Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/730c632c-0510-4eef-8649-b29c7a1d089b.roa
File: 730c632c-0510-4eef-8649-b29c7a1d089b.roa (raw, json)
Hash identifier: AzSmdEngQHS+PIC54WYb9D54wLyd9FeyZTl//saNDgE=
Subject key identifier: 23:88:C1:96:55:D2:F3:A9:DA:72:6C:79:90:2A:C9:B9:F0:C2:7C:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 05A92C4BCD39D45D1AC15C555DF887CD6844BE4C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/730c632c-0510-4eef-8649-b29c7a1d089b.roa
Signing time: Mon 01 Sep 2025 19:40:05 +0000
ROA not before: Mon 01 Sep 2025 19:40:05 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:a9:2c:4b:cd:39:d4:5d:1a:c1:5c:55:5d:f8:87:cd:68:44:be:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:40:05 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=2993fbaa76aa5fe3afe687ce94021d170f31b4c7981a6e757296c983883b6a26, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:08:c2:a9:19:2a:6a:a7:14:99:51:de:24:05:
86:5f:fe:f9:01:3e:5b:63:2d:86:61:a0:1e:97:68:
f2:4a:d2:22:62:2e:cf:6a:b4:c4:d9:a0:4b:7a:17:
18:58:0a:df:14:ea:32:6d:f4:8c:b5:3c:65:05:b6:
d3:f6:37:c2:df:97:77:52:cd:0f:79:04:85:37:c7:
32:6c:5b:a8:f0:e2:39:11:87:f0:d1:d1:ec:17:7a:
a2:b3:31:3b:77:c5:e3:4b:ee:b7:d1:4a:03:62:a1:
f7:82:17:6e:69:81:32:87:e2:ca:c4:ed:44:65:26:
4c:9e:6f:c6:3e:c6:b9:0d:cc:5e:93:be:77:a8:fe:
a2:9a:62:02:6f:f4:14:64:d4:98:98:05:4d:81:a3:
eb:66:c8:9d:ad:98:4c:25:7a:a0:49:04:d4:81:88:
8b:2d:87:f7:2d:34:0e:c8:0d:24:16:61:b6:44:1a:
4f:7c:a6:9d:33:5a:40:8e:3a:c4:9c:03:ce:f2:90:
e9:3f:44:9b:e4:01:c6:c7:ad:96:fd:90:a3:77:3c:
05:e3:38:fa:89:8e:3b:2e:88:77:85:4c:b7:39:67:
17:43:54:90:ae:a2:1e:8b:32:b3:74:cd:76:a9:94:
a7:1c:39:34:39:9f:d1:fe:52:58:d0:0c:a2:d5:97:
ac:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:88:C1:96:55:D2:F3:A9:DA:72:6C:79:90:2A:C9:B9:F0:C2:7C:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/730c632c-0510-4eef-8649-b29c7a1d089b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:2040::/48
Signature Algorithm: sha256WithRSAEncryption
b9:b8:7e:bf:99:2a:f9:41:a1:91:54:63:dd:42:30:ad:59:36:
b2:ab:5a:5e:98:f6:d2:89:c6:02:d4:ab:1d:26:03:f3:0f:43:
6d:bf:99:c8:d8:a0:b9:25:05:b5:f0:5e:6b:3f:a7:86:ac:df:
4e:1c:83:9e:40:69:14:2f:91:0a:6d:14:22:4a:43:af:4f:4d:
1b:f3:8d:f1:05:df:cb:13:00:f6:60:a4:b9:23:0f:0c:6a:e0:
76:0c:f8:fc:1a:b0:1d:6f:63:da:d7:ca:35:9b:7b:54:44:01:
87:06:7d:41:db:3d:eb:b3:78:db:28:f6:2d:83:0d:3e:00:51:
bb:0f:e8:9a:74:f4:b8:41:4b:78:6a:86:06:88:84:e0:b6:ef:
e4:62:d1:38:32:7b:ba:b0:77:0f:29:83:da:04:21:c8:c5:65:
16:ef:8d:72:31:71:ae:68:3a:07:cc:a7:90:54:24:fe:81:9b:
7d:72:9d:7b:45:d2:7c:5e:09:39:c4:e2:16:ed:b6:bb:fd:cf:
ab:a1:bd:29:a0:e2:b1:a8:28:df:d0:1c:62:ea:07:19:ac:5a:
1f:61:c3:ed:49:bb:b7:31:be:40:25:7e:6f:6a:26:5d:22:4c:
c3:75:22:b3:7b:16:eb:60:85:dd:4f:82:d8:42:af:d7:75:b9:
23:22:dc:b6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBaksS8051F0awVxVXfiHzWhEvkwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTQwMDVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5OTNmYmFhNzZhYTVmZTNhZmU2ODdjZTk0MDIxZDE3MGYzMWI0Yzc5ODFh
NmU3NTcyOTZjOTgzODgzYjZhMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQIwqkZKmqnFJlR3iQFhl/++QE+W2MthmGgHpdo8krSImIuz2q0xNmgS3oX
GFgK3xTqMm30jLU8ZQW20/Y3wt+Xd1LND3kEhTfHMmxbqPDiORGH8NHR7Bd6orMx
O3fF40vut9FKA2Kh94IXbmmBMofiysTtRGUmTJ5vxj7GuQ3MXpO+d6j+oppiAm/0
FGTUmJgFTYGj62bIna2YTCV6oEkE1IGIiy2H9y00DsgNJBZhtkQaT3ymnTNaQI46
xJwDzvKQ6T9Em+QBxsetlv2Qo3c8BeM4+omOOy6Id4VMtzlnF0NUkK6iHosys3TN
dqmUpxw5NDmf0f5SWNAMotWXrHcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQjiMGW
VdLzqdpybHmQKsm58MJ8qDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzMwYzYzMmMtMDUxMC00ZWVmLTg2NDktYjI5YzdhMWQwODliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEg
QDANBgkqhkiG9w0BAQsFAAOCAQEAubh+v5kq+UGhkVRj3UIwrVk2sqtaXpj20onG
AtSrHSYD8w9Dbb+ZyNiguSUFtfBeaz+nhqzfThyDnkBpFC+RCm0UIkpDr09NG/ON
8QXfyxMA9mCkuSMPDGrgdgz4/BqwHW9j2tfKNZt7VEQBhwZ9Qds967N42yj2LYMN
PgBRuw/omnT0uEFLeGqGBoiE4Lbv5GLRODJ7urB3DymD2gQhyMVlFu+NcjFxrmg6
B8ynkFQk/oGbfXKde0XSfF4JOcTiFu22u/3Pq6G9KaDisago39AcYuoHGaxaH2HD
7Um7tzG+QCV+b2omXSJMw3Uis3sW62CF3U+C2EKv13W5IyLctg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:31 2025 by rpki-client