Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68f2af14-43e2-4447-a8a7-f8fe713e249e.roa
File: 68f2af14-43e2-4447-a8a7-f8fe713e249e.roa (raw, json)
Hash identifier: zfGTu/wCpjJkZnWD+krRlGx0ih5Aw2oK0oM0Pzb8yfc=
Subject key identifier: 5E:42:C9:49:A1:3D:EE:AD:89:89:C8:B8:EB:68:32:25:E2:1D:E9:19
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E9F2E46E4895C4FC45191183276C23BE1CCE2BF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68f2af14-43e2-4447-a8a7-f8fe713e249e.roa
Signing time: Wed 03 Sep 2025 00:10:28 +0000
ROA not before: Wed 03 Sep 2025 00:10:28 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01f:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:9f:2e:46:e4:89:5c:4f:c4:51:91:18:32:76:c2:3b:e1:cc:e2:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 3 00:10:28 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=a4f82457575cea61314099b1c04a837b0710b66543c67c7e65a4563b7b2b2d3f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:21:d1:7a:fd:fe:3c:fb:49:f7:99:9c:c8:54:
06:21:71:9d:43:f6:b9:a6:4d:24:8a:2d:cd:a2:2e:
85:a6:94:36:e4:3b:8b:df:30:97:5b:d5:6e:a7:ce:
ba:f8:89:ea:ed:bc:92:2d:23:db:57:f6:29:f6:44:
08:ba:32:0e:09:99:ca:c5:f3:60:99:1e:06:53:30:
ca:d4:51:c2:42:6f:d6:35:76:c9:28:78:35:00:75:
a5:5e:e6:65:ff:7a:1d:7d:44:c8:7a:36:03:b8:ed:
eb:82:11:1c:e9:83:af:13:a6:87:bf:23:c1:a9:33:
98:eb:af:5a:8b:17:e8:f2:45:3e:ad:20:75:e8:06:
5f:77:fb:0e:74:b1:a7:b3:32:b4:fc:cc:2e:db:28:
5b:02:86:63:f4:f1:f6:9a:91:a9:19:e7:f3:01:e7:
c7:2e:3e:6f:4f:cd:88:64:c3:0b:92:46:14:8b:73:
2d:47:3a:6f:00:03:92:f4:9d:26:5c:80:ef:40:fa:
0d:cb:09:2b:86:90:29:56:1f:25:fa:30:70:94:b6:
72:c1:62:06:5f:f3:0e:b2:36:f5:f5:81:37:3d:4a:
2a:4b:3b:32:4c:a2:23:3e:39:25:a3:e4:b5:45:c9:
6d:a9:cf:7f:2b:2e:82:d7:f2:09:0a:79:6c:84:19:
ff:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:42:C9:49:A1:3D:EE:AD:89:89:C8:B8:EB:68:32:25:E2:1D:E9:19
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68f2af14-43e2-4447-a8a7-f8fe713e249e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01f:800::/37
Signature Algorithm: sha256WithRSAEncryption
2a:3d:47:a6:07:44:fc:21:52:d4:28:e8:c5:e4:17:11:68:9c:
f1:3c:5a:78:3c:66:45:63:b7:fd:48:36:ad:ec:9c:e0:2c:4f:
67:9e:23:82:23:74:9a:df:45:c7:f3:08:18:36:ff:93:49:20:
b5:53:e1:c3:e7:2e:89:59:80:6c:de:cb:b2:5d:d9:09:0e:07:
76:99:04:a8:d1:65:dc:7c:76:63:12:6f:26:39:dc:6c:ed:3b:
b8:49:f4:41:01:41:d2:9f:37:b3:07:0a:66:89:22:96:6c:1a:
54:a7:c8:af:a0:4c:1e:ed:fc:ad:8b:6f:3a:50:e1:8f:d0:4e:
b7:b7:8c:78:59:f7:2d:bc:52:f5:d3:9f:b9:64:d0:6f:1a:36:
cd:99:43:e2:aa:e6:b5:1d:97:cd:20:97:f0:e8:39:a4:47:7a:
43:f7:b2:bb:59:49:11:99:cd:3b:60:3c:ea:7a:ad:cc:80:04:
f9:48:4d:a9:12:c3:95:05:7a:2d:c4:bc:77:e1:fe:6c:80:b4:
6f:21:92:45:4c:0c:2e:68:c5:65:14:c1:f4:02:07:a0:c5:f7:
1f:22:b9:12:d3:de:47:6b:8f:19:53:d2:08:be:19:0d:0e:8e:
29:a2:17:da:3a:ff:48:1a:78:bc:6b:1b:e6:c2:59:1f:5f:ed:
f7:b7:eb:b2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDp8uRuSJXE/EUZEYMnbCO+HM4r8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDMwMDEwMjhaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0ZjgyNDU3NTc1Y2VhNjEzMTQwOTliMWMwNGE4MzdiMDcxMGI2NjU0M2M2
N2M3ZTY1YTQ1NjNiN2IyYjJkM2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALch0Xr9/jz7SfeZnMhUBiFxnUP2uaZNJIotzaIuhaaUNuQ7i98wl1vVbqfO
uviJ6u28ki0j21f2KfZECLoyDgmZysXzYJkeBlMwytRRwkJv1jV2ySh4NQB1pV7m
Zf96HX1EyHo2A7jt64IRHOmDrxOmh78jwakzmOuvWosX6PJFPq0gdegGX3f7DnSx
p7MytPzMLtsoWwKGY/Tx9pqRqRnn8wHnxy4+b0/NiGTDC5JGFItzLUc6bwADkvSd
JlyA70D6DcsJK4aQKVYfJfowcJS2csFiBl/zDrI29fWBNz1KKks7MkyiIz45JaPk
tUXJbanPfysugtfyCQp5bIQZ/+MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBReQslJ
oT3urYmJyLjraDIl4h3pGTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhmMmFmMTQtNDNlMi00NDQ3LWE4YTctZjhmZTcxM2UyNDllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B8I
MA0GCSqGSIb3DQEBCwUAA4IBAQAqPUemB0T8IVLUKOjF5BcRaJzxPFp4PGZFY7f9
SDat7JzgLE9nniOCI3Sa30XH8wgYNv+TSSC1U+HD5y6JWYBs3suyXdkJDgd2mQSo
0WXcfHZjEm8mOdxs7Tu4SfRBAUHSnzezBwpmiSKWbBpUp8ivoEwe7fyti286UOGP
0E63t4x4WfctvFL105+5ZNBvGjbNmUPiqua1HZfNIJfw6DmkR3pD97K7WUkRmc07
YDzqeq3MgAT5SE2pEsOVBXotxLx34f5sgLRvIZJFTAwuaMVlFMH0AgegxfcfIrkS
095Ha48ZU9IIvhkNDo4pohfaOv9IGni8axvmwlkfX+33t+uy
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:10 2025 by rpki-client