Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
File: 4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa (raw, json)
Hash identifier: f/nsnMxJ1f2qoj9etTwO9rGganh5FK6Ju+DtVWsGKQA=
Subject key identifier: 74:5B:22:27:A8:09:6F:E4:B8:97:D8:F7:AC:A7:D3:20:3C:13:C2:A3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27399870CC2214DC190230CADBFEA39A8C4D53F4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
Signing time: Mon 01 Sep 2025 20:51:30 +0000
ROA not before: Mon 01 Sep 2025 20:51:30 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:39:98:70:cc:22:14:dc:19:02:30:ca:db:fe:a3:9a:8c:4d:53:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:51:30 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=c90b29fb9c602e2ad831a8b79133582dd4f698abd77b07a5cccd3c16a6171169, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:66:26:26:d2:9a:c2:24:4f:17:4e:86:40:e5:
8c:da:49:f0:41:fc:b7:c2:78:59:6a:b6:81:87:dd:
4f:9d:13:96:5b:3a:5a:01:21:2c:51:7f:2e:a6:00:
4b:2e:78:ef:03:53:a7:cd:da:86:39:6d:12:1d:cb:
d1:7f:49:89:84:ee:27:c0:e2:02:f0:56:c9:e3:88:
f5:9d:61:0e:21:b5:4a:b0:08:79:c2:c9:aa:67:ec:
7d:ce:5a:e9:3e:44:c3:56:6e:28:d4:cc:20:10:a3:
f9:7f:04:f0:47:12:28:d9:9c:45:65:87:d6:af:59:
57:72:de:b9:31:6a:e3:eb:88:ec:3b:27:bb:1f:12:
84:c7:02:94:23:0d:28:f1:b8:c9:e5:8e:7b:56:3d:
96:61:88:66:81:22:7c:9c:5b:6b:d6:8a:b2:fc:15:
ff:8e:4d:12:cb:64:ab:4a:6e:b6:0c:1d:e9:de:e5:
ad:38:41:de:a5:41:76:17:88:44:d8:52:9d:c3:b8:
7a:eb:1e:5a:b1:cb:2d:d9:f7:ea:ae:5c:f7:73:11:
b3:4d:05:31:fc:a5:19:b2:38:68:c5:40:2e:c7:96:
18:d3:94:75:75:23:4a:e7:c3:73:f6:d6:a3:30:f0:
58:7b:62:57:57:26:21:8c:21:ce:86:10:2c:77:42:
74:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:5B:22:27:A8:09:6F:E4:B8:97:D8:F7:AC:A7:D3:20:3C:13:C2:A3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ad4b1d5-173e-4c13-8032-ab2dd1fafee4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:c000::/40
Signature Algorithm: sha256WithRSAEncryption
49:3d:b1:71:b7:81:cf:fc:95:18:c0:46:ad:0d:d4:77:f7:b5:
a0:11:f1:43:0d:e2:01:2a:6e:d8:d2:60:39:21:66:17:77:7d:
e7:68:6e:da:b5:91:cc:71:0c:93:67:2c:18:78:05:50:0c:f1:
eb:cc:36:b9:c2:3b:88:e6:03:57:2c:20:7a:c2:2f:8a:98:56:
96:2f:6f:91:57:19:17:3b:a5:37:d5:9c:30:36:2f:1c:14:2b:
c4:15:3d:8f:94:b3:02:d4:d6:b7:a2:65:04:a2:7c:f8:4f:7c:
97:5e:8b:27:a7:69:77:1b:22:89:b8:e9:d0:aa:92:a0:9a:6d:
06:e5:63:e2:ba:6b:1a:e7:da:66:d4:a8:7b:e1:b6:de:42:c2:
57:63:78:c9:0b:7f:0b:8b:b6:bc:5b:7b:41:ed:3b:d4:96:f8:
2b:09:9f:dd:c5:7b:50:72:c0:32:14:ea:3a:ce:24:cb:3a:75:
2f:ff:2b:04:24:bb:d8:e4:2b:dd:50:85:74:db:c8:3a:d5:4f:
c4:7f:14:f3:0b:73:21:24:0e:8b:dd:d3:b2:b4:bb:3f:db:54:
9f:c8:03:02:8a:28:22:b3:34:21:25:84:a1:74:6b:46:ac:ec:
2b:b5:45:de:36:4e:0d:ff:29:d3:bd:d3:c3:52:14:65:3c:6d:
1e:cc:2d:dc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJzmYcMwiFNwZAjDK2/6jmoxNU/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUxMzBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5MGIyOWZiOWM2MDJlMmFkODMxYThiNzkxMzM1ODJkZDRmNjk4YWJkNzdi
MDdhNWNjY2QzYzE2YTYxNzExNjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJhmJibSmsIkTxdOhkDljNpJ8EH8t8J4WWq2gYfdT50Tlls6WgEhLFF/LqYA
Sy547wNTp83ahjltEh3L0X9JiYTuJ8DiAvBWyeOI9Z1hDiG1SrAIecLJqmfsfc5a
6T5Ew1ZuKNTMIBCj+X8E8EcSKNmcRWWH1q9ZV3LeuTFq4+uI7Dsnux8ShMcClCMN
KPG4yeWOe1Y9lmGIZoEifJxba9aKsvwV/45NEstkq0putgwd6d7lrThB3qVBdheI
RNhSncO4euseWrHLLdn36q5c93MRs00FMfylGbI4aMVALseWGNOUdXUjSufDc/bW
ozDwWHtiV1cmIYwhzoYQLHdCdOUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR0WyIn
qAlv5LiX2Pesp9MgPBPCozAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGFkNGIxZDUtMTczZS00YzEzLTgwMzItYWIyZGQxZmFmZWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FDA
MA0GCSqGSIb3DQEBCwUAA4IBAQBJPbFxt4HP/JUYwEatDdR397WgEfFDDeIBKm7Y
0mA5IWYXd33naG7atZHMcQyTZywYeAVQDPHrzDa5wjuI5gNXLCB6wi+KmFaWL2+R
VxkXO6U31ZwwNi8cFCvEFT2PlLMC1Na3omUEonz4T3yXXosnp2l3GyKJuOnQqpKg
mm0G5WPiumsa59pm1Kh74bbeQsJXY3jJC38Li7a8W3tB7TvUlvgrCZ/dxXtQcsAy
FOo6ziTLOnUv/ysEJLvY5CvdUIV028g61U/EfxTzC3MhJA6L3dOytLs/21SfyAMC
iigiszQhJYShdGtGrOwrtUXeNk4N/ynTvdPDUhRlPG0ezC3c
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:08 2025 by rpki-client