Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
File: 35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa (raw, json)
Hash identifier: Atq2AZCaV7R7fU41vcwzQgwQZmmnDl201Ekpmzk7UQw=
Subject key identifier: BA:BF:B4:63:6B:3C:6F:6C:70:E9:68:45:B0:E1:55:26:1B:3D:4B:5E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 061E42EE5C0C8B8A0EEC3E5538FA58C54DF44E90
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
Signing time: Mon 01 Sep 2025 19:51:32 +0000
ROA not before: Mon 01 Sep 2025 19:51:32 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:40a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:1e:42:ee:5c:0c:8b:8a:0e:ec:3e:55:38:fa:58:c5:4d:f4:4e:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:51:32 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=fb2d80fd7bf124138b6fa55d639916b3fccff5fcf5f7c0a45c29588c228f210d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1f:2a:a3:c8:f2:99:75:ac:48:32:b3:77:b2:
3e:f7:72:18:d5:d9:d3:f9:ee:31:7e:0d:d7:86:e8:
1c:b8:84:db:80:75:8e:27:8f:0c:7f:9a:6e:33:e4:
57:6a:0c:24:ec:b5:a9:f8:08:bd:b7:57:23:d6:23:
d2:4e:9e:bf:7c:c4:dc:05:f5:73:54:0f:be:59:84:
7c:65:91:ab:c7:0f:ed:e0:8c:6e:19:34:5e:29:50:
4c:b6:6d:75:33:94:20:67:46:d8:52:fd:b3:d4:6e:
43:b0:33:33:db:0b:68:76:fd:e5:99:66:4a:b5:c3:
2c:a4:e8:a3:66:38:dd:f7:fe:53:dd:4b:e4:9a:6c:
9d:38:5d:ec:e8:6c:ae:9f:b8:a2:9f:62:4d:fa:c8:
d3:4a:b5:4a:8a:87:4b:3c:54:6a:34:47:47:01:78:
79:f2:5f:07:a5:91:50:96:87:aa:8a:5e:04:13:77:
a6:e0:64:e7:c6:78:9e:f2:fa:42:45:e3:dc:96:7c:
26:2b:d4:2c:7a:eb:af:b8:6b:81:65:8b:d5:bf:4c:
55:9d:d2:0d:60:c6:29:a8:6c:d4:36:03:9d:e8:60:
e2:7a:04:4c:d0:50:22:78:5f:e7:4c:22:64:a9:11:
dc:22:8d:d6:37:d6:3f:76:f7:68:61:16:ed:c4:fd:
02:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:BF:B4:63:6B:3C:6F:6C:70:E9:68:45:B0:E1:55:26:1B:3D:4B:5E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:40a0::/48
Signature Algorithm: sha256WithRSAEncryption
5a:8e:2a:6d:94:7a:58:2c:9b:c0:36:5f:18:30:de:36:c6:a6:
23:93:67:74:91:f9:48:c4:0c:55:da:b1:31:28:a2:85:ff:6a:
f7:6e:fa:cf:09:31:5c:67:fb:1c:04:58:08:66:45:34:ab:2e:
85:97:ff:50:a6:60:d2:fa:9d:b9:e7:32:a3:02:80:ce:b8:8e:
84:a4:6c:65:ca:bd:53:0a:19:08:d0:ed:aa:53:0d:f0:41:1e:
db:df:ee:62:d6:93:eb:a2:30:1f:20:23:f4:44:87:bc:53:b6:
59:79:35:a5:6f:11:d6:2d:5f:95:38:da:c4:bf:fe:6b:a3:74:
93:ec:9b:4d:3f:d5:d5:eb:d1:62:c8:09:dd:7a:10:99:aa:9d:
99:ae:01:2b:c5:cc:da:33:f2:96:43:f0:4e:b6:06:29:90:9a:
04:d6:e9:4b:40:01:19:4a:85:13:ed:74:6f:1e:d8:8c:0f:fa:
48:e6:d0:31:fd:09:ba:53:b5:bf:b6:2f:77:d5:3d:41:10:a4:
9b:84:83:e5:21:07:4d:42:6e:13:7c:7a:40:08:51:43:56:12:
f7:29:13:5b:01:2b:d2:44:74:ea:3c:7c:82:37:99:ed:68:4e:
43:73:ce:da:c3:fa:56:fa:6b:a1:73:67:4d:4c:5f:62:bd:a5:
cb:23:5c:f5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBh5C7lwMi4oO7D5VOPpYxU30TpAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTUxMzJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiMmQ4MGZkN2JmMTI0MTM4YjZmYTU1ZDYzOTkxNmIzZmNjZmY1ZmNmNWY3
YzBhNDVjMjk1ODhjMjI4ZjIxMGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJUfKqPI8pl1rEgys3eyPvdyGNXZ0/nuMX4N14boHLiE24B1jiePDH+abjPk
V2oMJOy1qfgIvbdXI9Yj0k6ev3zE3AX1c1QPvlmEfGWRq8cP7eCMbhk0XilQTLZt
dTOUIGdG2FL9s9RuQ7AzM9sLaHb95ZlmSrXDLKToo2Y43ff+U91L5JpsnThd7Ohs
rp+4op9iTfrI00q1SoqHSzxUajRHRwF4efJfB6WRUJaHqopeBBN3puBk58Z4nvL6
QkXj3JZ8JivULHrrr7hrgWWL1b9MVZ3SDWDGKahs1DYDnehg4noETNBQInhf50wi
ZKkR3CKN1jfWP3b3aGEW7cT9AtMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS6v7Rj
azxvbHDpaEWw4VUmGz1LXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVhZTBhYTEtYmI0Zi00OGQzLTk5MjYtMWU1ODUyZDU0YzZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
oDANBgkqhkiG9w0BAQsFAAOCAQEAWo4qbZR6WCybwDZfGDDeNsamI5NndJH5SMQM
VdqxMSiihf9q9276zwkxXGf7HARYCGZFNKsuhZf/UKZg0vqduecyowKAzriOhKRs
Zcq9UwoZCNDtqlMN8EEe29/uYtaT66IwHyAj9ESHvFO2WXk1pW8R1i1flTjaxL/+
a6N0k+ybTT/V1evRYsgJ3XoQmaqdma4BK8XM2jPylkPwTrYGKZCaBNbpS0ABGUqF
E+10bx7YjA/6SObQMf0JulO1v7Yvd9U9QRCkm4SD5SEHTUJuE3x6QAhRQ1YS9ykT
WwEr0kR06jx8gjeZ7WhOQ3PO2sP6VvproXNnTUxfYr2lyyNc9Q==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:17 2025 by rpki-client