Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
File: 8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa (raw, json)
Hash identifier: CX5HSLPyxbsxW5dCcS18i4lU8MkcntMZXaTGX6niSik=
Subject key identifier: 52:D7:1D:52:46:2F:88:F8:05:FE:8D:37:13:DA:84:09:B0:04:08:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7AF9E70296CA6BFA82F0BBFA65DED529D978E9A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
Signing time: Mon 01 Sep 2025 21:10:29 +0000
ROA not before: Mon 01 Sep 2025 21:10:29 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:f9:e7:02:96:ca:6b:fa:82:f0:bb:fa:65:de:d5:29:d9:78:e9:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:10:29 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=f136110e3cd5e53891735b59ffb978c8105b52af0d57c466b2292332589d6d28, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4f:7e:0e:eb:d4:03:25:dd:52:06:70:2e:99:
cb:ff:0a:6e:02:ca:cd:58:39:a8:2c:78:fa:b5:09:
70:4c:2a:63:06:27:09:d3:8f:c6:a1:80:8b:d3:21:
49:12:d8:ef:a1:cc:83:d6:06:35:a7:7a:e9:a8:29:
08:09:a1:be:86:bd:3b:cf:d0:4b:f0:71:e7:fd:aa:
56:b5:0f:ee:8b:b6:e9:4a:f6:70:c3:9d:e4:36:84:
c2:86:48:a8:f5:45:6c:4b:4d:96:64:59:7f:4b:22:
71:95:55:1e:23:67:44:22:79:f4:83:16:2b:d4:fc:
e1:69:8f:2c:18:ac:9e:9e:cd:ee:40:79:30:32:fc:
09:f9:4d:36:a0:a7:54:f1:45:65:e9:cc:c3:4b:13:
30:40:89:13:aa:d3:52:e8:e8:42:30:30:0d:b8:ea:
1c:44:e7:12:a9:1c:fd:0c:44:b6:c5:db:11:3b:0a:
cc:de:4d:7e:d0:73:77:fc:1d:30:3a:7f:3b:f9:c7:
d9:76:d0:a6:d4:72:79:d5:aa:2a:b4:0a:a7:50:b4:
bc:b5:d3:e3:62:86:4e:73:96:32:31:22:8e:71:d4:
e2:fb:5f:32:a6:c1:ea:82:11:28:c2:a0:b8:08:ca:
43:ef:70:9e:d9:a9:49:cf:d0:73:d3:bf:0e:3d:c9:
e4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:D7:1D:52:46:2F:88:F8:05:FE:8D:37:13:DA:84:09:B0:04:08:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a:800::/38
Signature Algorithm: sha256WithRSAEncryption
07:e6:8f:5c:7e:09:f1:43:4a:46:34:fb:a2:ae:5c:71:ab:a3:
a5:30:b1:ea:8f:b7:8a:3d:0d:67:96:fb:12:14:96:99:ef:a2:
d9:b4:0c:49:1f:80:5f:f2:15:8d:81:38:a9:94:ac:1f:c5:fb:
b0:60:41:3b:38:55:64:ef:19:26:00:b6:24:c5:aa:dc:19:a8:
1f:a2:85:12:e5:7e:27:ca:da:55:bf:9f:f3:ae:a9:66:28:05:
d6:87:31:c6:97:17:13:84:de:2f:ff:fa:b9:a8:1e:3c:70:20:
e3:63:d0:97:97:1d:99:6d:20:31:9a:8b:ca:7e:cf:cc:61:aa:
2c:27:e8:98:68:89:fe:eb:25:ba:67:c5:73:f0:7b:6c:ec:f0:
e9:ba:39:d6:23:1b:4a:77:3b:4d:0f:64:f6:09:d8:45:1b:70:
8b:05:99:19:f4:33:39:50:84:3a:22:3b:16:09:b7:3a:10:d7:
45:e0:c7:96:29:b1:60:53:87:e9:0e:a9:01:72:af:b8:09:55:
1f:b9:3f:9e:27:89:de:44:94:dc:9d:1b:36:fc:5a:1a:b8:20:
bf:d5:07:a1:dd:53:2b:c9:b0:01:e3:c2:d3:b5:f3:ee:71:5e:
2b:f9:0d:5c:dc:c2:c3:8f:98:8a:cb:f3:6e:81:00:10:f7:ae:
9e:b1:6c:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUevnnApbKa/qC8Lv6Zd7VKdl46aAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTEwMjlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxMzYxMTBlM2NkNWU1Mzg5MTczNWI1OWZmYjk3OGM4MTA1YjUyYWYwZDU3
YzQ2NmIyMjkyMzMyNTg5ZDZkMjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5Pfg7r1AMl3VIGcC6Zy/8KbgLKzVg5qCx4+rUJcEwqYwYnCdOPxqGAi9Mh
SRLY76HMg9YGNad66agpCAmhvoa9O8/QS/Bx5/2qVrUP7ou26Ur2cMOd5DaEwoZI
qPVFbEtNlmRZf0sicZVVHiNnRCJ59IMWK9T84WmPLBisnp7N7kB5MDL8CflNNqCn
VPFFZenMw0sTMECJE6rTUujoQjAwDbjqHETnEqkc/QxEtsXbETsKzN5NftBzd/wd
MDp/O/nH2XbQptRyedWqKrQKp1C0vLXT42KGTnOWMjEijnHU4vtfMqbB6oIRKMKg
uAjKQ+9wntmpSc/Qc9O/Dj3J5IUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRS1x1S
Ri+I+AX+jTcT2oQJsAQIDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNhNTA3N2ItMDk4Ny00YTY1LWI4ZmYtYTFlMjdmNzZjZDFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoI
MA0GCSqGSIb3DQEBCwUAA4IBAQAH5o9cfgnxQ0pGNPuirlxxq6OlMLHqj7eKPQ1n
lvsSFJaZ76LZtAxJH4Bf8hWNgTiplKwfxfuwYEE7OFVk7xkmALYkxarcGagfooUS
5X4nytpVv5/zrqlmKAXWhzHGlxcThN4v//q5qB48cCDjY9CXlx2ZbSAxmovKfs/M
YaosJ+iYaIn+6yW6Z8Vz8Hts7PDpujnWIxtKdztND2T2CdhFG3CLBZkZ9DM5UIQ6
IjsWCbc6ENdF4MeWKbFgU4fpDqkBcq+4CVUfuT+eJ4neRJTcnRs2/FoauCC/1Qeh
3VMrybAB48LTtfPucV4r+Q1c3MLDj5iKy/NugQAQ966esWyO
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:23 2025 by rpki-client