Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
File: 5246cdd9-6493-4560-b4c3-8d974de78b57.roa (raw, json)
Hash identifier: bgEMmocwLqDVsiOOWT8zUG2pLanu5nXNf9VuVJkM9jk=
Subject key identifier: F4:02:F0:9F:DF:4C:2D:D0:AA:C7:BD:50:A4:EC:18:80:DB:55:8C:4C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2E25034C0D79417E9B689B32D548BF8175795137
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
Signing time: Mon 01 Sep 2025 21:01:18 +0000
ROA not before: Mon 01 Sep 2025 21:01:18 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:25:03:4c:0d:79:41:7e:9b:68:9b:32:d5:48:bf:81:75:79:51:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:01:18 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=1ca401b45ed05257b006458e46b5f076b5273517ba5e5391173234c6154e01ad, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:16:48:71:fa:05:f9:99:f5:88:6d:66:72:e1:
03:33:ec:10:07:e0:23:25:dd:ed:c0:06:50:78:4c:
6d:86:91:8f:42:8c:c9:a2:18:6d:40:c2:02:e1:93:
c7:7a:97:4b:51:20:19:fd:c7:3c:d1:98:1d:fd:9a:
c8:fe:b8:ca:73:21:8d:72:09:2f:30:12:4b:fe:8c:
e4:b5:a1:89:3b:3d:ee:c7:8d:21:37:ba:56:0f:2f:
54:63:c4:25:bf:3b:9e:96:59:c6:0d:16:6a:c0:c5:
28:d1:b4:cc:29:c3:43:15:9a:48:9c:73:8d:c2:94:
5d:1b:b9:35:d7:59:54:12:da:88:4d:4a:92:e6:d0:
3c:43:33:6d:40:9d:71:8e:55:67:73:f4:9f:a5:6e:
82:fa:15:d5:ac:b9:da:9d:1b:2b:17:4e:fb:b6:f6:
e3:fa:fb:c7:62:46:0f:6b:05:9c:b1:99:d2:7e:83:
36:74:c2:7a:2d:2b:80:71:ec:47:2f:ed:09:f1:c5:
03:4a:77:bc:da:b2:0c:61:51:18:88:f6:fc:4a:5a:
3f:93:3d:da:a8:d2:3f:b1:b9:cc:61:0c:e0:fa:15:
67:8f:e4:bc:58:f2:d5:19:16:4f:97:af:ea:9e:5c:
10:66:46:8c:f8:cd:f1:47:74:53:a2:6c:65:a0:74:
1e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:02:F0:9F:DF:4C:2D:D0:AA:C7:BD:50:A4:EC:18:80:DB:55:8C:4C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:c000::/40
Signature Algorithm: sha256WithRSAEncryption
3d:54:b8:e8:03:c0:c3:97:0d:63:ac:20:de:c1:2f:93:d8:8f:
f0:b8:ac:27:e3:7f:77:6b:2e:12:a5:60:3e:1b:2b:36:36:2e:
85:dc:5f:08:07:a0:18:0f:70:23:2a:15:d1:f6:0e:8e:92:fc:
7f:54:a4:6f:73:3e:84:c7:73:54:40:a9:be:0c:8f:90:0a:bd:
fb:24:7a:e7:9a:91:46:9d:9f:64:27:c2:a7:67:44:27:c9:c4:
e8:1f:d7:e1:2c:74:d5:99:32:16:0d:c5:44:76:e7:5e:42:e6:
6a:3c:ca:a5:1d:10:b3:84:43:15:38:2e:53:42:1e:c9:3f:d1:
1f:0f:3d:1f:bc:74:e7:fb:ff:af:84:e6:7d:37:24:4d:3e:98:
8d:5f:af:9a:a0:73:90:f1:f3:e6:eb:bb:a5:29:f1:47:3d:92:
79:d6:64:b3:93:86:93:71:8a:2d:c2:02:a8:e8:f0:1d:8a:c7:
80:23:18:e0:b9:35:49:13:02:f0:b7:55:3f:53:b8:b3:ea:bc:
0b:1a:60:24:67:a1:af:1f:92:8b:2f:86:e6:ea:ea:24:80:28:
16:b2:f8:67:8a:d7:cd:4b:e3:c0:18:91:ef:2d:64:ee:8d:8d:
e3:41:c3:ba:da:a5:d3:93:05:58:83:26:fe:0d:66:26:3b:4b:
30:3b:c4:45
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULiUDTA15QX6baJsy1Ui/gXV5UTcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAxMThaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjYTQwMWI0NWVkMDUyNTdiMDA2NDU4ZTQ2YjVmMDc2YjUyNzM1MTdiYTVl
NTM5MTE3MzIzNGM2MTU0ZTAxYWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYWSHH6BfmZ9YhtZnLhAzPsEAfgIyXd7cAGUHhMbYaRj0KMyaIYbUDCAuGT
x3qXS1EgGf3HPNGYHf2ayP64ynMhjXIJLzASS/6M5LWhiTs97seNITe6Vg8vVGPE
Jb87npZZxg0WasDFKNG0zCnDQxWaSJxzjcKUXRu5NddZVBLaiE1KkubQPEMzbUCd
cY5VZ3P0n6VugvoV1ay52p0bKxdO+7b24/r7x2JGD2sFnLGZ0n6DNnTCei0rgHHs
Ry/tCfHFA0p3vNqyDGFRGIj2/EpaP5M92qjSP7G5zGEM4PoVZ4/kvFjy1RkWT5ev
6p5cEGZGjPjN8Ud0U6JsZaB0Hr0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT0AvCf
30wt0KrHvVCk7BiA21WMTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI0NmNkZDktNjQ5My00NTYwLWI0YzMtOGQ5NzRkZTc4YjU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DjA
MA0GCSqGSIb3DQEBCwUAA4IBAQA9VLjoA8DDlw1jrCDewS+T2I/wuKwn4393ay4S
pWA+Gys2Ni6F3F8IB6AYD3AjKhXR9g6Okvx/VKRvcz6Ex3NUQKm+DI+QCr37JHrn
mpFGnZ9kJ8KnZ0QnycToH9fhLHTVmTIWDcVEdudeQuZqPMqlHRCzhEMVOC5TQh7J
P9EfDz0fvHTn+/+vhOZ9NyRNPpiNX6+aoHOQ8fPm67ulKfFHPZJ51mSzk4aTcYot
wgKo6PAdiseAIxjguTVJEwLwt1U/U7iz6rwLGmAkZ6GvH5KLL4bm6uokgCgWsvhn
itfNS+PAGJHvLWTujY3jQcO62qXTkwVYgyb+DWYmO0swO8RF
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:10:22 2025 by rpki-client