Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33d27d30-ac5c-415b-8b96-bdf3fa2da3e5.roa
File: 33d27d30-ac5c-415b-8b96-bdf3fa2da3e5.roa (raw, json)
Hash identifier: wOlIXfi6Oy/hHzBf8NdXMFMp65TinUzjH1HZ75Wnw5Q=
Subject key identifier: 3F:D5:EE:38:0C:16:20:FD:AE:F1:0D:F5:E2:3F:A3:AD:16:12:8C:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C826EF6EED237B63D4CC0E8D272467877A0DF24
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33d27d30-ac5c-415b-8b96-bdf3fa2da3e5.roa
Signing time: Mon 01 Sep 2025 21:20:08 +0000
ROA not before: Mon 01 Sep 2025 21:20:08 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:82:6e:f6:ee:d2:37:b6:3d:4c:c0:e8:d2:72:46:78:77:a0:df:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:20:08 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=36bdb0665a92e3fdd178add1ea71f3421b6ae7791476697f618af8b14c65a23b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:da:32:e3:ac:49:4f:55:e7:f9:25:3a:a9:be:
df:e7:0e:68:d7:74:13:df:82:4d:31:65:2d:c8:f4:
ba:84:df:01:a7:a1:99:c6:f2:92:d3:41:65:86:52:
20:a6:93:78:ce:b6:61:66:1f:b9:38:e2:7c:5e:48:
94:92:cd:d2:e6:ab:7f:97:16:67:21:e7:1a:57:1e:
7d:c3:64:91:04:ba:f0:48:76:90:be:a5:97:7b:7f:
68:d7:8d:a6:78:1a:a6:d9:2a:72:ad:c0:20:60:fc:
48:6d:0d:a0:29:84:d2:cb:ac:80:2a:3c:e2:cb:b3:
e9:33:4d:e0:36:51:3b:75:c2:b1:a0:9a:d1:9e:38:
f0:35:fb:6c:8c:12:de:11:30:2d:28:9c:4b:0a:29:
b2:c5:e5:31:58:77:c0:ca:94:58:d0:21:d2:4f:7a:
06:92:f1:38:19:b6:62:8e:81:dd:08:89:9f:a0:3b:
dc:e0:c1:6d:a7:6e:ad:2e:70:c8:01:d8:48:cc:eb:
d8:78:c9:bb:2c:0f:25:18:fc:09:eb:29:97:3b:98:
f0:99:79:9b:68:56:ae:7f:ee:45:df:7b:17:cb:94:
7d:14:17:ce:b9:ed:a2:f8:86:79:a2:41:f5:c2:a1:
87:36:c4:98:af:62:9f:8e:c2:ca:10:5e:b0:14:27:
df:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:D5:EE:38:0C:16:20:FD:AE:F1:0D:F5:E2:3F:A3:AD:16:12:8C:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33d27d30-ac5c-415b-8b96-bdf3fa2da3e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016:800::/38
Signature Algorithm: sha256WithRSAEncryption
91:82:37:c2:db:f5:02:dc:7b:f1:0c:66:a4:58:0f:0e:32:d6:
a6:0a:b8:10:20:04:ac:1f:d1:0c:a8:13:85:2d:6a:c9:ef:75:
f0:1d:cf:91:2f:8a:2c:29:c9:da:99:a7:eb:ff:57:27:ae:e0:
55:e0:e3:da:12:aa:51:a6:41:84:40:33:5c:1b:33:7e:96:31:
8c:da:bf:03:a8:b7:49:cc:74:be:0f:36:c0:c2:9c:53:e3:f5:
a3:a2:57:67:30:76:2a:86:90:28:3e:f8:ec:da:f6:da:52:fd:
75:b6:0e:66:ee:5d:53:29:43:af:be:03:a2:9b:cd:0c:d9:63:
c5:e0:53:3b:e3:f1:3a:76:db:53:8c:a0:af:bb:34:d8:54:a7:
5b:a0:28:b9:a9:ad:ed:af:2f:d2:67:b1:1f:1f:33:bd:29:13:
f8:5f:56:fe:21:a1:8e:d8:5f:1f:45:1b:ee:83:34:0e:0b:e4:
4e:46:97:2f:a5:2d:6f:25:49:36:e1:14:c2:40:04:39:82:29:
0e:b5:78:eb:b5:86:74:e0:a8:ff:b2:fa:20:73:6a:33:13:f9:
71:36:bf:3f:da:d8:c8:0f:d2:35:4e:38:12:da:43:e0:3a:65:
96:ea:ef:b6:b3:3a:d0:89:4a:a3:d9:ee:4b:c4:65:df:46:27:
31:4a:39:37
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbIJu9u7SN7Y9TMDo0nJGeHeg3yQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIwMDhaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2YmRiMDY2NWE5MmUzZmRkMTc4YWRkMWVhNzFmMzQyMWI2YWU3NzkxNDc2
Njk3ZjYxOGFmOGIxNGM2NWEyM2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJLaMuOsSU9V5/klOqm+3+cOaNd0E9+CTTFlLcj0uoTfAaehmcbyktNBZYZS
IKaTeM62YWYfuTjifF5IlJLN0uarf5cWZyHnGlcefcNkkQS68Eh2kL6ll3t/aNeN
pngaptkqcq3AIGD8SG0NoCmE0susgCo84suz6TNN4DZRO3XCsaCa0Z448DX7bIwS
3hEwLSicSwopssXlMVh3wMqUWNAh0k96BpLxOBm2Yo6B3QiJn6A73ODBbadurS5w
yAHYSMzr2HjJuywPJRj8CesplzuY8Jl5m2hWrn/uRd97F8uUfRQXzrntoviGeaJB
9cKhhzbEmK9in47CyhBesBQn32kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ/1e44
DBYg/a7xDfXiP6OtFhKMSDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzNkMjdkMzAtYWM1Yy00MTViLThiOTYtYmRmM2ZhMmRhM2U1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYI
MA0GCSqGSIb3DQEBCwUAA4IBAQCRgjfC2/UC3HvxDGakWA8OMtamCrgQIASsH9EM
qBOFLWrJ73XwHc+RL4osKcnamafr/1cnruBV4OPaEqpRpkGEQDNcGzN+ljGM2r8D
qLdJzHS+DzbAwpxT4/WjoldnMHYqhpAoPvjs2vbaUv11tg5m7l1TKUOvvgOim80M
2WPF4FM74/E6dttTjKCvuzTYVKdboCi5qa3try/SZ7EfHzO9KRP4X1b+IaGO2F8f
RRvugzQOC+RORpcvpS1vJUk24RTCQAQ5gikOtXjrtYZ04Kj/svogc2ozE/lxNr8/
2tjID9I1TjgS2kPgOmWW6u+2szrQiUqj2e5LxGXfRicxSjk3
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:48 2025 by rpki-client