Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
File: 4aa6172c-f263-4645-8d7a-40a15aee233f.roa (raw, json)
Hash identifier: /fPt0a4KeTzswO1iTRzV2Et1qvXKBtks3+8Aj5IR3E8=
Subject key identifier: 55:55:1C:40:CB:18:CB:A5:96:F7:82:44:17:59:7B:55:85:EE:A8:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37FC87E734C38B6B04F09B10AD75F541A91D3041
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
Signing time: Mon 01 Sep 2025 20:41:29 +0000
ROA not before: Mon 01 Sep 2025 20:41:29 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:fc:87:e7:34:c3:8b:6b:04:f0:9b:10:ad:75:f5:41:a9:1d:30:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:41:29 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=b1876f20a04814ef7a78f69edcf6e8fd31918b875260f5fb83ea1596b6eb3b11, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:5c:1e:c3:84:9b:b9:86:dc:a1:6a:d9:03:52:
bf:bf:7f:b1:81:07:94:a7:e8:6b:7a:b8:49:cb:b6:
8b:28:31:26:df:74:aa:16:99:76:4c:c8:11:07:15:
1b:56:75:d0:71:af:38:db:af:fe:a4:d6:8a:01:fd:
42:c2:7c:b2:97:13:27:85:9b:aa:43:d9:fe:d3:c1:
43:c4:70:9f:c1:cd:69:34:af:79:c6:04:bf:e7:02:
e2:b2:47:da:7c:34:fe:f3:63:4c:b7:7d:11:b8:3b:
7a:2f:ee:39:43:7b:04:71:56:ca:d3:7d:e2:e0:16:
ca:93:01:b3:9e:a5:e4:1e:74:f8:11:d5:a3:2b:1a:
e8:ac:4b:77:2c:85:72:8c:9e:c5:3d:c5:90:50:86:
15:2d:dc:67:97:9c:a0:96:6d:ca:83:0e:98:e1:61:
79:34:9d:35:47:f5:24:3b:5f:4b:cf:4d:48:62:b8:
de:c2:d8:bb:b5:71:05:af:a4:81:4c:f6:81:9b:a9:
34:2a:35:39:9c:03:ca:57:0e:f6:9d:4a:88:af:db:
41:d4:2b:66:b1:e0:05:1f:86:2c:02:30:67:51:ab:
66:df:69:4f:93:42:99:c6:63:94:81:87:08:cd:07:
b5:b5:72:7f:e8:82:06:f0:45:b6:f6:9e:f5:5b:5b:
18:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:55:1C:40:CB:18:CB:A5:96:F7:82:44:17:59:7B:55:85:EE:A8:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:8000::/40
Signature Algorithm: sha256WithRSAEncryption
5d:f3:a4:3e:94:1a:7c:8c:7f:f1:44:90:d8:6f:d6:1c:b7:ce:
6b:29:e8:21:97:e5:f0:8f:7e:41:39:47:dc:a0:b0:06:a2:34:
f2:25:9a:86:58:62:cd:1d:70:29:df:a6:b1:53:4e:29:7b:fb:
37:a8:54:20:64:d1:6f:97:f2:f1:72:50:2e:fe:40:24:1e:9b:
a4:ac:e2:11:64:66:ab:04:e4:f5:98:11:cc:56:a1:02:95:31:
e2:a7:0d:59:de:08:84:57:99:c8:db:1e:89:75:37:b7:7f:a1:
27:b3:e1:ac:cd:5a:77:27:03:c3:0b:d1:2a:b5:c2:7c:8c:c7:
43:de:bc:eb:cb:93:41:eb:41:68:31:1c:89:f3:51:14:fb:f7:
de:a9:18:69:3a:a1:54:10:fb:35:64:f8:9b:3f:75:55:91:af:
e6:aa:fb:cc:29:52:b7:a1:c0:61:5f:7a:7c:bc:5a:62:6b:d9:
ab:13:5a:74:b3:6d:5e:29:23:25:fb:24:3c:eb:12:f0:91:8b:
5c:43:7f:9a:ad:fd:23:69:40:b1:50:8e:cb:4b:fa:77:2b:c9:
99:52:81:3a:83:d9:d9:e0:f2:31:29:b4:53:f4:03:a7:4f:35:
ac:63:ad:e1:f4:c4:c3:2c:b8:7d:d7:44:1b:09:aa:f7:aa:38:
28:16:4e:23
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN/yH5zTDi2sE8JsQrXX1QakdMEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQxMjlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxODc2ZjIwYTA0ODE0ZWY3YTc4ZjY5ZWRjZjZlOGZkMzE5MThiODc1MjYw
ZjVmYjgzZWExNTk2YjZlYjNiMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOpcHsOEm7mG3KFq2QNSv79/sYEHlKfoa3q4Scu2iygxJt90qhaZdkzIEQcV
G1Z10HGvONuv/qTWigH9QsJ8spcTJ4WbqkPZ/tPBQ8Rwn8HNaTSvecYEv+cC4rJH
2nw0/vNjTLd9Ebg7ei/uOUN7BHFWytN94uAWypMBs56l5B50+BHVoysa6KxLdyyF
coyexT3FkFCGFS3cZ5ecoJZtyoMOmOFheTSdNUf1JDtfS89NSGK43sLYu7VxBa+k
gUz2gZupNCo1OZwDylcO9p1KiK/bQdQrZrHgBR+GLAIwZ1GrZt9pT5NCmcZjlIGH
CM0HtbVyf+iCBvBFtvae9VtbGCECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRVVRxA
yxjLpZb3gkQXWXtVhe6ooDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFhNjE3MmMtZjI2My00NjQ1LThkN2EtNDBhMTVhZWUyMzNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGA
MA0GCSqGSIb3DQEBCwUAA4IBAQBd86Q+lBp8jH/xRJDYb9Yct85rKeghl+Xwj35B
OUfcoLAGojTyJZqGWGLNHXAp36axU04pe/s3qFQgZNFvl/LxclAu/kAkHpukrOIR
ZGarBOT1mBHMVqEClTHipw1Z3giEV5nI2x6JdTe3f6Ens+GszVp3JwPDC9EqtcJ8
jMdD3rzry5NB60FoMRyJ81EU+/feqRhpOqFUEPs1ZPibP3VVka/mqvvMKVK3ocBh
X3p8vFpia9mrE1p0s21eKSMl+yQ86xLwkYtcQ3+arf0jaUCxUI7LS/p3K8mZUoE6
g9nZ4PIxKbRT9AOnTzWsY63h9MTDLLh910QbCar3qjgoFk4j
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:01 2025 by rpki-client