Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
File: 4967c03f-f17b-42f4-bfca-8694bb963ab0.roa (raw, json)
Hash identifier: +vj3Llygz8dc7mA0mu32t+GtHnqD2OP7zJVDwAOKzNo=
Subject key identifier: 38:60:3F:F9:1E:2B:F5:A7:82:D1:92:67:47:48:0A:B4:A6:A9:B7:09
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1739D2B0D8292436679209D54811455BEDF7DBF2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
Signing time: Mon 01 Sep 2025 19:51:36 +0000
ROA not before: Mon 01 Sep 2025 19:51:36 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:39:d2:b0:d8:29:24:36:67:92:09:d5:48:11:45:5b:ed:f7:db:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:51:36 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=a801bdbc9800deedd07cc21d3de27f62e47ff84e4827ebf38c5ea4f382f8d774, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b9:7a:5c:b0:50:a5:8c:18:ca:9d:f1:74:e6:
23:c5:f0:ad:c6:cf:09:cd:2f:f2:ea:93:84:63:cb:
fc:0f:52:1b:a9:b7:c0:9b:8d:e2:e9:6a:af:1b:10:
0d:ee:83:7a:c2:62:5a:bc:c8:d6:c9:d2:d3:e2:90:
df:c7:ce:88:59:9e:3a:73:37:e4:45:22:67:bf:10:
0e:22:dd:89:e6:78:31:fa:d7:28:2c:8c:36:95:0d:
92:92:2e:59:58:21:7e:66:2f:40:0d:80:06:51:ab:
17:26:76:01:3e:b0:65:bd:37:db:c9:e8:d5:5f:f5:
52:e1:b6:eb:f4:35:12:10:27:ea:65:26:e5:00:f1:
7e:0f:5c:ca:c7:46:50:d3:e6:38:a6:a3:a9:e5:f0:
f3:17:b1:0c:f1:c4:e3:ca:ab:bc:2c:6a:2e:0f:fc:
c7:a0:8f:ac:90:21:64:5b:2c:37:de:0f:37:db:4c:
01:1c:66:7c:ec:c2:ae:3f:c8:31:7e:b7:00:3c:e8:
31:6e:32:d3:e1:0b:89:ca:31:c4:f0:fb:ad:bd:18:
2a:80:0c:c9:cc:c7:e1:f8:83:2c:a7:dd:8e:bc:ea:
23:d9:05:58:78:0a:94:dc:41:21:a0:76:70:f1:ca:
83:93:1f:b7:90:b0:88:e7:43:e9:28:dd:8f:2d:20:
c2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:60:3F:F9:1E:2B:F5:A7:82:D1:92:67:47:48:0A:B4:A6:A9:B7:09
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9040::/48
Signature Algorithm: sha256WithRSAEncryption
a1:7b:c3:30:fd:90:55:f3:12:f6:30:a4:68:fe:d9:3c:d5:2e:
df:2a:97:c1:77:56:3d:0b:ec:82:17:28:9c:8b:38:fb:ca:51:
f5:4b:48:6b:11:2d:e6:1a:1f:c2:f0:36:7c:85:dd:1d:31:a9:
56:12:1b:7b:a7:df:6a:79:d8:26:21:2b:fb:d2:3e:d6:b4:1b:
89:6b:e6:04:68:b4:b9:b8:45:c2:c9:11:2c:4e:e1:d1:15:ff:
17:22:1a:2f:b9:a0:38:90:2a:71:01:34:5c:7b:68:ec:f0:89:
fd:1b:cd:de:11:20:b0:c8:a6:3f:6e:9d:41:28:da:b5:f1:3d:
30:da:af:8b:53:3d:6f:68:43:c4:67:24:45:70:91:bf:7f:18:
cc:6f:21:22:c1:aa:ef:e5:50:e4:1b:3a:ed:f3:72:cd:8c:05:
13:05:80:2f:b0:21:0b:12:e9:3a:b9:22:78:e8:28:0c:76:25:
b6:59:72:d0:f8:d2:28:95:8c:93:89:82:76:58:a5:4f:49:47:
8d:67:b8:f4:38:3f:7f:06:01:3a:50:5c:a1:b9:b2:c6:f3:23:
2a:7c:fd:51:cd:46:d4:a7:71:7d:bd:77:4e:a4:61:05:e5:23:
c5:0b:e4:65:d5:e8:05:e4:71:67:cd:b9:64:20:ad:93:8a:20:
69:3a:e0:75
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFznSsNgpJDZnkgnVSBFFW+332/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTUxMzZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4MDFiZGJjOTgwMGRlZWRkMDdjYzIxZDNkZTI3ZjYyZTQ3ZmY4NGU0ODI3
ZWJmMzhjNWVhNGYzODJmOGQ3NzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANC5elywUKWMGMqd8XTmI8XwrcbPCc0v8uqThGPL/A9SG6m3wJuN4ulqrxsQ
De6DesJiWrzI1snS0+KQ38fOiFmeOnM35EUiZ78QDiLdieZ4MfrXKCyMNpUNkpIu
WVghfmYvQA2ABlGrFyZ2AT6wZb0328no1V/1UuG26/Q1EhAn6mUm5QDxfg9cysdG
UNPmOKajqeXw8xexDPHE48qrvCxqLg/8x6CPrJAhZFssN94PN9tMARxmfOzCrj/I
MX63ADzoMW4y0+ELicoxxPD7rb0YKoAMyczH4fiDLKfdjrzqI9kFWHgKlNxBIaB2
cPHKg5Mft5CwiOdD6Sjdjy0gwvkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ4YD/5
Hiv1p4LRkmdHSAq0pqm3CTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDk2N2MwM2YtZjE3Yi00MmY0LWJmY2EtODY5NGJiOTYzYWIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAoXvDMP2QVfMS9jCkaP7ZPNUu3yqXwXdWPQvs
ghconIs4+8pR9UtIaxEt5hofwvA2fIXdHTGpVhIbe6ffannYJiEr+9I+1rQbiWvm
BGi0ubhFwskRLE7h0RX/FyIaL7mgOJAqcQE0XHto7PCJ/RvN3hEgsMimP26dQSja
tfE9MNqvi1M9b2hDxGckRXCRv38YzG8hIsGq7+VQ5Bs67fNyzYwFEwWAL7AhCxLp
OrkieOgoDHYltlly0PjSKJWMk4mCdlilT0lHjWe49Dg/fwYBOlBcobmyxvMjKnz9
Uc1G1Kdxfb13TqRhBeUjxQvkZdXoBeRxZ825ZCCtk4ogaTrgdQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:44 2025 by rpki-client