Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
File: 493f1269-3ba4-4dea-829a-985dda6749ee.roa (raw, json)
Hash identifier: HyEu9D2op/Ujiy/0z1s7f5Wa1uxFBPDA9yto9W0TemA=
Subject key identifier: 79:3A:64:C0:98:2D:A3:BE:98:38:D4:6E:18:81:FA:C2:1B:3A:66:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34A2C72AE8850F2C42E75FCD14B0A770F8AAE0A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
Signing time: Mon 01 Sep 2025 20:51:36 +0000
ROA not before: Mon 01 Sep 2025 20:51:36 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:a2:c7:2a:e8:85:0f:2c:42:e7:5f:cd:14:b0:a7:70:f8:aa:e0:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:51:36 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=3ca9b3101cdd7b91f396bf793854acdb16fc8fb22aaf9750c16fc4a329e833dc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:56:53:2c:e8:8f:8a:a3:6e:5d:be:bd:23:91:
64:33:05:e6:63:2c:95:d8:8b:fe:da:d6:6f:5b:24:
85:c9:ae:b2:c4:7d:55:58:99:76:43:8a:a5:e7:fc:
23:84:cf:66:c5:af:ac:75:14:66:5a:f2:64:91:06:
4c:d3:f4:82:a9:db:91:a9:b0:a6:7d:77:7a:20:74:
a1:59:e8:c6:c3:12:d4:2c:d0:c8:50:e4:aa:ce:49:
77:04:cd:93:20:ba:57:b4:67:7e:4c:3f:f1:47:bd:
6e:61:3c:27:74:72:f7:3a:6e:4f:4c:c9:a6:f2:d7:
7b:ff:20:54:37:34:fb:df:ca:a1:91:94:b2:ce:e3:
e6:ad:44:2a:97:24:60:7d:61:43:ba:42:b8:05:6d:
4d:44:16:f6:7b:65:f8:00:bc:5f:5f:4d:b9:bd:09:
16:18:06:50:eb:ff:e6:5f:9a:cf:51:59:ab:c5:f5:
73:0c:36:d8:e2:8b:02:fa:fd:43:ec:61:99:f2:fa:
f5:ce:ef:87:17:39:44:b9:1f:e0:92:e1:28:d7:d3:
a8:f2:32:2d:7e:ca:f9:38:61:32:5d:92:fa:7a:13:
ec:8d:4b:27:02:27:f0:7e:47:44:49:1c:31:d8:d3:
17:52:3f:a3:ba:d7:bf:41:d8:04:a2:41:ac:86:a5:
4a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:3A:64:C0:98:2D:A3:BE:98:38:D4:6E:18:81:FA:C2:1B:3A:66:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075::/32
Signature Algorithm: sha256WithRSAEncryption
a9:21:ab:56:05:10:bd:0a:5d:ea:3b:52:4c:5e:f2:ac:d2:97:
ea:b5:c5:d1:6b:5e:20:e8:d5:63:1c:6a:55:6a:8b:37:1f:77:
2c:31:8c:f2:d1:2f:11:ed:08:f9:b3:49:ba:5a:31:28:89:0d:
92:27:71:36:62:3a:14:07:44:d2:13:0b:33:2f:24:d1:0f:af:
1e:12:c7:c5:c9:03:c4:2c:0f:1a:25:61:c4:56:7c:fa:d8:df:
1a:5e:73:fd:19:20:3a:aa:9c:eb:90:ec:33:cd:1e:19:7c:4b:
56:53:d7:d3:71:12:5f:a2:54:df:f1:06:09:45:dc:d6:5c:f8:
30:79:42:31:d1:31:31:81:df:0d:44:b8:29:77:7e:d2:c6:33:
4f:32:48:c1:51:f2:53:54:17:24:da:d6:e4:19:10:17:c4:07:
b3:58:a5:b5:0f:fb:b3:6d:00:ef:93:ba:fa:0c:54:9a:04:04:
c0:13:93:3e:03:d0:91:03:e1:c5:a3:de:20:3c:01:af:92:1e:
8f:7e:3a:77:0e:9f:2c:87:e5:3a:da:8e:79:0e:af:55:4b:d8:
b5:a6:7b:55:48:50:37:ed:50:67:84:3c:12:5f:8e:1e:a9:9f:
c0:bb:81:8b:39:9a:51:bc:3e:af:32:18:39:9d:3b:36:d9:c7:
87:f8:fc:20
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUNKLHKuiFDyxC51/NFLCncPiq4KAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUxMzZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjYTliMzEwMWNkZDdiOTFmMzk2YmY3OTM4NTRhY2RiMTZmYzhmYjIyYWFm
OTc1MGMxNmZjNGEzMjllODMzZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZWUyzoj4qjbl2+vSORZDMF5mMsldiL/trWb1skhcmussR9VViZdkOKpef8
I4TPZsWvrHUUZlryZJEGTNP0gqnbkamwpn13eiB0oVnoxsMS1CzQyFDkqs5JdwTN
kyC6V7Rnfkw/8Ue9bmE8J3Ry9zpuT0zJpvLXe/8gVDc0+9/KoZGUss7j5q1EKpck
YH1hQ7pCuAVtTUQW9ntl+AC8X19Nub0JFhgGUOv/5l+az1FZq8X1cww22OKLAvr9
Q+xhmfL69c7vhxc5RLkf4JLhKNfTqPIyLX7K+ThhMl2S+noT7I1LJwIn8H5HREkc
MdjTF1I/o7rXv0HYBKJBrIalSu0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBR5OmTA
mC2jvpg41G4YgfrCGzpmjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkzZjEyNjktM2JhNC00ZGVhLTgyOWEtOTg1ZGRhNjc0OWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HUw
DQYJKoZIhvcNAQELBQADggEBAKkhq1YFEL0KXeo7Ukxe8qzSl+q1xdFrXiDo1WMc
alVqizcfdywxjPLRLxHtCPmzSbpaMSiJDZIncTZiOhQHRNITCzMvJNEPrx4Sx8XJ
A8QsDxolYcRWfPrY3xpec/0ZIDqqnOuQ7DPNHhl8S1ZT19NxEl+iVN/xBglF3NZc
+DB5QjHRMTGB3w1EuCl3ftLGM08ySMFR8lNUFyTa1uQZEBfEB7NYpbUP+7NtAO+T
uvoMVJoEBMATkz4D0JED4cWj3iA8Aa+SHo9+OncOnyyH5TrajnkOr1VL2LWme1VI
UDftUGeEPBJfjh6pn8C7gYs5mlG8Pq8yGDmdOzbZx4f4/CA=
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:08 2025 by rpki-client