Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b0f19cc-b646-49d7-a134-8b1c2659541a.roa
File: 4b0f19cc-b646-49d7-a134-8b1c2659541a.roa (raw, json)
Hash identifier: QxKKrjujcnoMDfHmtG1lT8lxY0H/hjilCksjH1qpEVs=
Subject key identifier: 7D:97:8A:C6:86:05:57:2B:1F:00:F1:1B:D4:C4:A4:E4:46:13:30:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47D4C089B04560E1C5E62626E0D1C4CE71ECCE53
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b0f19cc-b646-49d7-a134-8b1c2659541a.roa
Signing time: Thu 04 Sep 2025 19:52:16 +0000
ROA not before: Thu 04 Sep 2025 19:52:16 +0000
ROA not after: Thu 09 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06d:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:d4:c0:89:b0:45:60:e1:c5:e6:26:26:e0:d1:c4:ce:71:ec:ce:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 4 19:52:16 2025 GMT
Not After : Oct 9 23:59:59 2025 GMT
Subject: serialNumber=7905d1d67b2ce1ac4661662db9872d35d7fdb2c717dcb29c8ba48875d2e3e982, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a7:bd:e5:91:57:98:53:27:6a:35:a7:a7:46:
fe:c5:7a:23:bb:33:b6:67:9d:7a:08:74:89:8b:da:
de:2a:aa:64:c3:70:de:a1:eb:6a:fc:92:73:c2:51:
1d:54:fe:90:e5:e1:76:a3:a6:79:f2:5d:22:da:6a:
62:5a:c1:d9:6c:0f:67:86:6a:41:7c:31:ce:b7:26:
d2:78:ff:22:72:cb:59:67:bf:2a:36:6b:25:49:fa:
eb:7f:16:92:22:64:35:ba:e2:e9:1b:a3:9f:88:b2:
67:68:ad:1f:94:e9:cd:29:04:7b:fd:1e:fc:d3:7c:
03:4f:98:9e:e9:d6:b0:26:b1:e1:1d:91:12:71:9f:
99:7e:4e:c4:33:89:a9:b7:c1:55:4a:d3:3e:38:da:
1c:69:22:a6:44:99:04:b5:b5:70:08:70:53:43:6e:
ee:aa:de:1a:4a:4c:95:aa:33:7e:ed:b1:67:80:f7:
ec:c3:d6:ed:94:ae:e6:97:3b:33:52:5c:42:d4:c4:
a3:4a:fb:a9:af:9b:66:72:75:14:c0:fc:46:22:fc:
f1:cc:a9:01:da:d1:73:49:87:ae:da:40:ef:28:5e:
d3:ca:bc:f7:3b:17:ef:0d:d8:59:46:79:fa:3a:a5:
85:ef:89:58:ab:f4:97:9d:dc:c7:d8:4a:ef:87:c4:
cd:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:97:8A:C6:86:05:57:2B:1F:00:F1:1B:D4:C4:A4:E4:46:13:30:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b0f19cc-b646-49d7-a134-8b1c2659541a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
a9:6c:30:fd:bc:bf:1d:56:15:64:27:44:62:ca:c6:00:de:3c:
ab:f7:ec:40:d8:62:05:a9:59:9b:8d:ec:ef:c9:5b:68:f9:96:
26:57:63:4d:ed:a1:be:13:3d:de:f6:a1:35:9a:70:e4:0b:2e:
98:0a:b0:5e:92:7c:0d:9c:f2:3a:20:cd:ba:82:c4:22:87:e0:
9d:08:c9:e5:08:91:30:f3:b8:23:09:b1:03:6a:ff:2b:c1:5d:
89:12:0d:cd:29:93:eb:bc:e5:aa:a2:e6:5f:65:e8:3c:8c:3c:
d0:ba:4e:aa:2b:0a:28:a6:f4:54:48:0b:2d:eb:53:2f:87:07:
8d:23:cf:c5:14:f4:19:df:e0:32:25:27:2c:e3:0b:b9:3f:37:
e2:79:5f:e9:63:03:35:a9:14:81:5a:bc:da:ac:e9:ea:fa:7c:
7e:8b:6c:52:c8:c4:06:10:54:76:3f:0a:67:c3:15:82:a0:64:
55:e5:8f:0c:0c:d8:cc:8d:21:3a:23:fb:ff:01:59:d4:56:de:
cd:06:41:8d:b8:8a:ee:2e:1f:7c:58:73:e6:c1:4c:c3:d6:2d:
a0:ac:50:9c:b2:ae:2e:0a:d7:a7:86:9e:81:de:8f:98:84:5a:
c0:ca:30:9d:93:8b:65:c0:4b:ce:8c:49:b8:32:d8:28:b2:1d:
49:d3:31:12
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUR9TAibBFYOHF5iYm4NHEznHszlMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDQxOTUyMTZaFw0yNTEwMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5MDVkMWQ2N2IyY2UxYWM0NjYxNjYyZGI5ODcyZDM1ZDdmZGIyYzcxN2Rj
YjI5YzhiYTQ4ODc1ZDJlM2U5ODIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+nveWRV5hTJ2o1p6dG/sV6I7sztmedegh0iYva3iqqZMNw3qHravySc8JR
HVT+kOXhdqOmefJdItpqYlrB2WwPZ4ZqQXwxzrcm0nj/InLLWWe/KjZrJUn6638W
kiJkNbri6Rujn4iyZ2itH5TpzSkEe/0e/NN8A0+YnunWsCax4R2REnGfmX5OxDOJ
qbfBVUrTPjjaHGkipkSZBLW1cAhwU0Nu7qreGkpMlaozfu2xZ4D37MPW7ZSu5pc7
M1JcQtTEo0r7qa+bZnJ1FMD8RiL88cypAdrRc0mHrtpA7yhe08q89zsX7w3YWUZ5
+jqlhe+JWKv0l53cx9hK74fEzacCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR9l4rG
hgVXKx8A8RvUxKTkRhMwVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGIwZjE5Y2MtYjY0Ni00OWQ3LWExMzQtOGIxYzI2NTk1NDFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G2A
wDANBgkqhkiG9w0BAQsFAAOCAQEAqWww/by/HVYVZCdEYsrGAN48q/fsQNhiBalZ
m43s78lbaPmWJldjTe2hvhM93vahNZpw5AsumAqwXpJ8DZzyOiDNuoLEIofgnQjJ
5QiRMPO4IwmxA2r/K8FdiRINzSmT67zlqqLmX2XoPIw80LpOqisKKKb0VEgLLetT
L4cHjSPPxRT0Gd/gMiUnLOMLuT834nlf6WMDNakUgVq82qzp6vp8fotsUsjEBhBU
dj8KZ8MVgqBkVeWPDAzYzI0hOiP7/wFZ1FbezQZBjbiK7i4ffFhz5sFMw9YtoKxQ
nLKuLgrXp4aegd6PmIRawMownZOLZcBLzoxJuDLYKLIdSdMxEg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:23 2025 by rpki-client