Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
File: 74c7eb62-ad02-4aa2-9be5-024692c6239f.roa (raw, json)
Hash identifier: YPsbJkvnllulN7ZGsG4EroKj8sAZnkRvUgvivu84atg=
Subject key identifier: 83:91:F0:1C:FE:0B:75:6E:3D:4E:6A:56:09:20:DE:DB:20:EF:BF:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 629403EEF818B6B6389A45D38980083DDFB1A075
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
Signing time: Mon 01 Sep 2025 20:00:56 +0000
ROA not before: Mon 01 Sep 2025 20:00:56 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:94:03:ee:f8:18:b6:b6:38:9a:45:d3:89:80:08:3d:df:b1:a0:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:00:56 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=6742e359089c6c923fc0fb06760dcba132d7eeb1037546dc29d8861fce9991f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:88:84:51:2d:c8:41:f0:3c:52:5e:cd:7f:16:
4b:79:6a:bc:97:dc:78:b2:da:63:20:a4:7c:8c:fc:
16:7f:13:56:3d:a7:38:58:65:f6:f5:19:8a:87:11:
63:fd:29:9e:5d:cd:f5:a6:87:a6:c2:30:ac:33:64:
9d:da:a8:84:49:cd:7c:67:e5:a5:b2:d9:f1:aa:b3:
2a:1c:ee:18:d6:6e:ba:b4:ad:95:f0:89:cc:30:65:
1e:07:70:b1:81:46:87:50:6f:e0:17:6f:6b:11:e6:
f8:d5:a1:82:cf:8d:01:6f:84:f1:65:f2:21:98:cc:
5a:9a:05:e6:d7:1c:24:9a:4a:ac:34:a6:0c:8d:9f:
2d:dc:6c:9d:5a:36:cd:e7:85:18:94:6e:f4:06:ad:
3a:83:8a:fd:a2:76:15:28:c3:2f:83:3f:27:4d:09:
32:33:01:6e:bf:34:0b:ae:7e:11:99:f1:2c:4d:ef:
12:9f:f5:04:06:8c:d1:6f:10:e2:a3:0e:b1:f7:74:
08:3b:34:26:cf:c6:92:6c:23:f2:f2:d4:a6:4c:c6:
3f:eb:ce:8d:a0:18:09:01:8c:74:61:4d:10:95:a9:
ce:1b:8d:66:a4:72:9d:97:da:ad:3b:5c:2b:e0:86:
a2:58:b5:bf:49:18:fa:89:28:dd:08:c3:ea:70:a6:
70:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:91:F0:1C:FE:0B:75:6E:3D:4E:6A:56:09:20:DE:DB:20:EF:BF:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/74c7eb62-ad02-4aa2-9be5-024692c6239f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2000::/40
Signature Algorithm: sha256WithRSAEncryption
bd:2a:b5:c2:5c:b9:89:c8:92:4c:38:25:e9:40:53:0c:c0:42:
2b:25:99:74:4e:b5:da:09:9f:00:d2:d7:89:e8:f0:28:32:a6:
17:37:34:fb:f5:d7:af:16:26:31:78:26:fd:e0:3c:35:69:6b:
9f:73:0f:17:ff:1c:b6:5f:ab:0a:c6:b5:01:f9:df:48:87:9f:
8e:ca:73:e0:51:5f:fa:4b:d6:aa:83:50:60:6d:01:0e:2b:7e:
45:9b:87:76:df:25:72:bb:77:77:84:57:6b:84:1c:d6:f3:e8:
2c:80:49:7b:78:8d:33:39:f7:c9:96:a9:01:7f:15:55:2b:a7:
59:0a:14:a5:db:b2:a4:a6:a2:65:36:90:a1:fb:ed:9f:e0:fb:
4b:4c:f9:f6:db:6e:82:48:14:d1:ff:de:f0:ce:89:fc:95:6a:
57:27:0f:b4:a4:40:b5:21:55:2f:f6:96:82:4c:26:bf:e5:cb:
7c:1f:a8:c2:b0:00:08:93:4e:af:a1:4d:c8:0b:43:2f:69:ab:
86:c6:3c:c3:03:6e:07:08:42:87:9b:53:93:a4:eb:f2:51:eb:
ce:81:08:66:14:2e:8d:94:d2:71:ea:6e:5a:1a:66:d6:35:cc:
29:6a:72:21:73:05:4c:ff:2b:99:42:cc:71:21:eb:d9:1b:b3:
68:b4:c7:73
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYpQD7vgYtrY4mkXTiYAIPd+xoHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDAwNTZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3NDJlMzU5MDg5YzZjOTIzZmMwZmIwNjc2MGRjYmExMzJkN2VlYjEwMzc1
NDZkYzI5ZDg4NjFmY2U5OTkxZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPWIhFEtyEHwPFJezX8WS3lqvJfceLLaYyCkfIz8Fn8TVj2nOFhl9vUZiocR
Y/0pnl3N9aaHpsIwrDNkndqohEnNfGflpbLZ8aqzKhzuGNZuurStlfCJzDBlHgdw
sYFGh1Bv4BdvaxHm+NWhgs+NAW+E8WXyIZjMWpoF5tccJJpKrDSmDI2fLdxsnVo2
zeeFGJRu9AatOoOK/aJ2FSjDL4M/J00JMjMBbr80C65+EZnxLE3vEp/1BAaM0W8Q
4qMOsfd0CDs0Js/Gkmwj8vLUpkzGP+vOjaAYCQGMdGFNEJWpzhuNZqRynZfarTtc
K+CGoli1v0kY+oko3QjD6nCmcN8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSDkfAc
/gt1bj1OalYJIN7bIO+/LjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzRjN2ViNjItYWQwMi00YWEyLTliZTUtMDI0NjkyYzYyMzlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAg
MA0GCSqGSIb3DQEBCwUAA4IBAQC9KrXCXLmJyJJMOCXpQFMMwEIrJZl0TrXaCZ8A
0teJ6PAoMqYXNzT79devFiYxeCb94Dw1aWufcw8X/xy2X6sKxrUB+d9Ih5+OynPg
UV/6S9aqg1BgbQEOK35Fm4d23yVyu3d3hFdrhBzW8+gsgEl7eI0zOffJlqkBfxVV
K6dZChSl27KkpqJlNpCh++2f4PtLTPn2226CSBTR/97wzon8lWpXJw+0pEC1IVUv
9paCTCa/5ct8H6jCsAAIk06voU3IC0MvaauGxjzDA24HCEKHm1OTpOvyUevOgQhm
FC6NlNJx6m5aGmbWNcwpanIhcwVM/yuZQsxxIevZG7NotMdz
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:11 2025 by rpki-client