Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c99b00e-290a-4618-8076-435475c3020f.roa
File: 8c99b00e-290a-4618-8076-435475c3020f.roa (raw, json)
Hash identifier: G6pjMHvU06GubuYozrjHHOzW2oT/dppdpo8Fo0HCEVg=
Subject key identifier: 4A:3C:58:7F:87:8D:A2:D0:FA:68:7B:24:E4:E2:B6:1B:7E:B2:E7:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20755B391C432B3FA6A342F71447F0AEFB58CCB0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c99b00e-290a-4618-8076-435475c3020f.roa
Signing time: Mon 01 Sep 2025 20:21:06 +0000
ROA not before: Mon 01 Sep 2025 20:21:06 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:75:5b:39:1c:43:2b:3f:a6:a3:42:f7:14:47:f0:ae:fb:58:cc:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:21:06 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=2e134b8030b1ac28797bac51c1207e5e11db9c750c5d25ffa99f58553634f88e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f7:66:c4:25:fc:1b:91:23:d5:60:e0:53:2c:
1d:7c:18:22:10:d7:ee:09:00:2e:70:1a:85:2a:0b:
4d:db:b6:31:11:04:00:7d:97:91:93:17:4d:e9:b2:
b1:f3:48:67:f4:09:a7:d0:86:51:25:56:00:40:92:
90:ac:6b:42:87:16:93:80:7a:e3:19:77:98:70:d7:
cb:d9:5c:c9:c6:63:6d:30:8a:00:80:f1:3f:96:c0:
8f:97:43:9b:9d:19:f9:22:c9:bf:71:bf:09:72:88:
42:e6:2c:3b:ca:91:8d:73:05:fb:65:10:a5:17:31:
3c:30:6c:27:ed:89:36:68:83:3f:01:f7:9d:3c:b0:
4d:33:b3:12:85:5d:1f:0d:d1:7c:15:ba:fe:af:57:
48:d5:9a:81:33:85:a6:66:93:51:f4:2b:00:80:51:
e7:0a:4b:6c:c3:98:c4:7d:ba:ca:51:a9:43:3a:5e:
71:cc:c4:ba:4c:f9:30:8d:cb:cb:84:75:c4:4c:ff:
76:4c:3c:37:78:82:cf:af:cf:fb:2a:39:21:f8:ff:
26:dc:eb:99:4a:8e:5c:4f:de:08:97:25:a7:18:0b:
d8:85:ad:8d:97:bd:39:95:72:85:e5:fe:05:90:0b:
7f:ad:98:f1:7e:db:6d:de:b1:55:84:1b:d6:68:87:
00:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:3C:58:7F:87:8D:A2:D0:FA:68:7B:24:E4:E2:B6:1B:7E:B2:E7:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c99b00e-290a-4618-8076-435475c3020f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c080::/48
Signature Algorithm: sha256WithRSAEncryption
6a:7a:71:44:75:00:5e:c6:d5:6e:bc:1d:c4:cc:00:21:c6:ab:
8d:18:8e:b5:f6:86:dc:4b:09:8d:1b:40:71:2e:72:ff:31:8e:
fd:07:19:9c:08:aa:60:5a:d3:72:8c:04:14:45:9f:b2:fe:8d:
0a:5b:18:2c:45:20:44:e3:92:2c:ac:30:95:c2:48:fa:38:59:
9d:96:f4:98:7a:b1:db:ce:91:ae:4b:85:89:88:3b:96:fd:85:
8b:9e:c0:b3:97:2a:cc:5e:5c:db:7e:eb:ef:69:f8:6f:0a:d3:
4f:56:87:a6:19:fd:a4:50:7e:c8:7d:c9:7d:a1:46:b0:d3:0d:
65:4b:4b:e8:4e:e4:9a:2b:54:b4:20:97:62:93:91:66:f3:8d:
bb:81:7a:d4:ff:cf:d7:fd:a3:09:02:2a:b8:b8:85:ad:93:70:
3f:9b:45:12:8a:92:a1:d2:dd:8b:8f:af:36:86:5a:7e:c8:00:
43:3f:c5:38:97:ef:a4:82:3c:02:88:14:58:8b:e1:2c:82:f4:
05:18:f4:75:76:48:09:99:40:04:b8:92:a0:8a:b8:fd:47:0e:
28:17:f9:e2:8d:98:3e:d9:b5:91:8e:da:83:f9:f8:f0:0c:e9:
05:56:14:21:26:77:df:90:2c:4c:14:9f:3d:a8:0a:30:23:94:
08:2b:95:d7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIHVbORxDKz+mo0L3FEfwrvtYzLAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIxMDZaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlMTM0YjgwMzBiMWFjMjg3OTdiYWM1MWMxMjA3ZTVlMTFkYjljNzUwYzVk
MjVmZmE5OWY1ODU1MzYzNGY4OGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJL3ZsQl/BuRI9Vg4FMsHXwYIhDX7gkALnAahSoLTdu2MREEAH2XkZMXTemy
sfNIZ/QJp9CGUSVWAECSkKxrQocWk4B64xl3mHDXy9lcycZjbTCKAIDxP5bAj5dD
m50Z+SLJv3G/CXKIQuYsO8qRjXMF+2UQpRcxPDBsJ+2JNmiDPwH3nTywTTOzEoVd
Hw3RfBW6/q9XSNWagTOFpmaTUfQrAIBR5wpLbMOYxH26ylGpQzpecczEukz5MI3L
y4R1xEz/dkw8N3iCz6/P+yo5Ifj/JtzrmUqOXE/eCJclpxgL2IWtjZe9OZVyheX+
BZALf62Y8X7bbd6xVYQb1miHAPUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRKPFh/
h42i0PpoeyTk4rYbfrLnszAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGM5OWIwMGUtMjkwYS00NjE4LTgwNzYtNDM1NDc1YzMwMjBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADA
gDANBgkqhkiG9w0BAQsFAAOCAQEAanpxRHUAXsbVbrwdxMwAIcarjRiOtfaG3EsJ
jRtAcS5y/zGO/QcZnAiqYFrTcowEFEWfsv6NClsYLEUgROOSLKwwlcJI+jhZnZb0
mHqx286RrkuFiYg7lv2Fi57As5cqzF5c237r72n4bwrTT1aHphn9pFB+yH3JfaFG
sNMNZUtL6E7kmitUtCCXYpORZvONu4F61P/P1/2jCQIquLiFrZNwP5tFEoqSodLd
i4+vNoZafsgAQz/FOJfvpII8AogUWIvhLIL0BRj0dXZICZlABLiSoIq4/UcOKBf5
4o2YPtm1kY7ag/n48AzpBVYUISZ335AsTBSfPagKMCOUCCuV1w==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:48 2025 by rpki-client