Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
File: 38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa (raw, json)
Hash identifier: BfnIx9AWWE5n1vgLW/T/MhZ/fRButz0DdX8dLD+KBYk=
Subject key identifier: 30:72:17:1A:8A:F6:AB:92:21:34:8F:56:17:EE:3F:B4:34:FA:61:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68EC75BA6D3697BFD7D62030EF432AAB3CD3EF67
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
Signing time: Mon 01 Sep 2025 20:31:17 +0000
ROA not before: Mon 01 Sep 2025 20:31:17 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:ec:75:ba:6d:36:97:bf:d7:d6:20:30:ef:43:2a:ab:3c:d3:ef:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:31:17 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=a751d9512158c950d125dc0e1730160aa75c6e0524088d9dc3cc5377ecd77931, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:76:2a:35:95:5b:e6:16:16:40:77:92:1e:ca:
3b:f5:6e:27:14:54:d0:cb:16:3f:ed:0e:c8:54:7d:
9f:0f:12:25:ab:1b:a4:54:63:52:2b:0d:39:dd:39:
57:f0:65:fc:0b:cf:82:fd:3d:e2:4a:a9:48:d4:89:
49:21:65:3a:d5:72:fc:85:1f:87:1d:5e:29:ee:38:
31:cb:c2:f0:b3:7b:83:dc:ef:95:be:dd:fa:fe:83:
7e:ea:ff:69:2a:08:c4:f8:17:2d:8c:d7:74:26:0d:
07:6e:a8:ff:66:96:9f:5e:5d:03:4e:f0:6f:e3:22:
27:06:13:34:b1:ee:61:e5:cb:56:d2:90:40:72:45:
09:95:6a:6a:a8:1c:a2:56:25:51:56:21:43:44:43:
1a:76:b4:61:4f:88:c9:23:14:03:60:e5:70:0e:ac:
d7:36:a7:ea:e5:d0:6f:9d:6e:15:dd:61:5c:c3:df:
57:18:39:6d:34:35:8d:3d:47:8b:30:f8:82:92:93:
6b:8c:e1:a9:6b:ef:7c:12:22:fa:0f:b1:cb:ca:36:
04:62:e6:8c:9a:37:67:b9:90:d2:7c:99:90:0c:83:
c3:ff:dd:95:34:9f:06:dd:e2:65:ca:f5:25:36:bd:
ef:01:90:f9:25:f7:cf:f0:da:67:03:c7:f3:c2:73:
9b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:72:17:1A:8A:F6:AB:92:21:34:8F:56:17:EE:3F:B4:34:FA:61:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:6000::/40
Signature Algorithm: sha256WithRSAEncryption
20:8c:c6:22:72:be:1f:8b:95:57:10:b6:41:4c:da:37:42:9b:
b9:85:fe:1b:91:bc:9b:d9:16:e8:53:53:6e:3d:44:5d:1a:fb:
c0:ac:52:e9:50:4f:c1:57:80:ce:03:05:d1:87:53:09:0a:f7:
a2:ac:ff:54:6b:99:fb:f3:b7:13:36:ab:ff:eb:b8:89:74:2d:
77:94:7e:fd:4e:a0:5f:ed:a0:60:cc:0f:6d:31:8b:7e:4a:04:
af:67:48:01:73:5a:34:30:3f:60:7c:64:06:6d:3d:ec:03:d3:
a0:dc:11:72:95:2f:be:f2:58:68:25:eb:17:bf:82:4f:1b:84:
22:7e:29:1a:74:64:23:3e:7e:d7:fe:5c:38:1c:60:9f:29:4b:
af:24:cb:1a:83:70:45:53:dd:69:e0:b7:fe:13:7e:be:c2:56:
98:0b:d5:33:95:51:af:24:ff:74:2c:41:cf:95:00:cd:d3:eb:
66:6e:f7:c3:1a:86:8e:bc:51:4d:58:9c:f2:f6:7a:cc:91:eb:
43:d8:0d:c5:ef:88:4d:84:3d:0f:f3:6e:cf:a4:7b:48:e5:e6:
e9:db:46:27:6b:84:f9:3a:a3:79:81:d8:a0:1b:e8:49:29:28:
da:65:29:bc:54:65:c3:f3:55:f2:b2:d6:6b:4f:5f:cb:68:19:
a1:b4:1c:9d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaOx1um02l7/X1iAw70MqqzzT72cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMxMTdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3NTFkOTUxMjE1OGM5NTBkMTI1ZGMwZTE3MzAxNjBhYTc1YzZlMDUyNDA4
OGQ5ZGMzY2M1Mzc3ZWNkNzc5MzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALR2KjWVW+YWFkB3kh7KO/VuJxRU0MsWP+0OyFR9nw8SJasbpFRjUisNOd05
V/Bl/AvPgv094kqpSNSJSSFlOtVy/IUfhx1eKe44McvC8LN7g9zvlb7d+v6Dfur/
aSoIxPgXLYzXdCYNB26o/2aWn15dA07wb+MiJwYTNLHuYeXLVtKQQHJFCZVqaqgc
olYlUVYhQ0RDGna0YU+IySMUA2DlcA6s1zan6uXQb51uFd1hXMPfVxg5bTQ1jT1H
izD4gpKTa4zhqWvvfBIi+g+xy8o2BGLmjJo3Z7mQ0nyZkAyDw//dlTSfBt3iZcr1
JTa97wGQ+SX3z/DaZwPH88Jzm68CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQwchca
ivarkiE0j1YX7j+0NPphrTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzhmOWMwZjAtYTEwOS00ODVjLWJkMmQtMmUxYTQ0MGI4NjRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVg
MA0GCSqGSIb3DQEBCwUAA4IBAQAgjMYicr4fi5VXELZBTNo3Qpu5hf4bkbyb2Rbo
U1NuPURdGvvArFLpUE/BV4DOAwXRh1MJCveirP9Ua5n787cTNqv/67iJdC13lH79
TqBf7aBgzA9tMYt+SgSvZ0gBc1o0MD9gfGQGbT3sA9Og3BFylS++8lhoJesXv4JP
G4QifikadGQjPn7X/lw4HGCfKUuvJMsag3BFU91p4Lf+E36+wlaYC9UzlVGvJP90
LEHPlQDN0+tmbvfDGoaOvFFNWJzy9nrMketD2A3F74hNhD0P827PpHtI5ebp20Yn
a4T5OqN5gdigG+hJKSjaZSm8VGXD81XystZrT1/LaBmhtByd
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:47 2025 by rpki-client