Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4208aec2-e501-4b80-8e94-0fe622727fba.roa
File: 4208aec2-e501-4b80-8e94-0fe622727fba.roa (raw, json)
Hash identifier: mwTSh07RA3Il3g3C6Kjz8s0R/4n1B3TNUhPABosUP3Y=
Subject key identifier: F1:27:42:8A:B2:E1:0C:B5:40:56:D6:7B:B0:91:5A:80:D1:8B:94:DA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2DA731A9822982465FC39CF0D3E86A9F204A2CF0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4208aec2-e501-4b80-8e94-0fe622727fba.roa
Signing time: Thu 04 Sep 2025 19:52:10 +0000
ROA not before: Thu 04 Sep 2025 19:52:10 +0000
ROA not after: Thu 09 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06d:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:a7:31:a9:82:29:82:46:5f:c3:9c:f0:d3:e8:6a:9f:20:4a:2c:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 4 19:52:10 2025 GMT
Not After : Oct 9 23:59:59 2025 GMT
Subject: serialNumber=13ed5947e130d51d7385a6c4ec8eda589b67b3076c5dd37dd0f8c1ea336e24a4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:71:51:6f:5a:cc:9d:54:5a:20:40:d4:d2:06:
19:e0:59:79:81:16:55:04:7e:b3:5f:a6:ba:f9:0d:
94:b9:c6:1f:a7:10:cd:17:1e:ee:e7:f8:e8:bd:87:
f1:6b:45:8f:49:ed:3e:7c:5f:ea:12:92:10:18:4a:
0d:19:34:f9:1b:ea:c4:04:36:64:b8:24:a2:44:b4:
0d:ca:fd:df:52:0c:38:09:05:f1:86:8b:7c:aa:93:
b9:55:0f:1f:3a:bc:e6:82:77:22:db:48:81:ca:5d:
12:23:94:e6:75:74:e1:68:22:a0:7d:59:63:a2:af:
15:4d:aa:cc:6a:8a:4d:64:d2:39:18:23:a5:d1:64:
02:37:44:0d:95:57:95:de:9c:5f:5f:51:b0:15:3b:
88:6f:fc:b2:dd:3e:a7:4e:9f:ea:d4:4b:cf:33:97:
90:39:10:ba:ad:0e:f2:0b:f7:f8:f7:fc:f9:41:12:
4e:62:7c:3b:c9:6d:df:1b:6e:5a:b1:9b:22:bf:c2:
e8:4d:7f:b0:4f:dc:f3:a8:da:7f:42:6a:29:a6:52:
7b:e6:c9:a6:07:d0:e6:43:c1:a0:49:d8:f2:e9:e4:
60:84:44:b4:fd:07:28:46:59:38:2f:5b:d2:22:aa:
f2:1c:e2:c0:7b:e6:36:6a:e8:ce:7e:b7:68:1f:b3:
88:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:27:42:8A:B2:E1:0C:B5:40:56:D6:7B:B0:91:5A:80:D1:8B:94:DA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4208aec2-e501-4b80-8e94-0fe622727fba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6080::/48
Signature Algorithm: sha256WithRSAEncryption
42:66:e6:57:b1:da:83:08:58:8d:44:1b:72:bf:d9:f1:e2:8a:
1a:79:85:a3:7f:a7:62:98:22:20:66:59:69:8a:85:29:11:4c:
ec:ac:23:45:c1:38:da:5b:db:33:f7:95:d1:ab:bc:fb:43:cb:
2b:0a:64:91:5f:50:e4:9e:4f:8f:ff:6e:e2:5d:09:af:2e:c3:
db:9f:99:f5:7e:39:67:8f:05:05:79:f5:42:94:e2:80:6c:c7:
55:64:53:a6:0b:e9:b5:87:fe:dd:1b:3c:2f:db:34:d2:ea:08:
73:e2:4b:4b:12:6a:55:35:d4:01:0a:2a:0f:c5:6b:b0:60:43:
c0:76:73:8c:3a:fd:58:87:c3:a3:79:f3:53:2f:e3:c9:3f:db:
62:cc:98:25:19:e7:21:94:39:98:a7:27:c9:46:c3:a7:9c:b6:
07:a8:31:25:3c:56:03:cc:24:dc:de:bc:2d:e0:2b:b1:bc:bd:
13:b7:81:62:3a:6a:15:9f:48:45:47:41:fd:0d:e2:4e:cc:64:
d6:5d:5c:67:2a:a5:90:a4:a0:57:c7:0f:94:ea:42:81:4e:9e:
d9:8d:c1:16:04:5f:f1:fb:d1:03:90:83:dc:ce:de:40:07:0a:
7c:83:f2:6f:d4:00:b3:83:42:89:7e:79:92:3a:61:e4:9e:de:
20:d8:d5:9a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULacxqYIpgkZfw5zw0+hqnyBKLPAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDQxOTUyMTBaFw0yNTEwMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzZWQ1OTQ3ZTEzMGQ1MWQ3Mzg1YTZjNGVjOGVkYTU4OWI2N2IzMDc2YzVk
ZDM3ZGQwZjhjMWVhMzM2ZTI0YTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBxUW9azJ1UWiBA1NIGGeBZeYEWVQR+s1+muvkNlLnGH6cQzRce7uf46L2H
8WtFj0ntPnxf6hKSEBhKDRk0+RvqxAQ2ZLgkokS0Dcr931IMOAkF8YaLfKqTuVUP
Hzq85oJ3IttIgcpdEiOU5nV04WgioH1ZY6KvFU2qzGqKTWTSORgjpdFkAjdEDZVX
ld6cX19RsBU7iG/8st0+p06f6tRLzzOXkDkQuq0O8gv3+Pf8+UESTmJ8O8lt3xtu
WrGbIr/C6E1/sE/c86jaf0JqKaZSe+bJpgfQ5kPBoEnY8unkYIREtP0HKEZZOC9b
0iKq8hziwHvmNmrozn63aB+ziL8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTxJ0KK
suEMtUBW1nuwkVqA0YuU2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDIwOGFlYzItZTUwMS00YjgwLThlOTQtMGZlNjIyNzI3ZmJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G1g
gDANBgkqhkiG9w0BAQsFAAOCAQEAQmbmV7HagwhYjUQbcr/Z8eKKGnmFo3+nYpgi
IGZZaYqFKRFM7KwjRcE42lvbM/eV0au8+0PLKwpkkV9Q5J5Pj/9u4l0Jry7D25+Z
9X45Z48FBXn1QpTigGzHVWRTpgvptYf+3Rs8L9s00uoIc+JLSxJqVTXUAQoqD8Vr
sGBDwHZzjDr9WIfDo3nzUy/jyT/bYsyYJRnnIZQ5mKcnyUbDp5y2B6gxJTxWA8wk
3N68LeArsby9E7eBYjpqFZ9IRUdB/Q3iTsxk1l1cZyqlkKSgV8cPlOpCgU6e2Y3B
FgRf8fvRA5CD3M7eQAcKfIPyb9QAs4NCiX55kjph5J7eINjVmg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:00 2025 by rpki-client