Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
File: 90bd72ba-b30d-4433-a47e-e0543a4ea451.roa (raw, json)
Hash identifier: 0GhaGWd4qnPCzbybvw4ujihhltNYZTBwhX+M5zI8pLo=
Subject key identifier: 2A:4C:23:23:EC:41:A1:F0:3C:25:1D:C7:54:0F:DA:B7:C1:2F:8B:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4BABABE7BB8F296268FAA5110C5D8CDBB8727125
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
Signing time: Mon 01 Sep 2025 20:41:22 +0000
ROA not before: Mon 01 Sep 2025 20:41:22 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 19:02:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:ab:ab:e7:bb:8f:29:62:68:fa:a5:11:0c:5d:8c:db:b8:72:71:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:41:22 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=3e29030a29e6e99370b9a293bdb78df300905f668a206c10f0f32971ed175a5c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:e9:df:fa:37:e2:65:ee:0d:44:91:3c:3f:56:
7b:0e:52:74:aa:e2:a7:75:77:94:85:a1:72:78:41:
be:3f:c1:13:27:e1:ea:9f:a7:66:50:e4:98:71:9f:
1d:d0:ee:f9:74:59:0a:2b:65:4e:ab:08:08:ef:5b:
9c:b1:e3:33:39:c5:77:85:96:d6:7e:2d:8b:d7:d0:
b9:9a:71:31:0b:b5:c2:96:01:dc:d1:e1:be:15:ea:
e3:dd:14:e8:eb:42:bd:ee:62:fc:9d:7f:ce:70:1c:
b0:0a:b2:0e:b7:1d:da:c1:c8:a8:b3:58:d1:4a:7b:
f2:2a:98:fb:34:af:3d:6f:9b:90:d1:82:a5:30:a8:
1c:a1:f0:06:5e:a2:65:5f:07:f9:93:bb:5c:6e:e8:
b2:d9:e0:14:62:6b:eb:8e:24:fd:ef:18:68:44:90:
44:08:78:0f:1e:60:17:3b:cb:68:ff:41:87:9c:17:
fe:ea:68:57:5d:9d:91:55:da:38:ac:96:47:ff:05:
7c:ff:05:9a:60:33:f3:c0:63:39:3a:ce:ef:6c:ef:
c2:5a:80:79:6e:8d:c5:43:d9:41:fe:e3:08:8d:95:
55:47:ce:d8:e4:ad:cc:61:86:ab:cc:28:8f:c4:92:
3d:f7:3b:69:b2:26:95:84:5c:00:14:be:24:92:10:
61:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:4C:23:23:EC:41:A1:F0:3C:25:1D:C7:54:0F:DA:B7:C1:2F:8B:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/90bd72ba-b30d-4433-a47e-e0543a4ea451.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:e000::/40
Signature Algorithm: sha256WithRSAEncryption
7e:30:29:8a:12:18:4e:10:db:a4:71:e2:69:5c:1f:08:af:09:
e0:46:8d:2f:52:e9:6f:7c:fa:83:07:16:bb:4f:dc:79:e2:b3:
90:86:4a:d2:a5:bb:a9:98:bf:0b:60:1c:10:c3:2f:0f:f7:c9:
44:cd:99:35:c3:b3:9d:c0:56:3d:bc:15:d1:38:78:01:8a:b9:
9b:ba:cc:4e:65:c6:46:16:6e:2a:55:92:cb:82:40:c1:0e:40:
02:8e:89:b7:35:bf:84:17:9a:00:5e:1b:70:bc:e9:77:06:9d:
0a:ed:25:bc:69:0e:a2:cb:ec:29:4a:1f:df:f6:c7:e1:8d:80:
e9:13:80:00:e6:fa:fe:b1:dd:7d:2e:7e:a9:72:e8:2c:eb:dd:
39:9d:c1:c8:e2:40:2f:e5:77:cc:54:5e:31:8e:bd:ec:38:d7:
16:f3:61:66:c6:49:1e:6f:c6:49:57:be:0f:4f:be:cb:2d:68:
25:1a:99:35:3b:61:fc:37:bc:1c:7a:6c:04:db:8d:5f:c1:3b:
30:5f:3b:f6:b4:55:52:eb:01:6f:c5:23:bd:6b:45:f7:0c:d7:
a0:8a:49:7a:f7:38:56:03:7c:f1:b6:e7:84:b1:62:c5:a9:b0:
8a:66:1c:3d:79:be:e3:b8:da:c2:f8:eb:19:ee:74:99:5b:fe:
b9:82:50:57
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUS6ur57uPKWJo+qURDF2M27hycSUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQxMjJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlMjkwMzBhMjllNmU5OTM3MGI5YTI5M2JkYjc4ZGYzMDA5MDVmNjY4YTIw
NmMxMGYwZjMyOTcxZWQxNzVhNWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOjp3/o34mXuDUSRPD9Wew5SdKrip3V3lIWhcnhBvj/BEyfh6p+nZlDkmHGf
HdDu+XRZCitlTqsICO9bnLHjMznFd4WW1n4ti9fQuZpxMQu1wpYB3NHhvhXq490U
6OtCve5i/J1/znAcsAqyDrcd2sHIqLNY0Up78iqY+zSvPW+bkNGCpTCoHKHwBl6i
ZV8H+ZO7XG7ostngFGJr644k/e8YaESQRAh4Dx5gFzvLaP9Bh5wX/upoV12dkVXa
OKyWR/8FfP8FmmAz88BjOTrO72zvwlqAeW6NxUPZQf7jCI2VVUfO2OStzGGGq8wo
j8SSPfc7abImlYRcABS+JJIQYfsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQqTCMj
7EGh8DwlHcdUD9q3wS+L4jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTBiZDcyYmEtYjMwZC00NDMzLWE0N2UtZTA1NDNhNGVhNDUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DTg
MA0GCSqGSIb3DQEBCwUAA4IBAQB+MCmKEhhOENukceJpXB8IrwngRo0vUulvfPqD
Bxa7T9x54rOQhkrSpbupmL8LYBwQwy8P98lEzZk1w7OdwFY9vBXROHgBirmbusxO
ZcZGFm4qVZLLgkDBDkACjom3Nb+EF5oAXhtwvOl3Bp0K7SW8aQ6iy+wpSh/f9sfh
jYDpE4AA5vr+sd19Ln6pcugs6905ncHI4kAv5XfMVF4xjr3sONcW82Fmxkkeb8ZJ
V74PT77LLWglGpk1O2H8N7wcemwE241fwTswXzv2tFVS6wFvxSO9a0X3DNegikl6
9zhWA3zxtueEsWLFqbCKZhw9eb7juNrC+OsZ7nSZW/65glBX
-----END CERTIFICATE-----
Generated at Fri Sep 19 01:13:43 2025 by rpki-client