Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
File: 48b510e0-0d59-48d3-96c5-ddb87c118e43.roa (raw, json)
Hash identifier: 0RKtS+K3BamQFbD4vd9RtK38M5GqPG1vL+s2eYpk+aQ=
Subject key identifier: 1E:B8:B8:CA:D1:B2:47:DC:9F:4D:CD:FA:1D:71:84:28:7F:0D:86:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61BB7A3D4830BB75443D9FDC082C673078BE05EC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
Signing time: Mon 01 Sep 2025 19:40:17 +0000
ROA not before: Mon 01 Sep 2025 19:40:17 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:bb:7a:3d:48:30:bb:75:44:3d:9f:dc:08:2c:67:30:78:be:05:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:40:17 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=d6d7a61c4e1c6479475e386b441affcff9520e5c904605b2e7931712a6a51407, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b7:07:7e:98:70:16:04:33:60:24:46:19:c7:
6c:e5:ea:40:9a:a3:bb:7e:17:2f:f4:53:f5:68:25:
43:7b:bd:7b:1b:8a:07:ce:00:a0:53:c9:cd:72:f8:
39:fb:f7:7b:c0:e9:fc:ff:29:89:88:52:06:eb:55:
15:10:7d:e2:0b:88:54:79:59:25:a9:07:f9:78:1d:
95:d9:62:d2:f8:98:a1:00:da:02:e1:24:38:89:51:
35:f4:fe:3f:bf:ed:b8:43:d0:24:09:31:ec:05:3b:
cd:a7:c3:58:6b:96:d9:8b:5e:d4:21:17:0e:5a:44:
f7:36:20:b9:62:58:1d:b6:9d:1f:89:27:4d:f5:0e:
d4:05:bf:7c:2a:ec:00:15:e7:e4:54:97:df:b1:8b:
a4:0a:e5:bb:22:a7:e2:e9:98:fc:8e:0f:d4:de:5e:
0c:12:64:a8:3d:46:51:4d:15:49:bf:49:66:ae:e2:
a8:40:42:8a:41:eb:66:91:54:57:dd:82:b0:57:e9:
e7:6e:f3:da:d4:24:8f:4d:4e:06:c7:e3:62:97:ef:
c5:89:09:0e:8e:2f:b8:12:19:96:d8:06:c8:f7:90:
59:0d:1e:b6:91:a5:cc:7e:fe:bf:23:2b:de:50:71:
07:6a:ae:3d:8d:1c:93:82:eb:32:6e:33:26:ff:b0:
89:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B8:B8:CA:D1:B2:47:DC:9F:4D:CD:FA:1D:71:84:28:7F:0D:86:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48b510e0-0d59-48d3-96c5-ddb87c118e43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4020::/48
Signature Algorithm: sha256WithRSAEncryption
98:31:8a:6e:e1:db:32:35:4f:b2:4c:75:00:70:a3:38:0a:1b:
da:06:f3:f3:e9:40:71:8b:68:45:a8:2e:e1:25:08:07:d6:a8:
ed:44:fe:e1:4e:7e:43:bc:13:6d:bc:e9:d5:e0:57:42:8b:17:
ca:3e:f0:ef:be:75:bc:e1:f9:cf:88:9c:58:e5:8f:a7:2b:39:
16:a7:0b:3d:7d:96:b4:06:db:cf:42:8e:93:34:ad:b1:84:87:
6c:e0:58:fd:f8:01:70:86:63:f8:ad:7c:14:b7:76:fe:98:a4:
c3:1f:52:66:7d:c0:b5:7a:ff:b3:1e:e7:90:2a:68:6c:af:6a:
27:88:5e:94:0b:eb:ec:7b:e4:cb:10:5e:3c:44:36:f2:ce:79:
97:cc:6f:fa:b3:dc:45:10:e2:1f:c9:0a:65:af:4c:f9:7f:6a:
14:0c:f5:bb:89:17:95:52:99:df:ef:9a:5f:81:1c:03:41:22:
b1:4c:33:e6:9f:ac:dc:c2:b4:b1:a0:6e:98:b2:1b:e6:b5:9f:
c8:a3:2e:af:37:98:04:42:a4:ce:d1:28:5e:ee:7f:49:64:c7:
3f:76:64:6e:62:fa:86:48:a7:05:10:13:bc:96:59:63:7d:95:
fa:a5:0c:f0:2f:ee:ce:a7:ac:0f:ff:20:b0:a6:d8:4d:63:3e:
53:e0:00:7b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYbt6PUgwu3VEPZ/cCCxnMHi+BewwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTQwMTdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2ZDdhNjFjNGUxYzY0Nzk0NzVlMzg2YjQ0MWFmZmNmZjk1MjBlNWM5MDQ2
MDViMmU3OTMxNzEyYTZhNTE0MDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM63B36YcBYEM2AkRhnHbOXqQJqju34XL/RT9WglQ3u9exuKB84AoFPJzXL4
Ofv3e8Dp/P8piYhSButVFRB94guIVHlZJakH+Xgdldli0viYoQDaAuEkOIlRNfT+
P7/tuEPQJAkx7AU7zafDWGuW2Yte1CEXDlpE9zYguWJYHbadH4knTfUO1AW/fCrs
ABXn5FSX37GLpArluyKn4umY/I4P1N5eDBJkqD1GUU0VSb9JZq7iqEBCikHrZpFU
V92CsFfp527z2tQkj01OBsfjYpfvxYkJDo4vuBIZltgGyPeQWQ0etpGlzH7+vyMr
3lBxB2quPY0ck4LrMm4zJv+wiYECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQeuLjK
0bJH3J9NzfodcYQofw2GiDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDhiNTEwZTAtMGQ1OS00OGQzLTk2YzUtZGRiODdjMTE4ZTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
IDANBgkqhkiG9w0BAQsFAAOCAQEAmDGKbuHbMjVPskx1AHCjOAob2gbz8+lAcYto
Ragu4SUIB9ao7UT+4U5+Q7wTbbzp1eBXQosXyj7w7751vOH5z4icWOWPpys5FqcL
PX2WtAbbz0KOkzStsYSHbOBY/fgBcIZj+K18FLd2/pikwx9SZn3AtXr/sx7nkCpo
bK9qJ4helAvr7HvkyxBePEQ28s55l8xv+rPcRRDiH8kKZa9M+X9qFAz1u4kXlVKZ
3++aX4EcA0EisUwz5p+s3MK0saBumLIb5rWfyKMurzeYBEKkztEoXu5/SWTHP3Zk
bmL6hkinBRATvJZZY32V+qUM8C/uzqesD/8gsKbYTWM+U+AAew==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:23 2025 by rpki-client