Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
File: 4408cd10-0fa6-407f-adbc-3a7a668523d6.roa (raw, json)
Hash identifier: ljqoPIX6tVlFCs30UExavvMz1jXsgIKAOuXpRkH8ea8=
Subject key identifier: 49:5C:32:E3:A6:17:DF:1B:0F:09:F7:DD:74:96:3E:9C:96:06:A6:72
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D87421F9C5ABF06118EF2DAD9D03B0C444B58D8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
Signing time: Mon 01 Sep 2025 19:40:48 +0000
ROA not before: Mon 01 Sep 2025 19:40:48 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:87:42:1f:9c:5a:bf:06:11:8e:f2:da:d9:d0:3b:0c:44:4b:58:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:40:48 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=b765f17f0a277a4cf533a8d4587192fa11ef9c0abab15c09d6a2297e47c215ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:42:70:d2:ee:3d:1a:7c:2f:12:25:d4:37:ea:
d3:e9:56:2f:79:5f:32:59:55:14:b7:9a:87:e2:0e:
12:63:64:f7:05:99:07:17:f6:ae:05:d2:4f:b4:ea:
7c:70:78:ec:1c:3a:66:9b:6c:57:07:1a:7f:4e:13:
3a:8a:a7:0a:65:c4:a5:34:04:97:39:eb:b4:22:6c:
82:b1:8d:be:d2:86:64:d3:92:3b:f8:af:2b:da:6f:
c5:1a:96:9a:cf:b1:84:75:63:f0:8e:8a:91:18:e4:
df:c8:d8:c6:19:af:20:f5:03:a7:74:7a:42:4e:8b:
ae:7d:c1:33:f9:dd:c4:e6:b0:96:5e:0a:31:13:25:
2f:5d:01:12:2c:bc:02:84:17:6d:f7:86:53:8e:89:
c7:f2:52:3b:9e:0a:a0:f1:d5:58:ef:0b:e2:16:58:
1c:f0:6a:48:31:b0:82:17:b8:e2:d8:2f:30:9a:ce:
22:be:74:87:02:dd:ba:5c:7b:fb:0c:49:ec:e1:12:
a5:7c:8a:4b:c7:a7:f5:d6:eb:8d:1f:4d:0f:ac:e5:
d7:c7:25:4a:05:54:16:86:74:48:29:7f:50:89:7e:
ab:46:7f:f3:6a:29:9d:d1:d9:60:b8:79:56:7b:39:
30:d0:9b:ea:fe:e2:02:62:30:87:00:5d:1b:4b:36:
1e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:5C:32:E3:A6:17:DF:1B:0F:09:F7:DD:74:96:3E:9C:96:06:A6:72
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4408cd10-0fa6-407f-adbc-3a7a668523d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:1040::/48
Signature Algorithm: sha256WithRSAEncryption
22:39:79:02:7a:5f:e5:fb:07:01:b3:8c:3d:6c:5d:74:f1:43:
fe:d1:69:a1:d5:28:32:e9:f6:61:5c:1e:7d:2d:d5:07:1e:3a:
da:b2:b7:24:2b:8f:8d:c4:57:65:24:de:fa:64:21:8f:0b:3a:
fb:b4:23:88:57:8b:3a:ab:28:74:c3:ef:dc:aa:29:68:53:8a:
fe:84:f9:0c:e4:02:47:da:f7:e4:fc:3e:40:35:1a:13:20:e3:
b1:48:8b:7d:94:ad:b3:95:3f:0f:f1:5e:f9:8c:9a:77:4b:77:
13:ef:4e:1a:9f:00:99:e9:52:c8:b3:85:f9:4f:0a:b0:66:62:
fe:da:a8:83:6b:8a:db:cc:08:ed:3d:1b:c7:8a:7d:25:4e:a2:
4a:eb:85:3f:24:97:cd:c6:87:b1:6f:09:1a:86:36:6e:56:05:
29:f9:de:31:ed:ca:2f:a9:79:94:e8:a5:5b:1c:29:38:77:89:
0a:af:21:11:1f:62:e5:2a:3e:f0:1f:67:bb:fd:75:1d:a1:2a:
8b:78:7a:74:16:5c:ab:a1:12:a3:c3:be:ae:f8:69:38:2d:45:
89:b6:cf:9d:65:f4:e4:e8:f2:88:89:a1:4f:e4:90:25:d6:50:
ac:f6:a4:3a:84:0e:c6:1f:a9:31:af:a5:5a:ad:ba:cb:09:61:
6d:5d:4f:21
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHYdCH5xavwYRjvLa2dA7DERLWNgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTQwNDhaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3NjVmMTdmMGEyNzdhNGNmNTMzYThkNDU4NzE5MmZhMTFlZjljMGFiYWIx
NWMwOWQ2YTIyOTdlNDdjMjE1ZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhCcNLuPRp8LxIl1Dfq0+lWL3lfMllVFLeah+IOEmNk9wWZBxf2rgXST7Tq
fHB47Bw6ZptsVwcaf04TOoqnCmXEpTQElznrtCJsgrGNvtKGZNOSO/ivK9pvxRqW
ms+xhHVj8I6KkRjk38jYxhmvIPUDp3R6Qk6Lrn3BM/ndxOawll4KMRMlL10BEiy8
AoQXbfeGU46Jx/JSO54KoPHVWO8L4hZYHPBqSDGwghe44tgvMJrOIr50hwLdulx7
+wxJ7OESpXyKS8en9dbrjR9ND6zl18clSgVUFoZ0SCl/UIl+q0Z/82opndHZYLh5
Vns5MNCb6v7iAmIwhwBdG0s2HhkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRJXDLj
phffGw8J9910lj6clgamcjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQwOGNkMTAtMGZhNi00MDdmLWFkYmMtM2E3YTY2ODUyM2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAIjl5Anpf5fsHAbOMPWxddPFD/tFpodUoMun2
YVwefS3VBx462rK3JCuPjcRXZSTe+mQhjws6+7QjiFeLOqsodMPv3KopaFOK/oT5
DOQCR9r35Pw+QDUaEyDjsUiLfZSts5U/D/Fe+Yyad0t3E+9OGp8AmelSyLOF+U8K
sGZi/tqog2uK28wI7T0bx4p9JU6iSuuFPySXzcaHsW8JGoY2blYFKfneMe3KL6l5
lOilWxwpOHeJCq8hER9i5So+8B9nu/11HaEqi3h6dBZcq6ESo8O+rvhpOC1FibbP
nWX05OjyiImhT+SQJdZQrPakOoQOxh+pMa+lWq26ywlhbV1PIQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:09:25 2025 by rpki-client