Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a3909fa-da3d-4cd8-918f-7755304d49d1.roa
File: 4a3909fa-da3d-4cd8-918f-7755304d49d1.roa (raw, json)
Hash identifier: qFTSzY0arN5Z35RZxTi2RSNo5IYHtjnxYBd2HNTjL4s=
Subject key identifier: 68:00:31:69:98:36:C3:9D:AF:52:28:D5:FC:62:55:8A:30:B3:E6:C2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6EB33D0CA400AFD8547C305C9AEB6924925CD06B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a3909fa-da3d-4cd8-918f-7755304d49d1.roa
Signing time: Mon 01 Sep 2025 21:00:07 +0000
ROA not before: Mon 01 Sep 2025 21:00:07 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:b3:3d:0c:a4:00:af:d8:54:7c:30:5c:9a:eb:69:24:92:5c:d0:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:00:07 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=0a3856f52391573711a34aadfd9f144e3465061fadea92845c5df2894636e5e9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:89:40:83:8c:ce:3c:df:80:44:45:fb:0b:3b:
18:2c:e6:78:33:86:f3:3c:60:2b:ee:e7:01:ac:ae:
59:9b:3c:59:91:2e:86:be:33:d7:08:5c:0a:5a:f9:
0f:c6:c3:52:dd:df:08:a8:0d:1c:82:5a:ec:95:a4:
6a:3c:68:30:84:5d:cf:66:fc:d6:ce:b0:a7:9e:9b:
8f:ab:53:ba:46:a1:db:1e:c9:b2:19:b9:4d:42:0a:
70:a2:6c:9d:27:42:6f:8d:89:b0:c5:63:e6:66:34:
f3:67:74:c0:47:7d:09:e3:b1:d9:cb:26:02:fc:20:
ba:ad:73:ba:af:69:3b:02:db:60:d0:9f:6e:ac:4c:
0f:a3:eb:b3:88:a0:b8:d0:e3:3c:8b:96:5f:93:c5:
0d:4a:fa:6d:ab:c8:be:4d:a3:cd:0f:b1:3b:f7:96:
87:1d:f2:db:56:3c:b7:b4:ff:f9:69:29:c0:0b:e6:
2a:15:61:ca:96:f1:86:e4:ed:09:f9:fc:16:a0:8c:
77:81:44:a1:11:47:0e:8e:41:44:08:1d:75:f4:b2:
32:4f:ad:e7:c5:11:11:a5:41:9c:67:d7:a6:92:a7:
8b:dc:4e:c0:75:3d:29:a7:8c:15:d5:2d:b5:d6:68:
68:62:2e:27:5b:37:93:48:5c:5c:77:3e:ce:78:5d:
c9:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:00:31:69:98:36:C3:9D:AF:52:28:D5:FC:62:55:8A:30:B3:E6:C2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a3909fa-da3d-4cd8-918f-7755304d49d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:a000::/40
Signature Algorithm: sha256WithRSAEncryption
8c:03:c6:00:08:1a:96:f6:9a:5a:c7:4d:d8:e9:f2:69:b8:d3:
44:db:7c:37:30:73:e2:a3:31:90:04:cd:3d:7d:93:53:9a:5c:
0e:1c:af:bf:c2:6c:9b:5d:96:b8:db:1c:89:10:c3:8c:dc:c4:
37:ec:ef:63:d7:d9:b2:e8:47:f2:d3:ad:b8:3b:6d:c1:df:bc:
44:30:2b:19:1f:e6:36:52:41:8e:cf:19:61:79:47:6a:e1:e9:
fc:10:a2:42:80:8f:a6:2c:56:cd:37:92:96:8f:99:28:ff:2b:
5a:8d:94:10:f8:c5:a4:ca:7b:ac:f4:2d:6f:8f:3a:ff:8b:ab:
1b:b3:d8:f9:4e:d2:f6:5a:ca:d8:d1:8a:07:53:51:ee:ff:92:
6a:03:fb:c1:94:ee:5d:dc:59:30:6d:b1:f5:da:5a:44:86:ca:
83:37:00:5d:84:89:c7:81:2d:3d:00:e7:75:bc:47:e1:b4:67:
1f:c1:47:aa:81:65:60:b1:94:b5:7d:63:19:5a:88:e5:b2:7c:
52:56:4d:88:3f:72:bb:b8:e8:02:a1:c7:03:63:11:9f:25:f3:
c7:88:a9:5d:57:c8:b6:4d:2a:a3:f7:cf:75:06:a4:3e:d2:13:
23:b1:34:68:18:4d:1d:13:82:5f:82:f8:68:b2:9b:f7:46:b5:
a2:c3:37:f7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbrM9DKQAr9hUfDBcmutpJJJc0GswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAwMDdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhMzg1NmY1MjM5MTU3MzcxMWEzNGFhZGZkOWYxNDRlMzQ2NTA2MWZhZGVh
OTI4NDVjNWRmMjg5NDYzNmU1ZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2JQIOMzjzfgERF+ws7GCzmeDOG8zxgK+7nAayuWZs8WZEuhr4z1whcClr5
D8bDUt3fCKgNHIJa7JWkajxoMIRdz2b81s6wp56bj6tTukah2x7Jshm5TUIKcKJs
nSdCb42JsMVj5mY082d0wEd9CeOx2csmAvwguq1zuq9pOwLbYNCfbqxMD6Prs4ig
uNDjPIuWX5PFDUr6bavIvk2jzQ+xO/eWhx3y21Y8t7T/+WkpwAvmKhVhypbxhuTt
Cfn8FqCMd4FEoRFHDo5BRAgddfSyMk+t58UREaVBnGfXppKni9xOwHU9KaeMFdUt
tdZoaGIuJ1s3k0hcXHc+znhdyXsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRoADFp
mDbDna9SKNX8YlWKMLPmwjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGEzOTA5ZmEtZGEzZC00Y2Q4LTkxOGYtNzc1NTMwNGQ0OWQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+g
MA0GCSqGSIb3DQEBCwUAA4IBAQCMA8YACBqW9ppax03Y6fJpuNNE23w3MHPiozGQ
BM09fZNTmlwOHK+/wmybXZa42xyJEMOM3MQ37O9j19my6Efy0624O23B37xEMCsZ
H+Y2UkGOzxlheUdq4en8EKJCgI+mLFbNN5KWj5ko/ytajZQQ+MWkynus9C1vjzr/
i6sbs9j5TtL2WsrY0YoHU1Hu/5JqA/vBlO5d3FkwbbH12lpEhsqDNwBdhInHgS09
AOd1vEfhtGcfwUeqgWVgsZS1fWMZWojlsnxSVk2IP3K7uOgCoccDYxGfJfPHiKld
V8i2TSqj9891BqQ+0hMjsTRoGE0dE4Jfgvhospv3RrWiwzf3
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:28 2025 by rpki-client