Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
File: 4aa20760-fb28-4393-bec8-9ffb467f03e4.roa (raw, json)
Hash identifier: DMHvxV+f7649xlQhaK6BdVoN5Z9L7DZB4+5QUZi01pU=
Subject key identifier: DF:41:F3:EC:BB:0E:86:25:B9:EF:B2:CD:28:8C:85:C7:C5:91:88:B9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52515CBA43971A316653BC557C8F118DCC46579C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
Signing time: Mon 01 Sep 2025 20:41:24 +0000
ROA not before: Mon 01 Sep 2025 20:41:24 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:51:5c:ba:43:97:1a:31:66:53:bc:55:7c:8f:11:8d:cc:46:57:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:41:24 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=2b63021458b71771bdd7b58d6326da02f17b1b11f385b01fd9b77be70de9a1a8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:76:70:29:66:d4:8d:b3:e1:14:45:ca:06:e4:
b2:c5:ac:ad:66:2c:cc:ff:31:1b:02:05:3b:b8:a2:
54:a5:b6:39:d1:80:03:92:5c:31:67:69:80:ee:17:
67:e6:0c:46:4d:cb:47:04:c9:df:54:26:90:f1:a1:
e1:5b:81:2e:15:50:9e:68:08:31:66:a3:45:68:ae:
76:78:35:15:2b:7f:6e:61:90:f1:8f:63:89:52:82:
00:8b:0d:85:dd:6b:f3:04:c4:6c:fc:36:2f:15:54:
9a:41:ec:93:1d:16:1b:ae:9b:64:43:59:c3:9c:70:
b5:93:0b:32:58:98:fd:34:5b:db:b3:b1:e2:4f:ee:
56:da:57:fa:b4:38:fb:a2:25:a4:1f:9a:a7:14:35:
6b:5e:25:8c:46:37:47:71:7f:72:c6:6c:f2:f1:04:
d6:5b:0c:fe:ce:67:73:91:14:02:46:de:1d:49:3c:
b5:f2:61:21:02:19:2f:7e:7e:24:4d:59:da:0b:8d:
c5:76:51:c8:51:3d:be:fc:c3:70:e4:fc:2b:4f:a2:
d8:5f:d0:7e:3c:61:19:00:e8:ab:e4:09:4a:3b:4f:
0b:a7:4f:3f:44:d0:3d:10:53:7f:d5:b2:e0:4a:1a:
2f:9a:07:b6:04:60:5d:91:bc:64:82:bf:39:85:dd:
66:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:41:F3:EC:BB:0E:86:25:B9:EF:B2:CD:28:8C:85:C7:C5:91:88:B9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa20760-fb28-4393-bec8-9ffb467f03e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:cc:81:d5:0a:c7:d3:b0:01:d6:46:b4:bd:d2:4e:cc:e7:ef:
c6:de:25:c6:cd:98:95:2a:fa:25:ad:58:d1:be:b3:d2:10:ed:
32:1a:e8:13:3c:c8:74:24:02:bf:fa:44:07:ff:d9:3a:fa:09:
e6:87:83:d3:da:99:ad:3a:af:74:f6:7a:23:be:35:f0:fb:d0:
3b:d1:a1:83:2f:81:1c:db:6b:88:58:f5:46:d5:c8:92:9f:33:
c6:bc:e0:10:76:d2:13:44:06:cc:9a:90:71:d1:9b:76:0b:d8:
f9:36:8e:64:13:20:bc:13:b2:32:c6:60:a5:18:d9:ca:0c:4c:
6c:e2:11:2f:fb:2b:d2:49:dd:f1:b7:c8:0c:ed:53:30:64:0a:
fe:35:8e:bf:9b:e7:fe:1f:cf:0b:d5:1a:e1:a1:6d:d0:10:c2:
ac:ae:b4:e2:99:23:e2:f7:f0:b2:39:ee:ee:d7:ee:ef:2f:6c:
4a:63:02:aa:43:09:4e:fb:d4:89:5d:05:f7:fb:53:9a:13:0e:
7b:37:f2:9c:9f:dd:f4:50:6f:ab:9b:11:e8:41:f1:ff:2e:02:
b1:42:bc:05:1f:1f:0b:98:b9:05:e4:f8:37:90:df:03:2e:91:
b5:91:7c:ca:bd:8f:5f:de:c9:e7:06:83:a6:7c:e2:b5:dd:6d:
f6:60:c6:bc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUlFcukOXGjFmU7xVfI8RjcxGV5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQxMjRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiNjMwMjE0NThiNzE3NzFiZGQ3YjU4ZDYzMjZkYTAyZjE3YjFiMTFmMzg1
YjAxZmQ5Yjc3YmU3MGRlOWExYTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMd2cClm1I2z4RRFygbkssWsrWYszP8xGwIFO7iiVKW2OdGAA5JcMWdpgO4X
Z+YMRk3LRwTJ31QmkPGh4VuBLhVQnmgIMWajRWiudng1FSt/bmGQ8Y9jiVKCAIsN
hd1r8wTEbPw2LxVUmkHskx0WG66bZENZw5xwtZMLMliY/TRb27Ox4k/uVtpX+rQ4
+6IlpB+apxQ1a14ljEY3R3F/csZs8vEE1lsM/s5nc5EUAkbeHUk8tfJhIQIZL35+
JE1Z2guNxXZRyFE9vvzDcOT8K0+i2F/QfjxhGQDoq+QJSjtPC6dPP0TQPRBTf9Wy
4EoaL5oHtgRgXZG8ZIK/OYXdZjcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTfQfPs
uw6GJbnvss0ojIXHxZGIuTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhMjA3NjAtZmIyOC00MzkzLWJlYzgtOWZmYjQ2N2YwM2U0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hpg
MA0GCSqGSIb3DQEBCwUAA4IBAQDBzIHVCsfTsAHWRrS90k7M5+/G3iXGzZiVKvol
rVjRvrPSEO0yGugTPMh0JAK/+kQH/9k6+gnmh4PT2pmtOq909nojvjXw+9A70aGD
L4Ec22uIWPVG1ciSnzPGvOAQdtITRAbMmpBx0Zt2C9j5No5kEyC8E7IyxmClGNnK
DExs4hEv+yvSSd3xt8gM7VMwZAr+NY6/m+f+H88L1RrhoW3QEMKsrrTimSPi9/Cy
Oe7u1+7vL2xKYwKqQwlO+9SJXQX3+1OaEw57N/Kcn930UG+rmxHoQfH/LgKxQrwF
Hx8LmLkF5Pg3kN8DLpG1kXzKvY9f3snnBoOmfOK13W32YMa8
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:51 2025 by rpki-client