Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58699fff-50fe-46a7-8e85-38dbafe34c1b.roa
File: 58699fff-50fe-46a7-8e85-38dbafe34c1b.roa (raw, json)
Hash identifier: YgsWBDVxV1LbOlMPGD0o1eqMZsBdkXZqSSp1zlJQ8MQ=
Subject key identifier: 32:E5:6D:FD:54:DB:5E:01:4C:92:C5:F3:AD:2C:6F:D4:7D:2F:8D:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 14FE87D86AE34EF4D6BD34F03DBBF6866C05CBD9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58699fff-50fe-46a7-8e85-38dbafe34c1b.roa
Signing time: Mon 01 Sep 2025 21:00:09 +0000
ROA not before: Mon 01 Sep 2025 21:00:09 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:fe:87:d8:6a:e3:4e:f4:d6:bd:34:f0:3d:bb:f6:86:6c:05:cb:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:00:09 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=8a861ad5ef9282684cfb46318d00295c3aa2d852829c099ee5d719ef94c22fcf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c4:f8:ea:c7:64:78:ea:7d:a9:6e:6a:33:94:
bf:94:49:36:b8:d2:9b:ed:c4:db:47:b1:b4:11:4d:
32:35:ba:9b:d5:9d:30:01:4f:39:6e:09:c6:88:42:
05:f0:2c:ae:f7:ec:37:8c:9c:c4:6b:aa:85:40:f6:
ac:41:92:4c:41:c6:c8:33:72:90:b6:c0:4a:76:69:
30:30:1d:d8:64:60:c1:a3:f8:d6:c1:6e:0d:46:42:
0a:67:53:90:74:89:49:8a:86:1b:f8:d1:3e:4f:56:
5d:72:a7:88:59:98:db:87:ed:c5:36:a8:bc:5a:ea:
93:19:0a:16:9a:6c:bf:ea:13:94:71:ba:73:f3:53:
52:30:6b:8e:89:fd:54:cf:6f:2e:e5:8d:97:e1:5d:
6b:70:cd:43:2a:eb:11:da:9b:26:fd:dd:61:25:e6:
28:62:5d:6a:c8:79:d1:3b:6c:82:b3:8e:5e:f5:dc:
2d:d4:80:ef:6b:33:b1:4b:bf:db:24:f2:8c:ee:d0:
6a:5f:14:16:31:96:73:59:b8:0d:95:43:18:45:87:
7d:f2:c7:2e:da:f7:c5:9d:06:4d:0c:93:26:97:01:
67:87:a0:f6:cf:43:bd:0a:b2:fe:d8:56:33:f3:99:
7f:8f:9b:21:21:6f:e6:77:b6:1f:46:ce:68:0a:18:
a2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E5:6D:FD:54:DB:5E:01:4C:92:C5:F3:AD:2C:6F:D4:7D:2F:8D:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58699fff-50fe-46a7-8e85-38dbafe34c1b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:e000::/40
Signature Algorithm: sha256WithRSAEncryption
1c:29:53:69:e3:e2:d9:a7:ce:ae:d4:75:bd:23:1e:94:42:b8:
95:6b:78:ed:cb:ce:1c:96:61:34:81:6e:e6:40:62:fc:aa:82:
34:01:6d:3a:6c:c6:5a:4c:f0:b2:dd:53:42:bc:63:97:1a:20:
5e:db:ad:30:f5:e2:5f:c6:4e:d1:a7:41:b2:a6:32:c5:44:57:
ff:7d:38:90:e1:01:fb:84:65:70:cf:3d:5c:69:06:a6:f6:fe:
be:59:9f:57:50:76:bb:51:c6:a6:81:ad:01:cc:08:fd:99:72:
45:87:10:ed:16:fe:27:a9:fc:d6:88:a5:0d:c3:c9:9f:0c:c6:
6e:e2:fd:d6:7f:4c:ce:3b:3a:94:95:36:fe:c6:d4:b9:6e:f0:
1a:c9:6b:f6:b1:b9:84:06:9c:a0:64:80:3a:93:47:28:89:8a:
40:f1:5e:4e:d5:1f:63:5d:43:d9:b6:e9:e0:56:0a:93:a6:8e:
78:b9:55:3d:98:12:54:c2:19:63:d6:31:de:f7:8a:9d:50:5d:
79:00:cb:ea:af:87:ce:80:c8:96:1a:a4:b8:b6:0f:76:68:ab:
4d:1b:fa:35:ae:36:08:78:c8:d5:73:e6:01:77:7b:71:49:1c:
1d:c4:c8:52:5f:e1:7a:84:8f:82:e0:9e:fa:fc:5f:46:da:e6:
1b:a1:ac:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFP6H2GrjTvTWvTTwPbv2hmwFy9kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAwMDlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhODYxYWQ1ZWY5MjgyNjg0Y2ZiNDYzMThkMDAyOTVjM2FhMmQ4NTI4Mjlj
MDk5ZWU1ZDcxOWVmOTRjMjJmY2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOzE+OrHZHjqfaluajOUv5RJNrjSm+3E20extBFNMjW6m9WdMAFPOW4JxohC
BfAsrvfsN4ycxGuqhUD2rEGSTEHGyDNykLbASnZpMDAd2GRgwaP41sFuDUZCCmdT
kHSJSYqGG/jRPk9WXXKniFmY24ftxTaovFrqkxkKFppsv+oTlHG6c/NTUjBrjon9
VM9vLuWNl+Fda3DNQyrrEdqbJv3dYSXmKGJdash50TtsgrOOXvXcLdSA72szsUu/
2yTyjO7Qal8UFjGWc1m4DZVDGEWHffLHLtr3xZ0GTQyTJpcBZ4eg9s9DvQqy/thW
M/OZf4+bISFv5ne2H0bOaAoYoqECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQy5W39
VNteAUySxfOtLG/UfS+NXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTg2OTlmZmYtNTBmZS00NmE3LThlODUtMzhkYmFmZTM0YzFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/g
MA0GCSqGSIb3DQEBCwUAA4IBAQAcKVNp4+LZp86u1HW9Ix6UQriVa3jty84clmE0
gW7mQGL8qoI0AW06bMZaTPCy3VNCvGOXGiBe260w9eJfxk7Rp0GypjLFRFf/fTiQ
4QH7hGVwzz1caQam9v6+WZ9XUHa7Ucamga0BzAj9mXJFhxDtFv4nqfzWiKUNw8mf
DMZu4v3Wf0zOOzqUlTb+xtS5bvAayWv2sbmEBpygZIA6k0coiYpA8V5O1R9jXUPZ
tungVgqTpo54uVU9mBJUwhlj1jHe94qdUF15AMvqr4fOgMiWGqS4tg92aKtNG/o1
rjYIeMjVc+YBd3txSRwdxMhSX+F6hI+C4J76/F9G2uYboazX
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:50 2025 by rpki-client