Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470b6c76-cd1a-4db4-baf5-1c6d8654a52c.roa
File: 470b6c76-cd1a-4db4-baf5-1c6d8654a52c.roa (raw, json)
Hash identifier: 6nxZTkFFRMvyNtaehfKpFNZPAovDFOasdcxWMUSIJDI=
Subject key identifier: EF:CA:61:0E:81:46:B5:A1:AB:95:B0:68:FA:D8:18:D8:3C:9F:4E:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 095FA164B5603952C7BF9BBE8985A529E6543014
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470b6c76-cd1a-4db4-baf5-1c6d8654a52c.roa
Signing time: Mon 01 Sep 2025 20:30:16 +0000
ROA not before: Mon 01 Sep 2025 20:30:16 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:5f:a1:64:b5:60:39:52:c7:bf:9b:be:89:85:a5:29:e6:54:30:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:16 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=d9c09ae5217bd1bfbbd9f9b3f28c7959ffcfdeed1b1043159dda28d0f33affb4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2e:1e:3b:ab:fe:1d:4b:38:27:bf:56:58:fe:
f6:65:9a:d3:a2:39:23:b8:bf:3a:33:c3:6e:57:8d:
7f:80:99:9e:28:46:aa:2a:0a:19:02:5c:bd:42:29:
e3:47:a3:b5:7c:0b:9b:aa:31:6f:bf:73:fe:a2:13:
7c:ed:94:82:cc:93:2c:ff:75:0d:ee:fb:79:f0:03:
83:d0:32:d5:88:97:97:dd:0c:2d:64:43:91:f0:dd:
d3:e9:47:7b:08:78:b5:26:85:43:e1:43:a1:b9:87:
01:60:4a:08:fa:6a:e3:6d:1b:21:db:87:ae:d6:45:
93:fd:1c:3a:0e:bd:06:9f:c7:98:5e:ae:65:57:6a:
13:98:18:d6:2b:a3:bf:f1:44:05:5d:b1:04:d9:06:
7e:c0:57:0a:da:37:be:78:29:9e:02:d6:6b:86:2d:
82:8d:ea:99:de:dc:58:a6:a0:50:c1:71:13:5e:88:
c1:e6:cb:69:9e:bb:0f:c5:c2:66:13:65:c4:2e:d3:
08:96:c0:0f:c4:54:56:c6:13:23:c2:66:a0:3d:ea:
e9:6d:fa:24:96:ee:a2:d8:82:6e:35:18:1d:00:89:
8e:b0:ae:d6:b9:11:c1:c5:59:e4:a8:1c:71:98:dc:
fe:aa:22:fc:1c:2a:bc:a2:74:8f:2b:b6:e1:2b:63:
7d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:CA:61:0E:81:46:B5:A1:AB:95:B0:68:FA:D8:18:D8:3C:9F:4E:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/470b6c76-cd1a-4db4-baf5-1c6d8654a52c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:1000::/40
Signature Algorithm: sha256WithRSAEncryption
16:ee:74:01:1c:f2:1a:3e:c2:85:de:24:cb:dc:24:2a:0a:9c:
12:96:c4:2a:04:6e:2c:a8:75:31:2d:05:49:38:58:68:e3:f2:
63:e0:bc:9a:70:a7:cc:8f:25:1e:1a:d0:2a:7e:b1:7d:68:1f:
67:6d:bc:f0:46:a8:94:75:c9:53:f3:22:99:7f:d0:8e:01:53:
38:20:78:74:93:1b:51:48:72:f8:38:70:c1:c2:2b:1d:c0:ea:
d5:78:39:eb:1a:52:3b:b9:9b:07:7d:7b:41:23:0d:29:bb:36:
d9:e4:19:02:c8:5f:83:7b:f8:df:0e:90:1a:92:51:d6:34:bf:
23:b7:17:a0:41:bf:e0:9d:6f:9b:08:26:e8:dc:ae:c1:31:c1:
0f:35:8c:67:f5:a5:19:33:1e:11:98:a1:ad:6e:54:c0:f1:4e:
ae:9f:ae:5f:d2:b2:2c:70:23:83:37:11:13:da:af:37:96:18:
95:44:85:41:61:ef:06:a7:d1:64:b1:27:23:b2:26:19:1d:c1:
84:7e:df:39:da:54:1d:e7:59:e4:4c:ad:93:f2:c8:06:8a:9f:
ab:88:bd:4a:96:72:da:18:4a:0f:05:bb:4d:32:95:44:fc:08:
71:1b:b3:e8:fa:39:df:ff:ed:d2:11:64:4b:b5:be:35:b6:84:
c6:04:7e:e1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCV+hZLVgOVLHv5u+iYWlKeZUMBQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwMTZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5YzA5YWU1MjE3YmQxYmZiYmQ5ZjliM2YyOGM3OTU5ZmZjZmRlZWQxYjEw
NDMxNTlkZGEyOGQwZjMzYWZmYjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEuHjur/h1LOCe/Vlj+9mWa06I5I7i/OjPDbleNf4CZnihGqioKGQJcvUIp
40ejtXwLm6oxb79z/qITfO2UgsyTLP91De77efADg9Ay1YiXl90MLWRDkfDd0+lH
ewh4tSaFQ+FDobmHAWBKCPpq420bIduHrtZFk/0cOg69Bp/HmF6uZVdqE5gY1iuj
v/FEBV2xBNkGfsBXCto3vngpngLWa4Ytgo3qmd7cWKagUMFxE16IwebLaZ67D8XC
ZhNlxC7TCJbAD8RUVsYTI8JmoD3q6W36JJbuotiCbjUYHQCJjrCu1rkRwcVZ5Kgc
cZjc/qoi/BwqvKJ0jyu24StjfY8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTvymEO
gUa1oauVsGj62BjYPJ9OpDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDcwYjZjNzYtY2QxYS00ZGI0LWJhZjUtMWM2ZDg2NTRhNTJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAW7nQBHPIaPsKF3iTL3CQqCpwSlsQqBG4sqHUx
LQVJOFho4/Jj4LyacKfMjyUeGtAqfrF9aB9nbbzwRqiUdclT8yKZf9COAVM4IHh0
kxtRSHL4OHDBwisdwOrVeDnrGlI7uZsHfXtBIw0puzbZ5BkCyF+De/jfDpAaklHW
NL8jtxegQb/gnW+bCCbo3K7BMcEPNYxn9aUZMx4RmKGtblTA8U6un65f0rIscCOD
NxET2q83lhiVRIVBYe8Gp9FksScjsiYZHcGEft852lQd51nkTK2T8sgGip+riL1K
lnLaGEoPBbtNMpVE/AhxG7Po+jnf/+3SEWRLtb41toTGBH7h
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:19 2025 by rpki-client