Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76af8472-01ad-4042-b385-078d559d94d0.roa
File: 76af8472-01ad-4042-b385-078d559d94d0.roa (raw, json)
Hash identifier: TEvgnJ/C0vjDinLjMMq4UteKBaesa7yG+WFNJIY1cPk=
Subject key identifier: CD:0F:09:17:AE:80:14:DA:C1:35:DD:DB:CB:95:AE:71:55:20:07:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 42DC412EF53021BECCD1420E836AAFDADFF38162
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76af8472-01ad-4042-b385-078d559d94d0.roa
Signing time: Thu 04 Sep 2025 19:51:57 +0000
ROA not before: Thu 04 Sep 2025 19:51:57 +0000
ROA not after: Thu 09 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:6040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:dc:41:2e:f5:30:21:be:cc:d1:42:0e:83:6a:af:da:df:f3:81:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 4 19:51:57 2025 GMT
Not After : Oct 9 23:59:59 2025 GMT
Subject: serialNumber=6551a2de0b6842ff0d74f68d4b816475182abdfbd5d0f6e5a59e3c24a7a4c13b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f9:be:03:6e:80:2a:64:cb:6a:d0:55:24:c0:
ae:21:74:b2:11:e1:9f:ed:6d:5e:a2:ca:25:2b:a4:
8b:ef:0f:91:e6:89:d5:b3:58:a9:eb:ce:47:07:e5:
9d:50:24:2b:5a:6d:cf:e1:cf:22:73:31:a2:f7:b2:
10:b1:ac:83:89:72:cd:11:e1:45:da:cc:6a:21:92:
9f:c8:83:9c:5d:82:2b:15:f7:1f:95:30:88:b5:c9:
17:92:c2:56:f2:41:6c:50:be:69:82:3c:0b:36:ca:
b6:75:c2:b8:b5:c2:b3:e0:57:5c:ad:78:1a:97:ad:
14:c8:0e:b2:54:64:28:a1:89:47:51:fd:f8:8f:b4:
14:40:d0:3f:d1:c2:d0:ed:d9:6a:a8:f2:e2:09:bf:
8c:79:67:e1:ab:d4:53:08:37:be:ea:c6:98:9a:ab:
1c:eb:48:dd:9a:2d:cb:85:6b:9b:37:6a:97:36:5c:
1f:3b:f8:20:b2:06:54:79:08:2d:26:fa:9b:3f:c7:
73:84:af:19:81:ba:d7:10:60:86:fa:d8:fa:5f:f4:
3c:89:6f:38:40:2f:4b:68:9c:e7:c5:90:ae:89:ae:
b1:69:e0:7d:17:75:7f:f4:8c:37:c5:9f:c4:c4:bd:
5b:15:0d:20:23:68:bf:2f:70:50:e4:ef:bb:d8:da:
d9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:0F:09:17:AE:80:14:DA:C1:35:DD:DB:CB:95:AE:71:55:20:07:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76af8472-01ad-4042-b385-078d559d94d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:6040::/46
Signature Algorithm: sha256WithRSAEncryption
64:59:db:17:7d:1f:60:f8:12:4d:cc:b5:9c:49:ca:dc:85:be:
b6:30:9d:2f:43:dc:09:e2:3d:94:24:26:13:c8:27:6a:d6:38:
05:36:70:8f:7c:d3:56:3a:55:a1:5d:ac:3d:4f:a7:69:db:8f:
b9:12:ce:04:f5:27:6e:73:a9:5e:ef:56:df:34:f8:e7:d4:2f:
5d:1a:6f:6e:56:f2:fa:a2:0d:55:2f:9c:4a:1d:e1:56:ef:c9:
f7:1c:a2:c4:30:06:a2:c6:dd:98:5e:a8:cd:2b:00:61:a7:42:
df:15:8c:68:46:26:b0:ad:78:d0:c8:d8:60:88:31:f1:3a:62:
c7:08:99:f5:30:c8:2d:ab:cc:d9:1e:99:e7:50:d3:6e:8c:96:
1d:14:9f:34:05:f5:09:99:a1:11:91:ee:7f:12:2b:0a:d6:0c:
7b:12:53:d0:3e:bd:ec:87:08:c6:6f:d2:46:fc:b3:e6:43:9d:
3d:ba:05:be:5d:d9:0c:c5:fd:60:08:f6:30:13:6f:38:3b:71:
04:63:36:e0:19:c8:69:b2:df:90:02:22:14:24:89:00:be:63:
41:a7:7b:86:30:15:95:0c:75:e1:57:e6:a6:60:71:d6:dd:59:
ef:99:69:33:2f:20:c7:ef:85:ed:3e:fa:79:6b:7e:06:65:49:
17:51:d4:de
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQtxBLvUwIb7M0UIOg2qv2t/zgWIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDQxOTUxNTdaFw0yNTEwMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1NTFhMmRlMGI2ODQyZmYwZDc0ZjY4ZDRiODE2NDc1MTgyYWJkZmJkNWQw
ZjZlNWE1OWUzYzI0YTdhNGMxM2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALn5vgNugCpky2rQVSTAriF0shHhn+1tXqLKJSuki+8PkeaJ1bNYqevORwfl
nVAkK1ptz+HPInMxoveyELGsg4lyzRHhRdrMaiGSn8iDnF2CKxX3H5UwiLXJF5LC
VvJBbFC+aYI8CzbKtnXCuLXCs+BXXK14GpetFMgOslRkKKGJR1H9+I+0FEDQP9HC
0O3Zaqjy4gm/jHln4avUUwg3vurGmJqrHOtI3Zoty4VrmzdqlzZcHzv4ILIGVHkI
LSb6mz/Hc4SvGYG61xBghvrY+l/0PIlvOEAvS2ic58WQromusWngfRd1f/SMN8Wf
xMS9WxUNICNovy9wUOTvu9ja2c0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTNDwkX
roAU2sE13dvLla5xVSAHmzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzZhZjg0NzItMDFhZC00MDQyLWIzODUtMDc4ZDU1OWQ5NGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg
QDANBgkqhkiG9w0BAQsFAAOCAQEAZFnbF30fYPgSTcy1nEnK3IW+tjCdL0PcCeI9
lCQmE8gnatY4BTZwj3zTVjpVoV2sPU+naduPuRLOBPUnbnOpXu9W3zT459QvXRpv
blby+qINVS+cSh3hVu/J9xyixDAGosbdmF6ozSsAYadC3xWMaEYmsK140MjYYIgx
8TpixwiZ9TDILavM2R6Z51DTboyWHRSfNAX1CZmhEZHufxIrCtYMexJT0D697IcI
xm/SRvyz5kOdPboFvl3ZDMX9YAj2MBNvODtxBGM24BnIabLfkAIiFCSJAL5jQad7
hjAVlQx14VfmpmBx1t1Z75lpMy8gx++F7T76eWt+BmVJF1HU3g==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:27 2025 by rpki-client