b7:
0d:d4:58:0e:6d:84:4e:aa:1d:d0:f1:bd:8e:80:3e:
89:e8:eb:b4:db:ed:c7:a6:c5:56:ea:4b:a5:56:d5:
db:59:b8:3b:94:04:e2:db:77:7b:4a:8a:a9:24:bd:
d7:98:c2:2b:fb:22:88:a8:67:a0:2f:61:10:46:bb:
6b:ec:ee:b8:bf:f2:05:c9:5c:2f:27:35:ee:4b:88:
a9:70:37:b8:a3:5f:fe:07:c8:3b:90:f6:94:b1:f4:
df:c4:62:5c:bd:62:ea:54:1a:e5:bf:7c:3c:25:d2:
67:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:58:1C:02:5D:02:75:EC:0A:4B:3C:DD:A3:5B:E1:17:A4:38:16:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:2000::/40
Signature Algorithm: sha256WithRSAEncryption
c0:85:0d:42:94:07:a2:2c:2a:c8:67:49:f5:2c:29:09:a4:e7:
19:da:76:ca:ec:24:2a:a9:1d:a5:e2:2a:79:7b:a2:e4:ef:a8:
4b:90:74:c0:6b:05:7b:58:db:b1:c2:cd:3b:74:b5:e3:dc:5e:
3f:86:1e:3c:0f:ee:e0:08:03:cb:de:a2:91:9b:9c:45:47:1b:
29:fe:d0:5e:e1:cf:36:c5:93:bb:e9:89:ab:5f:22:0d:bf:d8:
14:4c:c0:37:aa:f1:e2:0e:f9:db:76:51:d7:56:30:e3:3c:af:
d2:60:30:b0:c7:f9:90:62:7d:1b:92:3c:06:84:29:2d:73:98:
5f:3d:d2:34:df:df:b6:71:6c:3e:9f:27:59:c7:30:4e:c4:1c:
8e:18:9f:7e:80:9d:69:2c:81:50:bf:51:20:76:41:0f:8c:a8:
7f:62:9a:6b:7b:a6:a8:90:53:43:77:66:ae:4f:93:80:f5:15:
9c:a1:3f:11:7d:84:58:aa:fe:4f:44:41:7b:31:36:2a:cb:02:
66:4d:64:6a:e6:cf:aa:6f:5a:98:24:49:5c:04:c0:92:31:1e:
97:63:86:dd:74:94:9c:78:b6:76:04:c0:2e:4f:11:6e:c8:bc:
62:97:5e:49:d7:e7:73:f0:f4:48:4e:a4:e0:af:74:b8:cc:25:
79:fb:62:f8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUS8C9lEzY/eaURYGJuEr6kJPpfZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwNDNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1ZjRlMjMyYmYzZWI5NzE2N2QwMmRiMWQ2OTMzY2E5ZmI2YzQwNWJhZWNh
NWQyYzA3ZTczNGJmNzRiM2Y1YjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALh9IVNzJ/UDNORZ4f/Om2cW1lu2a50GxbJb0o+EYmgb3p5kV0DUOQfK+Cpt
s7/fpqyhywHDrY6lwZOUqnQemqYynmdLzW1nxLnAWSuXcQHfPBXvegx5SBWtp6cz
m7lW8gw4j+Rz8PKgBEImDcfVjwoZsZRv3XRtMt29To/sOXAIoIdaBPhdYXTR5TWO
EpSqJZ4USla3DdRYDm2ETqod0PG9joA+iejrtNvtx6bFVupLpVbV21m4O5QE4tt3
e0qKqSS915jCK/siiKhnoC9hEEa7a+zuuL/yBclcLyc17kuIqXA3uKNf/gfIO5D2
lLH038RiXL1i6lQa5b98PCXSZ3ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT+WBwC
XQJ17ApLPN2jW+EXpDgWkzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWVjMDA3ZjYtNjY4NC00M2I2LTg3NTEtMmU1YjI1OGE5OGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DQg
MA0GCSqGSIb3DQEBCwUAA4IBAQDAhQ1ClAeiLCrIZ0n1LCkJpOcZ2nbK7CQqqR2l
4ip5e6Lk76hLkHTAawV7WNuxws07dLXj3F4/hh48D+7gCAPL3qKRm5xFRxsp/tBe
4c82xZO76YmrXyINv9gUTMA3qvHiDvnbdlHXVjDjPK/SYDCwx/mQYn0bkjwGhCkt
c5hfPdI039+2cWw+nydZxzBOxByOGJ9+gJ1pLIFQv1EgdkEPjKh/Yppre6aokFND
d2auT5OA9RWcoT8RfYRYqv5PREF7MTYqywJmTWRq5s+qb1qYJElcBMCSMR6XY4bd
dJSceLZ2BMAuTxFuyLxil15J1+dz8PRITqTgr3S4zCV5+2L4
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:24 2025 by rpki-client