Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
File: 8e492412-994d-4c48-a29e-9082ebce3349.roa (raw, json)
Hash identifier: QP4OyfI3z4xJ+0kVXQbIG5FcdAPgdU+urz8ckbBypFI=
Subject key identifier: 48:69:E1:3C:3C:7E:97:5F:E7:FD:28:30:DA:34:BB:14:39:CB:4B:4E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E150124B285C1674661DFE3B267BA90F1D7AD24
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
Signing time: Mon 01 Sep 2025 20:31:07 +0000
ROA not before: Mon 01 Sep 2025 20:31:07 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:15:01:24:b2:85:c1:67:46:61:df:e3:b2:67:ba:90:f1:d7:ad:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:31:07 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=c361f6505092a48e3d69dfa3ab69a9163025b0a15ad73f833a4e50ffcba8ff35, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9c:c1:20:f3:38:98:3d:ce:1e:e3:c9:e9:d7:
44:f0:17:3b:e9:05:af:23:c9:ab:e3:c2:05:9f:55:
5b:90:4a:b8:c8:73:1f:32:37:f3:a8:f0:32:a1:3b:
68:a4:7d:3b:ad:e4:9c:08:8f:f3:2a:9a:44:60:be:
b2:c4:64:24:e7:c4:b5:00:e5:8c:76:71:60:11:47:
b5:47:e2:0c:c8:89:52:f6:74:90:e5:1a:0e:9f:9f:
c6:76:a7:50:fa:f3:99:0b:77:e4:f7:97:55:5c:09:
f8:7c:06:98:22:e0:cb:ad:07:f2:8d:db:c4:e7:c0:
a9:94:1d:aa:f9:8c:59:a1:8c:9f:e9:99:7e:94:e2:
f1:ff:d4:e1:02:28:0f:5a:e0:f2:84:e4:93:48:bf:
5e:36:e4:bf:af:b7:2e:e3:dc:a2:ba:20:04:0a:94:
b2:cc:89:d0:38:7a:7b:cc:03:84:7b:39:29:2d:aa:
c8:ed:e8:28:34:0d:5f:21:41:2a:e8:a4:fb:02:e8:
d1:3b:20:0a:09:cf:d2:81:f6:8e:9d:7e:b2:61:b8:
63:ef:7c:11:ef:1a:a7:96:f6:7b:e1:38:fc:09:11:
e5:85:bd:b6:bc:2e:d1:aa:71:06:64:67:ee:7c:61:
2b:03:93:ce:55:e6:d6:5a:89:0b:ce:e5:0a:40:25:
0c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:69:E1:3C:3C:7E:97:5F:E7:FD:28:30:DA:34:BB:14:39:CB:4B:4E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
9f:24:0b:ab:01:08:3c:15:1f:12:e2:a1:7c:98:6f:61:fa:14:
72:29:dc:24:bc:6d:90:fe:3f:ab:ca:52:16:26:0f:5d:db:6c:
66:78:9f:d7:82:ae:ff:6e:c5:be:20:a5:6b:3c:12:cc:84:79:
58:78:a5:67:3f:f1:3c:ae:c5:8b:e8:74:33:b0:15:ff:d2:31:
b4:cf:77:a2:19:f6:73:b0:09:47:85:6e:af:bb:2d:20:d8:38:
27:d5:78:f9:db:ff:2c:95:f2:74:bc:08:a4:68:95:ef:50:26:
8c:05:cd:21:85:ba:58:50:83:97:e3:9b:30:bf:ac:59:17:8c:
57:8c:94:28:d0:c7:31:37:73:b8:6d:10:fa:86:04:8a:d8:61:
f3:76:d9:e0:01:2a:48:a3:07:e9:08:44:61:ef:16:8b:47:1a:
81:ad:20:5e:c7:d1:ae:32:b8:de:10:68:fe:cb:79:4f:bd:3e:
de:6f:83:6d:43:1c:65:32:0a:ce:af:0a:89:00:3b:da:ab:b8:
6b:c4:75:3a:ba:41:e2:8c:2f:a2:74:d6:4a:77:2a:59:fb:89:
77:54:ff:d8:f7:9f:dd:04:f8:df:62:34:81:d6:6e:9a:37:3b:
96:f5:90:af:e8:5b:0d:04:83:98:01:72:9d:25:3c:8c:9d:f3:
71:f8:b4:8d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDhUBJLKFwWdGYd/jsme6kPHXrSQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMxMDdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzNjFmNjUwNTA5MmE0OGUzZDY5ZGZhM2FiNjlhOTE2MzAyNWIwYTE1YWQ3
M2Y4MzNhNGU1MGZmY2JhOGZmMzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKqcwSDzOJg9zh7jyenXRPAXO+kFryPJq+PCBZ9VW5BKuMhzHzI386jwMqE7
aKR9O63knAiP8yqaRGC+ssRkJOfEtQDljHZxYBFHtUfiDMiJUvZ0kOUaDp+fxnan
UPrzmQt35PeXVVwJ+HwGmCLgy60H8o3bxOfAqZQdqvmMWaGMn+mZfpTi8f/U4QIo
D1rg8oTkk0i/Xjbkv6+3LuPcorogBAqUssyJ0Dh6e8wDhHs5KS2qyO3oKDQNXyFB
Kuik+wLo0TsgCgnP0oH2jp1+smG4Y+98Ee8ap5b2e+E4/AkR5YW9trwu0apxBmRn
7nxhKwOTzlXm1lqJC87lCkAlDJECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRIaeE8
PH6XX+f9KDDaNLsUOctLTjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGU0OTI0MTItOTk0ZC00YzQ4LWEyOWUtOTA4MmViY2UzMzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HqA
MA0GCSqGSIb3DQEBCwUAA4IBAQCfJAurAQg8FR8S4qF8mG9h+hRyKdwkvG2Q/j+r
ylIWJg9d22xmeJ/Xgq7/bsW+IKVrPBLMhHlYeKVnP/E8rsWL6HQzsBX/0jG0z3ei
GfZzsAlHhW6vuy0g2Dgn1Xj52/8slfJ0vAikaJXvUCaMBc0hhbpYUIOX45swv6xZ
F4xXjJQo0McxN3O4bRD6hgSK2GHzdtngASpIowfpCERh7xaLRxqBrSBex9GuMrje
EGj+y3lPvT7eb4NtQxxlMgrOrwqJADvaq7hrxHU6ukHijC+idNZKdypZ+4l3VP/Y
95/dBPjfYjSB1m6aNzuW9ZCv6FsNBIOYAXKdJTyMnfNx+LSN
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:10:22 2025 by rpki-client