Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
File: 86433272-8233-4231-82ff-92246d0a41a5.roa (raw, json)
Hash identifier: 2k6eyfOHlUryOGLj9h0Xs20lkZWC7BhJCBrVCqeeoDM=
Subject key identifier: A6:0F:A4:46:A0:50:ED:D2:44:4C:C5:F9:8C:0C:89:36:B9:2F:D7:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 166FF1A2AC8BB7C8B66490FC25E07575DE2D1435
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
Signing time: Mon 01 Sep 2025 20:10:44 +0000
ROA not before: Mon 01 Sep 2025 20:10:44 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:6f:f1:a2:ac:8b:b7:c8:b6:64:90:fc:25:e0:75:75:de:2d:14:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:10:44 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=aea053876a8cf6e29dff0eea0abc1b9c6a8dd284bed40e7bf47791b889a5b684, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:57:b3:e1:77:57:cb:43:93:95:0e:42:22:78:
97:ed:a9:9b:08:67:cf:9e:88:35:06:a3:71:54:5d:
71:bd:77:ed:0c:7a:db:cc:68:cc:28:98:0a:52:20:
93:0c:a4:bf:f9:5e:81:3e:5d:1d:f5:6e:6e:ea:9a:
0f:a0:fa:af:9f:42:6f:7e:06:7f:61:7a:32:63:87:
cd:a3:58:94:84:f3:a8:f1:be:da:30:29:bc:6a:bb:
17:10:8b:90:17:fd:79:1b:91:f5:c4:41:e6:2b:3f:
e5:4f:26:a4:78:29:4e:a8:26:65:b4:23:f5:15:64:
19:cb:c2:8f:ad:dd:b7:80:82:e1:c9:9d:68:d1:3c:
ae:32:0b:95:56:da:4b:6b:d8:d6:99:52:06:43:d6:
8c:33:e9:86:c2:d8:d6:d5:13:e5:bc:cb:ea:21:6c:
86:6e:1b:27:c5:19:34:b6:81:fe:66:ef:99:14:c0:
f5:d1:78:24:7d:b6:ab:0a:bf:97:d5:cd:3c:c9:df:
73:1e:25:59:a0:9b:22:56:53:89:1a:db:13:16:55:
07:98:b1:d6:b8:4b:ff:f4:5d:49:6e:90:80:d9:36:
3c:ee:4a:08:63:f9:75:6d:76:74:e1:d9:db:d7:52:
91:0e:22:cd:1d:bb:d6:60:54:91:50:97:f4:80:9e:
d7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:0F:A4:46:A0:50:ED:D2:44:4C:C5:F9:8C:0C:89:36:B9:2F:D7:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86433272-8233-4231-82ff-92246d0a41a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
68:35:d5:14:37:a7:ba:d6:0f:39:7c:66:fe:16:78:95:40:49:
b0:08:05:88:bd:2d:a6:18:50:fc:ec:4f:64:2c:90:50:6e:49:
ca:3d:96:08:8a:fc:b0:b0:2d:8b:08:64:4b:ae:58:e2:f1:74:
6e:5a:73:90:b7:7a:52:dd:cc:82:ce:eb:9e:c1:00:be:59:79:
00:83:04:b1:58:82:ea:40:44:95:25:af:b1:78:5b:1a:10:35:
57:98:80:d5:1a:93:52:2f:e3:d3:2a:75:d4:b8:90:19:10:2b:
cf:bc:c6:ba:f4:3d:aa:29:d9:d2:39:01:26:5b:06:ef:76:1d:
53:7d:e8:0d:27:c2:7a:90:55:44:e7:bc:6e:09:7c:c5:34:fb:
79:67:f4:81:84:94:1e:6b:58:bd:5f:b1:e9:c2:c6:18:da:e7:
75:66:e4:9f:63:d9:14:9f:6a:6e:d3:2b:b4:bb:aa:7b:ad:e8:
89:3e:73:74:d0:4b:58:a7:53:e6:50:2e:db:86:ef:1e:ee:12:
20:05:bd:ff:08:b8:0a:2b:40:a1:a2:4c:01:fd:35:6c:94:fc:
17:93:93:b2:8b:fc:45:ad:32:bb:15:d0:52:0a:81:c4:32:aa:
a6:c0:33:5a:8e:0f:81:af:84:4e:f7:e1:7d:e0:03:14:e5:bd:
a4:66:7b:71
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFm/xoqyLt8i2ZJD8JeB1dd4tFDUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDEwNDRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlYTA1Mzg3NmE4Y2Y2ZTI5ZGZmMGVlYTBhYmMxYjljNmE4ZGQyODRiZWQ0
MGU3YmY0Nzc5MWI4ODlhNWI2ODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJhXs+F3V8tDk5UOQiJ4l+2pmwhnz56INQajcVRdcb137Qx628xozCiYClIg
kwykv/legT5dHfVubuqaD6D6r59Cb34Gf2F6MmOHzaNYlITzqPG+2jApvGq7FxCL
kBf9eRuR9cRB5is/5U8mpHgpTqgmZbQj9RVkGcvCj63dt4CC4cmdaNE8rjILlVba
S2vY1plSBkPWjDPphsLY1tUT5bzL6iFshm4bJ8UZNLaB/mbvmRTA9dF4JH22qwq/
l9XNPMnfcx4lWaCbIlZTiRrbExZVB5ix1rhL//RdSW6QgNk2PO5KCGP5dW12dOHZ
29dSkQ4izR271mBUkVCX9ICe11UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSmD6RG
oFDt0kRMxfmMDIk2uS/XWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODY0MzMyNzItODIzMy00MjMxLTgyZmYtOTIyNDZkMGE0MWE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFA
wDANBgkqhkiG9w0BAQsFAAOCAQEAaDXVFDenutYPOXxm/hZ4lUBJsAgFiL0tphhQ
/OxPZCyQUG5Jyj2WCIr8sLAtiwhkS65Y4vF0blpzkLd6Ut3Mgs7rnsEAvll5AIME
sViC6kBElSWvsXhbGhA1V5iA1RqTUi/j0yp11LiQGRArz7zGuvQ9qinZ0jkBJlsG
73YdU33oDSfCepBVROe8bgl8xTT7eWf0gYSUHmtYvV+x6cLGGNrndWbkn2PZFJ9q
btMrtLuqe63oiT5zdNBLWKdT5lAu24bvHu4SIAW9/wi4CitAoaJMAf01bJT8F5OT
sov8Ra0yuxXQUgqBxDKqpsAzWo4Pga+ETvfhfeADFOW9pGZ7cQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:45 2025 by rpki-client