Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
File: 37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa (raw, json)
Hash identifier: VeQFNjaNNDOl4dflYB9fHdGbZEq915o1nibceJgE0UA=
Subject key identifier: F5:7E:04:F4:CE:CD:A2:DD:1D:50:F3:0D:DF:EF:5D:71:BA:29:91:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46D092E5589A1F10105925DFD8C92874CBE67F90
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
Signing time: Mon 01 Sep 2025 20:50:13 +0000
ROA not before: Mon 01 Sep 2025 20:50:13 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:d0:92:e5:58:9a:1f:10:10:59:25:df:d8:c9:28:74:cb:e6:7f:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:50:13 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=707e658dc1e9fc334af3c98a705728b03d84f63de99b1f5182298378674320f4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b6:33:ee:8e:2f:3c:ff:5f:fe:32:da:90:08:
4c:75:46:a0:d0:0f:90:07:83:26:81:04:11:a0:67:
c4:4b:b9:ab:4e:d9:37:8a:19:4f:21:c2:8c:b7:91:
89:63:fd:f7:38:e6:6c:66:d7:d3:ed:a5:ad:79:05:
fa:f3:11:53:6f:63:4d:8c:fd:ad:d7:61:15:fb:fd:
f8:f3:be:64:b9:7b:aa:b2:a1:f3:cd:5a:3f:ff:a4:
66:b4:4c:fe:58:73:47:8e:8f:39:8f:b5:66:07:bf:
86:56:07:77:e2:11:2e:ab:ed:b8:30:90:9d:8c:d3:
fa:b3:f4:a0:bb:f2:c6:c4:88:cc:4d:ab:3b:fa:b9:
de:5e:e5:7f:f4:a1:9c:a5:da:84:2e:0e:59:d1:b5:
16:69:35:48:2c:8b:ad:75:bf:95:2d:5e:ec:76:9b:
1b:de:04:5d:cc:c5:3c:3f:5a:06:57:04:37:1b:8e:
b9:d6:1a:c4:28:79:ef:1f:8d:14:05:89:81:7d:c3:
de:01:94:49:ab:27:f2:21:b3:6e:ce:c4:65:16:48:
47:74:19:d1:b2:b6:20:62:53:44:66:9e:dc:70:ab:
ed:32:4b:66:18:c1:d8:5f:26:26:eb:a5:33:eb:e9:
6a:8a:88:c2:1e:9c:91:c5:b1:7e:8c:a5:66:db:0b:
62:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:7E:04:F4:CE:CD:A2:DD:1D:50:F3:0D:DF:EF:5D:71:BA:29:91:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:8000::/40
Signature Algorithm: sha256WithRSAEncryption
a2:b8:de:57:d6:4b:3e:5b:b4:c6:59:fe:d7:9d:20:37:c4:d4:
34:60:a4:3b:4e:b9:fc:11:47:63:d7:08:36:43:77:ad:16:ee:
c8:d6:e4:6d:be:cb:08:dc:7d:2b:54:06:c0:c6:7e:e1:e2:6e:
66:c8:0f:f4:d0:37:5d:f5:1a:0f:e6:dd:b7:01:af:9a:1f:0f:
c0:aa:6e:ed:56:cd:cd:12:0e:80:b4:0f:81:75:54:6b:50:15:
a3:02:81:8f:b8:1f:7c:ff:b5:55:b9:ae:0f:d0:31:16:05:41:
b5:5e:1c:fc:44:c2:ba:d8:42:fa:a1:d2:44:de:07:6a:c6:42:
a2:57:1b:c8:a8:cc:f4:8f:b2:d9:6c:49:64:e9:3b:7a:63:9b:
0b:2d:77:b4:22:c6:39:1e:a6:95:39:d0:9d:56:c8:99:8b:9b:
71:bd:fd:53:2a:00:b5:a6:a6:3b:a9:58:fb:ec:88:9d:15:d2:
2d:80:f4:ff:c0:37:fd:76:14:8a:94:3d:3c:dc:c8:6f:85:6b:
09:a0:da:cf:a4:35:77:19:a6:6b:5f:a9:9c:cc:ef:b7:ed:8d:
7b:77:01:13:5c:e2:48:95:0c:74:d6:0a:82:62:eb:6e:df:32:
44:f5:95:59:19:5b:b7:4d:b9:25:2f:55:cc:1c:6c:1c:d2:cf:
3c:b3:d7:4c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURtCS5ViaHxAQWSXf2MkodMvmf5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUwMTNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwN2U2NThkYzFlOWZjMzM0YWYzYzk4YTcwNTcyOGIwM2Q4NGY2M2RlOTli
MWY1MTgyMjk4Mzc4Njc0MzIwZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALK2M+6OLzz/X/4y2pAITHVGoNAPkAeDJoEEEaBnxEu5q07ZN4oZTyHCjLeR
iWP99zjmbGbX0+2lrXkF+vMRU29jTYz9rddhFfv9+PO+ZLl7qrKh881aP/+kZrRM
/lhzR46POY+1Zge/hlYHd+IRLqvtuDCQnYzT+rP0oLvyxsSIzE2rO/q53l7lf/Sh
nKXahC4OWdG1Fmk1SCyLrXW/lS1e7HabG94EXczFPD9aBlcENxuOudYaxCh57x+N
FAWJgX3D3gGUSasn8iGzbs7EZRZIR3QZ0bK2IGJTRGae3HCr7TJLZhjB2F8mJuul
M+vpaoqIwh6ckcWxfoylZtsLYk8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT1fgT0
zs2i3R1Q8w3f711xuimRsDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzdmODQ3OGYtNWVmOC00ZmU1LWI5YTItMWJiZDYwNWE2YWRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DaA
MA0GCSqGSIb3DQEBCwUAA4IBAQCiuN5X1ks+W7TGWf7XnSA3xNQ0YKQ7Trn8EUdj
1wg2Q3etFu7I1uRtvssI3H0rVAbAxn7h4m5myA/00Ddd9RoP5t23Aa+aHw/Aqm7t
Vs3NEg6AtA+BdVRrUBWjAoGPuB98/7VVua4P0DEWBUG1Xhz8RMK62EL6odJE3gdq
xkKiVxvIqMz0j7LZbElk6Tt6Y5sLLXe0IsY5HqaVOdCdVsiZi5txvf1TKgC1pqY7
qVj77IidFdItgPT/wDf9dhSKlD083MhvhWsJoNrPpDV3GaZrX6mczO+37Y17dwET
XOJIlQx01gqCYutu3zJE9ZVZGVu3TbklL1XMHGwc0s88s9dM
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:04 2025 by rpki-client