Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
File: 50b60672-d484-48a0-9016-474bafea8912.roa (raw, json)
Hash identifier: KaS906RmGGH3/dtPYGld6yP6L0W6VIglMSIvXfFHr8Y=
Subject key identifier: AE:6E:3C:A8:B5:2D:95:AE:34:EF:B6:7A:7C:0B:7A:49:CE:76:5F:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F6F5BAF76FF28937525714CE6EBA8ADF88EEC13
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
Signing time: Mon 01 Sep 2025 21:20:07 +0000
ROA not before: Mon 01 Sep 2025 21:20:07 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:6f:5b:af:76:ff:28:93:75:25:71:4c:e6:eb:a8:ad:f8:8e:ec:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:20:07 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=c03073a5f4865de0f7228d4f67f7ac9aa744b6a40eb475720c85dc3cea7163f9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a2:3f:e5:c5:87:30:da:dd:34:70:4c:2a:75:
f4:29:60:c5:bb:4a:33:06:09:fa:03:44:92:7a:e0:
41:d5:bf:8b:b7:7f:78:31:0d:92:5a:46:16:e6:48:
fa:f8:65:60:c9:0d:db:1b:42:cd:b9:a3:7e:af:32:
74:1f:d8:ef:37:ae:67:b6:5e:69:ac:b9:80:90:40:
77:34:8a:e7:d7:05:2f:b8:e4:78:d8:43:1b:0d:05:
da:17:df:2c:1a:c6:3e:f6:e3:06:5c:0b:ef:34:1b:
5b:d7:76:6b:60:c5:25:2c:e0:14:aa:6d:f5:b4:6b:
6b:be:ba:ec:49:a5:a4:db:71:b3:64:5c:b8:81:fa:
52:f3:dc:3a:98:37:c5:b0:a4:a7:fe:88:d1:0c:69:
53:a5:25:8f:8f:c1:6d:89:97:ab:4f:65:e3:8f:98:
5a:7f:91:92:2a:76:85:db:66:45:4f:a0:66:81:63:
8f:0e:15:c6:bb:95:cf:8c:1b:68:02:e3:b6:55:a4:
0b:c7:e8:22:25:3e:bf:4a:3d:88:b0:37:bb:87:a6:
bf:6d:2a:b1:b4:da:15:2c:d7:8c:65:82:cd:24:29:
0e:e0:14:86:c9:0f:a6:28:b7:59:6b:62:5b:c8:d5:
6a:d5:fa:c7:a8:c3:ae:4b:e4:90:f8:bb:aa:26:6a:
90:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:6E:3C:A8:B5:2D:95:AE:34:EF:B6:7A:7C:0B:7A:49:CE:76:5F:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50b60672-d484-48a0-9016-474bafea8912.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/36
Signature Algorithm: sha256WithRSAEncryption
51:a4:1c:b5:bd:0e:04:21:a2:35:df:4c:22:64:07:b6:36:d4:
85:fb:5e:30:d4:a6:7a:99:92:4e:d4:52:d7:a6:cd:d8:2e:71:
ab:8d:b1:af:f2:64:15:29:d5:ff:76:96:d6:16:36:7e:10:59:
51:1b:d3:0d:c4:85:61:e6:6a:80:35:cd:47:4c:38:b5:13:c5:
cd:aa:d3:e3:49:17:67:54:bc:a7:ed:5e:8c:07:5a:2e:61:08:
45:b3:b4:81:84:ea:02:c6:d9:5b:66:16:d7:4e:2b:4f:26:d0:
41:1f:bd:f0:2c:9d:20:f9:f9:5e:fe:4f:31:64:c9:7a:7c:ae:
e7:5c:e3:ab:19:ad:d6:41:4b:22:f0:52:a9:2a:b5:0f:f5:32:
db:4c:91:f5:bc:16:8d:ae:c2:f9:01:29:bf:8d:62:f4:57:d6:
23:de:53:13:f8:4d:63:be:d6:31:86:01:61:e3:57:40:19:97:
9e:fd:a6:9c:f8:6d:b4:0e:64:69:67:c1:ac:ac:08:53:7d:5e:
1b:78:d6:7b:9f:20:e2:e0:79:1a:1c:aa:14:7b:bb:23:4d:3b:
4c:e7:7b:7c:10:41:ab:fa:e4:92:a6:36:8a:24:c5:75:c9:2e:
de:5b:c9:02:86:53:89:17:05:c1:50:73:44:6f:2f:57:07:05:
dc:5b:2a:f0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP29br3b/KJN1JXFM5uuorfiO7BMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIwMDdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwMzA3M2E1ZjQ4NjVkZTBmNzIyOGQ0ZjY3ZjdhYzlhYTc0NGI2YTQwZWI0
NzU3MjBjODVkYzNjZWE3MTYzZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKKiP+XFhzDa3TRwTCp19ClgxbtKMwYJ+gNEknrgQdW/i7d/eDENklpGFuZI
+vhlYMkN2xtCzbmjfq8ydB/Y7zeuZ7Zeaay5gJBAdzSK59cFL7jkeNhDGw0F2hff
LBrGPvbjBlwL7zQbW9d2a2DFJSzgFKpt9bRra7667EmlpNtxs2RcuIH6UvPcOpg3
xbCkp/6I0QxpU6Ulj4/BbYmXq09l44+YWn+Rkip2hdtmRU+gZoFjjw4VxruVz4wb
aALjtlWkC8foIiU+v0o9iLA3u4emv20qsbTaFSzXjGWCzSQpDuAUhskPpii3WWti
W8jVatX6x6jDrkvkkPi7qiZqkAECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSubjyo
tS2VrjTvtnp8C3pJznZfaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTBiNjA2NzItZDQ4NC00OGEwLTkwMTYtNDc0YmFmZWE4OTEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQBRpBy1vQ4EIaI130wiZAe2NtSF+14w1KZ6mZJO
1FLXps3YLnGrjbGv8mQVKdX/dpbWFjZ+EFlRG9MNxIVh5mqANc1HTDi1E8XNqtPj
SRdnVLyn7V6MB1ouYQhFs7SBhOoCxtlbZhbXTitPJtBBH73wLJ0g+fle/k8xZMl6
fK7nXOOrGa3WQUsi8FKpKrUP9TLbTJH1vBaNrsL5ASm/jWL0V9Yj3lMT+E1jvtYx
hgFh41dAGZee/aac+G20DmRpZ8GsrAhTfV4beNZ7nyDi4HkaHKoUe7sjTTtM53t8
EEGr+uSSpjaKJMV1yS7eW8kChlOJFwXBUHNEby9XBwXcWyrw
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:47 2025 by rpki-client