Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
File: 5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa (raw, json)
Hash identifier: 6Yt3S+iVom//8XX0a80oJ8ilpoxNE3LXsqEknYppS2o=
Subject key identifier: 74:A3:C9:6B:55:C5:8E:3C:E4:BE:41:06:C9:F7:49:15:9F:9F:CF:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24961A549CB5FE8B88861C8F415500FF6D83AD35
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
Signing time: Mon 01 Sep 2025 21:21:21 +0000
ROA not before: Mon 01 Sep 2025 21:21:21 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:96:1a:54:9c:b5:fe:8b:88:86:1c:8f:41:55:00:ff:6d:83:ad:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:21:21 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=c99facb994ec7ded1bd2e3b40d1e11d5d9d0e94ab318a19d0857a8eefa080377, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e2:89:39:d5:c8:76:fe:e4:b4:9b:37:ab:3e:
fc:a0:d2:d8:df:bf:72:2b:a5:2d:14:62:45:da:14:
41:4e:7e:6d:96:96:a0:78:0d:08:42:80:b4:3c:7b:
ed:9f:88:bf:d2:9e:60:31:9c:2f:d6:25:92:57:fb:
50:e3:66:48:9b:74:f9:8b:26:6e:93:4a:5c:b0:a7:
7b:bc:ef:9b:19:88:ed:a0:67:24:73:44:4a:69:1b:
5d:e2:3d:5b:ea:7c:94:4b:d7:1e:4c:2d:27:f0:21:
fa:cb:bb:c1:32:68:2e:87:dc:7d:94:0c:8e:62:81:
3a:21:e9:51:3e:44:84:37:65:a5:2a:48:8f:39:24:
cb:be:3a:91:fb:c7:d3:d7:6a:41:a6:10:cf:4c:34:
0d:96:70:c8:37:57:cd:84:65:10:f8:a3:17:bd:46:
f5:cf:5c:a4:82:e8:6d:25:5c:89:d9:af:0b:09:a5:
ee:01:27:05:7f:31:ba:b4:f1:e4:39:17:f3:72:dd:
f7:37:bc:39:fb:8e:51:05:52:ed:4b:a4:61:04:79:
7f:2f:58:e0:d1:a6:98:64:9a:cd:a0:15:36:3c:da:
f8:db:0f:43:fd:ac:96:af:fa:97:f3:06:6e:88:de:
eb:53:16:56:2f:d8:7a:a6:35:d1:fb:b8:d2:cc:ba:
e1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:A3:C9:6B:55:C5:8E:3C:E4:BE:41:06:C9:F7:49:15:9F:9F:CF:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a585e9d-8bf0-4bc1-ad7b-b6c3e0bf9b93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025:1000::/36
Signature Algorithm: sha256WithRSAEncryption
29:57:66:97:33:06:d1:89:81:59:59:79:40:0f:4c:3c:e3:46:
0e:75:37:fa:d0:29:7f:19:5f:44:01:8e:82:49:ef:24:1b:b7:
84:d6:a1:af:8a:58:bc:2b:40:b1:4a:1f:13:77:f4:c6:10:ed:
0d:ae:0c:9b:a4:30:a8:7c:1c:65:30:d9:5a:79:d4:73:be:14:
bd:16:ee:56:97:95:4b:1a:68:c7:d6:58:82:20:4a:b0:68:66:
d9:91:48:12:3d:42:e5:46:b4:54:1f:32:65:2f:73:1f:ed:5e:
4f:f3:fb:cc:15:8e:da:bc:3a:7b:f6:f4:07:0d:a4:0b:51:44:
b0:2a:7c:b4:67:0f:fb:ff:1d:2f:a5:8d:ea:c4:73:80:bf:30:
6c:f4:b4:d1:ab:41:65:d3:78:d7:27:1c:e6:1d:b1:90:12:89:
0e:82:cf:e9:ae:d9:be:28:06:ba:08:49:cc:fe:d0:19:db:b2:
e7:f5:1c:f3:17:9b:9d:a9:e7:5a:ee:51:10:3f:e8:60:7e:4a:
dc:f4:c8:07:c1:3d:52:c7:65:80:0d:f4:37:93:cf:27:40:e0:
5c:59:8e:55:53:41:a2:a9:ec:04:f5:d7:72:b9:d5:e6:47:9e:
d2:31:3f:ff:41:8f:cc:2b:88:7e:40:e4:b4:2d:59:cf:1e:30:
b6:fc:ad:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJJYaVJy1/ouIhhyPQVUA/22DrTUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIxMjFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5OWZhY2I5OTRlYzdkZWQxYmQyZTNiNDBkMWUxMWQ1ZDlkMGU5NGFiMzE4
YTE5ZDA4NTdhOGVlZmEwODAzNzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANXiiTnVyHb+5LSbN6s+/KDS2N+/ciulLRRiRdoUQU5+bZaWoHgNCEKAtDx7
7Z+Iv9KeYDGcL9Ylklf7UONmSJt0+YsmbpNKXLCne7zvmxmI7aBnJHNESmkbXeI9
W+p8lEvXHkwtJ/Ah+su7wTJoLofcfZQMjmKBOiHpUT5EhDdlpSpIjzkky746kfvH
09dqQaYQz0w0DZZwyDdXzYRlEPijF71G9c9cpILobSVcidmvCwml7gEnBX8xurTx
5DkX83Ld9ze8OfuOUQVS7UukYQR5fy9Y4NGmmGSazaAVNjza+NsPQ/2slq/6l/MG
boje61MWVi/YeqY10fu40sy64ecCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR0o8lr
VcWOPOS+QQbJ90kVn5/PQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWE1ODVlOWQtOGJmMC00YmMxLWFkN2ItYjZjM2UwYmY5YjkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQApV2aXMwbRiYFZWXlAD0w840YOdTf60Cl/GV9E
AY6CSe8kG7eE1qGvili8K0CxSh8Td/TGEO0NrgybpDCofBxlMNlaedRzvhS9Fu5W
l5VLGmjH1liCIEqwaGbZkUgSPULlRrRUHzJlL3Mf7V5P8/vMFY7avDp79vQHDaQL
UUSwKny0Zw/7/x0vpY3qxHOAvzBs9LTRq0Fl03jXJxzmHbGQEokOgs/prtm+KAa6
CEnM/tAZ27Ln9RzzF5udqeda7lEQP+hgfkrc9MgHwT1Sx2WADfQ3k88nQOBcWY5V
U0GiqewE9ddyudXmR57SMT//QY/MK4h+QOS0LVnPHjC2/K1l
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:30 2025 by rpki-client