Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4078cff6-9b34-4f16-903f-c7817d86bf50.roa
File: 4078cff6-9b34-4f16-903f-c7817d86bf50.roa (raw, json)
Hash identifier: yqjRuO77LCet6C3GEtkxaEPGtd1baNf2t/G+Qwo2spk=
Subject key identifier: 02:36:6A:FF:C6:93:B2:C4:6B:23:0B:34:2C:3D:F7:4F:5D:BB:55:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7976A9B140EDC43A3463E0B6D35F45B013E19F1F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4078cff6-9b34-4f16-903f-c7817d86bf50.roa
Signing time: Mon 01 Sep 2025 19:51:27 +0000
ROA not before: Mon 01 Sep 2025 19:51:27 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:76:a9:b1:40:ed:c4:3a:34:63:e0:b6:d3:5f:45:b0:13:e1:9f:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:51:27 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=a5de3630c4f510fac3d9ef4e8515f51fdad87a202e79889cb4db7992bb5b19be, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:db:59:14:a7:5c:45:1e:a4:51:b6:a3:ef:38:
ae:34:a1:cc:42:34:81:24:95:e3:da:92:7a:ad:03:
b2:aa:3a:d7:86:c3:68:df:8e:6c:3a:f0:76:39:02:
99:91:36:b0:50:97:0a:8c:a4:51:09:32:7d:67:0d:
73:87:9e:2c:a4:d1:39:ec:5c:dd:02:95:e4:0c:72:
a1:b8:f7:df:ea:97:c5:9a:36:96:0e:0f:88:ad:c4:
21:c5:3e:7d:14:bb:aa:71:0d:15:1c:d2:08:06:1c:
4f:5a:f3:75:09:3e:5e:1d:b2:e2:b8:88:6b:18:ec:
33:94:7b:37:a5:ec:42:c7:7b:32:64:00:c0:9e:7c:
30:b2:32:08:ef:45:ff:33:6f:ee:9c:77:92:6b:ad:
27:8d:15:91:ef:a2:fe:62:37:e3:98:01:72:f1:05:
0b:ba:6d:f5:c4:8b:0d:f4:4f:59:ad:a5:b0:3e:26:
26:34:84:23:35:e6:ad:19:4b:d3:fd:77:6f:bb:81:
9f:b3:df:f8:9d:4c:e0:32:2b:0e:9e:00:68:2a:cd:
a6:9d:07:d5:10:25:3b:94:b0:64:c7:4e:24:35:58:
84:82:34:93:cf:74:c4:cb:4e:a2:56:e3:32:d0:14:
77:f3:8f:83:2f:78:75:f4:87:64:c1:26:df:ff:8e:
b7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:36:6A:FF:C6:93:B2:C4:6B:23:0B:34:2C:3D:F7:4F:5D:BB:55:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4078cff6-9b34-4f16-903f-c7817d86bf50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a080::/48
Signature Algorithm: sha256WithRSAEncryption
8a:6e:b5:fc:76:11:02:9d:12:fd:07:7d:a4:5d:55:7d:53:e0:
3f:27:a3:67:f4:3d:da:90:77:bd:7e:21:1c:22:52:76:02:14:
63:a1:08:d9:4e:f1:69:12:16:b9:f4:f0:17:c3:93:9d:8c:5d:
6b:6e:e7:aa:93:20:8b:e1:02:a7:b2:cb:f0:39:87:11:09:c2:
11:bb:ad:ea:cc:d2:4d:02:58:41:13:78:ea:5d:c5:42:64:05:
ae:e2:a8:92:dd:46:f5:29:88:b7:d7:45:d4:c7:4c:15:e2:72:
b4:74:e8:98:6f:3e:9c:cf:f4:fa:aa:c7:e4:da:e6:a7:db:cf:
18:10:ba:a2:45:5a:6f:d5:48:bd:ff:34:ee:77:de:36:dd:22:
47:50:ed:3e:c3:66:ad:03:c8:11:1d:32:7c:22:75:5e:d8:74:
a8:bd:3f:7b:5b:50:03:77:cb:02:33:3b:5d:57:0b:28:5b:89:
be:88:64:13:7a:35:15:66:df:34:03:ff:43:60:ce:5e:b7:79:
31:a3:ef:f0:5e:f7:45:3f:6c:6a:39:3f:cc:b9:87:b6:ae:89:
8a:13:e3:49:06:95:3c:f0:6c:07:2d:2b:0a:aa:78:7b:34:60:
2d:ab:eb:20:29:03:31:3a:f7:1d:ee:e9:14:f2:a6:6a:bc:49:
4f:10:15:af
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeXapsUDtxDo0Y+C2019FsBPhnx8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTUxMjdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1ZGUzNjMwYzRmNTEwZmFjM2Q5ZWY0ZTg1MTVmNTFmZGFkODdhMjAyZTc5
ODg5Y2I0ZGI3OTkyYmI1YjE5YmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvbWRSnXEUepFG2o+84rjShzEI0gSSV49qSeq0Dsqo614bDaN+ObDrwdjkC
mZE2sFCXCoykUQkyfWcNc4eeLKTROexc3QKV5Axyobj33+qXxZo2lg4PiK3EIcU+
fRS7qnENFRzSCAYcT1rzdQk+Xh2y4riIaxjsM5R7N6XsQsd7MmQAwJ58MLIyCO9F
/zNv7px3kmutJ40Vke+i/mI345gBcvEFC7pt9cSLDfRPWa2lsD4mJjSEIzXmrRlL
0/13b7uBn7Pf+J1M4DIrDp4AaCrNpp0H1RAlO5SwZMdOJDVYhII0k890xMtOolbj
MtAUd/OPgy94dfSHZMEm3/+Ot3ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQCNmr/
xpOyxGsjCzQsPfdPXbtVQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA3OGNmZjYtOWIzNC00ZjE2LTkwM2YtYzc4MTdkODZiZjUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
gDANBgkqhkiG9w0BAQsFAAOCAQEAim61/HYRAp0S/Qd9pF1VfVPgPyejZ/Q92pB3
vX4hHCJSdgIUY6EI2U7xaRIWufTwF8OTnYxda27nqpMgi+ECp7LL8DmHEQnCEbut
6szSTQJYQRN46l3FQmQFruKokt1G9SmIt9dF1MdMFeJytHTomG8+nM/0+qrH5Nrm
p9vPGBC6okVab9VIvf807nfeNt0iR1DtPsNmrQPIER0yfCJ1Xth0qL0/e1tQA3fL
AjM7XVcLKFuJvohkE3o1FWbfNAP/Q2DOXrd5MaPv8F73RT9sajk/zLmHtq6JihPj
SQaVPPBsBy0rCqp4ezRgLavrICkDMTr3He7pFPKmarxJTxAVrw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:30 2025 by rpki-client