Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e5950d7-064f-4bc9-9ec0-ccb72ee4fb5f.roa
File: 2e5950d7-064f-4bc9-9ec0-ccb72ee4fb5f.roa (raw, json)
Hash identifier: Hd8CghajzJhOOEzoqWCCV/IwvJjPYjPMmkkRIOh6ki0=
Subject key identifier: CE:6A:41:C2:80:EE:C5:B5:A4:87:CF:F1:72:54:DA:A5:01:9E:23:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1809096ECE27A9B72046AC92DA14C792F4B05300
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e5950d7-064f-4bc9-9ec0-ccb72ee4fb5f.roa
Signing time: Mon 25 Aug 2025 16:37:14 +0000
ROA not before: Mon 25 Aug 2025 16:37:14 +0000
ROA not after: Mon 29 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:f000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:09:09:6e:ce:27:a9:b7:20:46:ac:92:da:14:c7:92:f4:b0:53:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 25 16:37:14 2025 GMT
Not After : Sep 29 23:59:59 2025 GMT
Subject: serialNumber=11ca2a82b70d9b2d372cd64e501bb8996047900165cedb768f39173cc906a81e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:90:db:ca:4e:fa:02:3f:7d:5b:d4:18:5e:75:
53:d5:a2:59:6d:be:5d:0b:26:4d:0e:5f:67:91:9a:
f2:31:83:09:8f:47:a5:45:ac:27:5a:32:a5:3a:1c:
e3:20:af:9f:9c:6b:3d:1a:b0:ba:c8:21:08:d0:f8:
1d:41:86:98:77:f5:9c:b6:4d:36:cf:35:a7:d2:29:
57:76:11:9f:11:b3:4b:00:ca:30:38:39:1e:7f:50:
49:f9:ad:5d:a9:84:05:60:62:05:a7:19:97:3e:c4:
df:a7:f7:53:1e:ec:3c:8f:f1:aa:ef:2a:a7:2e:dc:
0a:9b:d3:6c:f3:08:76:e8:4f:64:0e:4e:ff:74:58:
95:ad:41:69:f4:ae:35:d1:16:97:ae:09:44:80:b2:
4c:b6:37:03:17:0a:ae:23:25:a6:88:86:5c:78:90:
6e:c7:19:a0:ad:1c:6d:87:15:85:70:16:59:94:66:
ce:86:34:ed:22:77:2b:81:54:21:eb:1c:01:c6:1a:
0d:c7:9c:36:6a:ff:cf:80:17:ef:3a:30:66:78:b1:
2e:4a:07:dc:63:18:12:a6:e1:32:31:01:f3:9a:32:
b5:ca:0a:5c:29:3b:c1:8a:be:df:29:34:ad:20:bf:
7b:1e:9b:7b:4b:f5:2c:fb:2d:3b:89:76:50:ed:c1:
2e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:6A:41:C2:80:EE:C5:B5:A4:87:CF:F1:72:54:DA:A5:01:9E:23:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e5950d7-064f-4bc9-9ec0-ccb72ee4fb5f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:f000::/40
Signature Algorithm: sha256WithRSAEncryption
01:0f:40:e5:b6:27:dc:89:66:12:4d:6c:f9:cc:4d:c5:64:be:
41:3e:a7:57:89:1f:ee:f2:b6:79:85:eb:d7:51:18:9d:1e:63:
c2:23:83:e7:a7:70:b1:d6:a3:f4:82:4b:49:cc:fb:c6:9d:74:
41:4a:76:95:d3:bb:8b:d4:bd:6f:27:80:0f:03:07:bd:03:89:
34:78:e3:56:ac:6d:0e:89:88:23:aa:9c:85:72:a3:4c:b7:19:
17:4a:b7:2a:f4:e2:bb:34:ad:27:44:a9:71:b3:86:98:78:df:
86:76:78:80:0e:ce:0b:86:b1:9e:08:6d:57:a1:5a:5f:e3:14:
76:9c:0e:58:d5:6b:99:63:83:fc:15:05:83:33:98:5c:5f:4a:
70:0b:c0:08:b8:55:bb:30:4b:29:d1:47:c7:b5:ab:bb:32:ef:
80:61:1c:00:ae:48:14:1a:11:de:5d:3f:47:28:71:9a:c4:1b:
15:d0:56:2d:d1:10:2a:ce:78:2b:8e:71:3e:35:e2:e2:4f:84:
66:9a:db:04:4a:d2:3f:36:2b:c6:0a:df:9f:a2:4b:d1:ee:01:
21:90:e3:19:a6:4a:ce:87:9f:40:1b:74:59:33:8b:f9:91:ae:
fe:ef:f1:c5:79:2a:67:eb:00:d6:d4:b3:56:6f:57:83:3b:53:
4e:db:cc:3e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGAkJbs4nqbcgRqyS2hTHkvSwUwAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjUxNjM3MTRaFw0yNTA5MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDExY2EyYTgyYjcwZDliMmQzNzJjZDY0ZTUwMWJiODk5NjA0NzkwMDE2NWNl
ZGI3NjhmMzkxNzNjYzkwNmE4MWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJeQ28pO+gI/fVvUGF51U9WiWW2+XQsmTQ5fZ5Ga8jGDCY9HpUWsJ1oypToc
4yCvn5xrPRqwusghCND4HUGGmHf1nLZNNs81p9IpV3YRnxGzSwDKMDg5Hn9QSfmt
XamEBWBiBacZlz7E36f3Ux7sPI/xqu8qpy7cCpvTbPMIduhPZA5O/3RYla1BafSu
NdEWl64JRICyTLY3AxcKriMlpoiGXHiQbscZoK0cbYcVhXAWWZRmzoY07SJ3K4FU
IescAcYaDcecNmr/z4AX7zowZnixLkoH3GMYEqbhMjEB85oytcoKXCk7wYq+3yk0
rSC/ex6be0v1LPstO4l2UO3BLisCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTOakHC
gO7FtaSHz/FyVNqlAZ4jHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmU1OTUwZDctMDY0Zi00YmM5LTllYzAtY2NiNzJlZTRmYjVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H/w
MA0GCSqGSIb3DQEBCwUAA4IBAQABD0DltifciWYSTWz5zE3FZL5BPqdXiR/u8rZ5
hevXURidHmPCI4Pnp3Cx1qP0gktJzPvGnXRBSnaV07uL1L1vJ4APAwe9A4k0eONW
rG0OiYgjqpyFcqNMtxkXSrcq9OK7NK0nRKlxs4aYeN+GdniADs4LhrGeCG1XoVpf
4xR2nA5Y1WuZY4P8FQWDM5hcX0pwC8AIuFW7MEsp0UfHtau7Mu+AYRwArkgUGhHe
XT9HKHGaxBsV0FYt0RAqzngrjnE+NeLiT4RmmtsEStI/NivGCt+fokvR7gEhkOMZ
pkrOh59AG3RZM4v5ka7+7/HFeSpn6wDW1LNWb1eDO1NO28w+
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:00 2025 by rpki-client