Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
File: 7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa (raw, json)
Hash identifier: DxtQKGlTcB8tNFYlIN/ho9KlugMZc2nh2ym4uc7HPW0=
Subject key identifier: 8C:99:EF:6F:0E:00:B1:49:9A:42:13:65:FE:AC:D9:05:52:7D:A6:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 40BB473D949ABEB4C2B326D76F4624B24495D602
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
Signing time: Mon 01 Sep 2025 21:00:46 +0000
ROA not before: Mon 01 Sep 2025 21:00:46 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:bb:47:3d:94:9a:be:b4:c2:b3:26:d7:6f:46:24:b2:44:95:d6:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:00:46 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=8a8dede65e297ffdd48707fd53c08c7b556ad409e25cd42af1055ead6a94d384, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:52:9d:3d:00:63:e3:c0:34:5d:1f:d8:6e:31:
06:7a:90:a5:97:0d:c7:64:7a:d3:7a:cb:22:79:ad:
54:dd:b2:31:7e:9b:59:d8:18:c4:15:f5:1c:b8:e9:
a7:ba:d6:57:5b:c8:30:20:e3:58:e3:b8:50:9c:b7:
cf:f8:b6:4c:7a:43:e5:16:69:72:de:3a:79:47:93:
3f:79:27:b0:cc:10:2d:61:cf:20:93:32:6a:fb:5c:
ef:40:31:28:43:9a:0a:4f:a2:42:6c:e9:22:01:4e:
7f:4f:60:7e:e7:d9:d0:a1:ec:80:15:5f:42:1b:98:
01:3f:98:d4:42:83:a5:28:3c:5c:02:52:a3:25:c0:
89:0f:3d:92:96:5c:60:25:0c:0d:33:f0:3e:b0:f1:
01:fe:e4:0d:e4:31:43:e9:79:57:da:e9:15:a3:2c:
9e:86:fb:e8:52:00:77:5c:f3:f9:ee:95:de:35:23:
54:a4:96:c3:b1:2e:38:0e:e3:dd:53:dd:ff:39:6c:
7a:dc:13:eb:52:f2:2f:a9:9b:0b:94:af:b7:13:07:
d6:36:f1:79:28:e0:b1:75:c0:df:b7:00:c1:2e:2b:
27:0e:6c:07:c9:60:5a:4f:ef:15:c5:fb:1e:da:e4:
50:21:07:44:6d:0c:ae:7b:f0:f8:bf:fd:20:a0:93:
44:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:99:EF:6F:0E:00:B1:49:9A:42:13:65:FE:AC:D9:05:52:7D:A6:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:e000::/40
Signature Algorithm: sha256WithRSAEncryption
8b:66:f3:1c:36:b3:24:a2:3e:68:87:77:d0:42:e9:b9:84:5f:
c1:de:c4:c3:42:44:0d:d6:09:24:36:4d:7c:ef:b5:86:fd:a6:
00:b5:d7:a4:97:f1:86:04:03:8c:ed:13:f7:3b:d9:17:45:4e:
71:60:fb:1b:02:3a:84:a4:ad:19:d0:96:de:9a:77:91:90:09:
d9:ae:c0:a4:ce:99:e6:f4:62:b4:af:42:18:42:f7:dd:e1:1c:
79:e6:3c:08:60:6b:4d:92:50:3f:40:d6:e7:79:eb:84:8f:7e:
24:42:a6:85:fc:59:0c:99:9a:91:00:4c:b3:2c:30:6e:0b:5f:
91:a1:ef:b9:bd:fd:83:74:70:d2:20:c9:92:89:f7:8f:ad:9c:
45:94:b8:5a:1d:13:bc:30:d1:02:d7:e9:11:9e:59:29:7f:70:
f0:2d:3f:bc:35:fe:e3:58:8f:22:39:ba:5b:f9:0c:05:26:b5:
e9:10:2b:b7:75:2e:af:af:6f:47:06:25:aa:7d:99:7a:58:7f:
a2:4a:55:3d:7a:53:cd:b5:5d:00:28:b6:71:de:a2:5d:a7:d8:
37:ab:e2:2e:d7:4c:85:32:bf:42:92:95:02:80:33:dd:32:40:
ca:40:e6:5f:e3:f3:39:33:85:8c:77:48:fe:1b:92:ba:00:89:
b2:6f:ab:83
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQLtHPZSavrTCsybXb0YkskSV1gIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAwNDZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhOGRlZGU2NWUyOTdmZmRkNDg3MDdmZDUzYzA4YzdiNTU2YWQ0MDllMjVj
ZDQyYWYxMDU1ZWFkNmE5NGQzODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9SnT0AY+PANF0f2G4xBnqQpZcNx2R603rLInmtVN2yMX6bWdgYxBX1HLjp
p7rWV1vIMCDjWOO4UJy3z/i2THpD5RZpct46eUeTP3knsMwQLWHPIJMyavtc70Ax
KEOaCk+iQmzpIgFOf09gfufZ0KHsgBVfQhuYAT+Y1EKDpSg8XAJSoyXAiQ89kpZc
YCUMDTPwPrDxAf7kDeQxQ+l5V9rpFaMsnob76FIAd1zz+e6V3jUjVKSWw7EuOA7j
3VPd/zlsetwT61LyL6mbC5SvtxMH1jbxeSjgsXXA37cAwS4rJw5sB8lgWk/vFcX7
HtrkUCEHRG0Mrnvw+L/9IKCTRPsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSMme9v
DgCxSZpCE2X+rNkFUn2mbzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2EyMjE1ZTctNWVlMi00MjBiLThmOTgtNWUwZmFlZjRjYmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Djg
MA0GCSqGSIb3DQEBCwUAA4IBAQCLZvMcNrMkoj5oh3fQQum5hF/B3sTDQkQN1gkk
Nk1877WG/aYAtdekl/GGBAOM7RP3O9kXRU5xYPsbAjqEpK0Z0JbemneRkAnZrsCk
zpnm9GK0r0IYQvfd4Rx55jwIYGtNklA/QNbneeuEj34kQqaF/FkMmZqRAEyzLDBu
C1+Roe+5vf2DdHDSIMmSifePrZxFlLhaHRO8MNEC1+kRnlkpf3DwLT+8Nf7jWI8i
Obpb+QwFJrXpECu3dS6vr29HBiWqfZl6WH+iSlU9elPNtV0AKLZx3qJdp9g3q+Iu
10yFMr9CkpUCgDPdMkDKQOZf4/M5M4WMd0j+G5K6AImyb6uD
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:23 2025 by rpki-client