Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/914a6acc-cb88-4da2-8443-fbaf927c9652.roa
File: 914a6acc-cb88-4da2-8443-fbaf927c9652.roa (raw, json)
Hash identifier: kL/uSaUiSDPggcU/WUiL/goCM/i70Oc51wBfS9sE13E=
Subject key identifier: 96:2D:42:F8:CD:E2:2F:C8:56:C9:F1:66:F9:24:23:1A:8B:49:BB:56
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38960F3049A09B2F0379064D37D83D740BBFD5EF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/914a6acc-cb88-4da2-8443-fbaf927c9652.roa
Signing time: Fri 15 Aug 2025 15:41:40 +0000
ROA not before: Fri 15 Aug 2025 15:41:40 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:96:0f:30:49:a0:9b:2f:03:79:06:4d:37:d8:3d:74:0b:bf:d5:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:41:40 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=78f87c08f8b913556f9841c05b44cfa4c4ca81486868087a58fa53fd3b254482, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:14:a0:f4:ec:0e:a2:b0:c1:a0:b3:20:54:45:
6a:89:75:64:ee:14:c5:c7:9b:c1:af:b2:8e:39:1a:
a9:09:1b:b8:0c:f4:7d:45:97:fc:09:6f:a1:1e:8f:
01:89:e0:6c:69:cc:74:6c:d2:ef:5b:83:58:3f:6f:
4a:66:9f:26:12:73:a4:b3:7c:40:a0:51:0b:2b:f4:
c9:0b:3b:ff:03:eb:27:94:51:42:e3:c3:ae:eb:fe:
3c:fb:f9:f6:d1:84:0b:14:19:68:fa:58:a7:80:64:
84:17:67:62:b7:e9:83:39:2c:96:e1:01:51:bb:92:
cf:58:ec:ac:12:0f:ee:64:e3:14:96:e5:04:56:06:
13:b3:14:07:c0:1e:35:71:a6:9b:60:45:ef:73:c8:
1e:ee:26:3d:c2:26:1a:c5:a0:97:9c:7f:3f:d8:2c:
73:82:21:33:df:e6:91:7c:86:25:78:f2:21:ab:37:
1a:80:21:51:f4:a2:80:73:59:36:5f:6f:8b:01:fa:
7a:b2:81:9c:06:2d:70:4c:75:c3:30:ff:5b:22:8b:
48:3e:97:7a:2c:4f:82:c2:4c:fc:95:46:54:1d:c4:
0b:b0:46:f6:43:a6:92:b9:15:a8:3f:46:de:82:a7:
ea:f2:56:62:18:dc:91:58:ac:4c:d8:9a:3a:9e:52:
a3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2D:42:F8:CD:E2:2F:C8:56:C9:F1:66:F9:24:23:1A:8B:49:BB:56
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/914a6acc-cb88-4da2-8443-fbaf927c9652.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:9000::/40
Signature Algorithm: sha256WithRSAEncryption
40:e5:41:e3:21:97:d1:bf:00:72:9d:d2:ab:19:36:77:02:7f:
08:c4:68:e1:cd:16:db:fe:bb:a6:b4:cb:ae:e7:6c:6f:dc:e0:
ca:05:9a:0a:ee:a8:ba:47:9f:cb:be:16:d4:b3:33:e1:1c:72:
0f:d1:1e:29:6a:33:38:9a:57:da:82:65:2e:f7:fd:2c:75:4d:
c1:80:cc:29:ac:f7:5d:90:38:46:52:b7:2f:8b:b2:75:d9:00:
f2:8b:d9:42:69:30:0d:5b:23:9a:f9:18:f5:49:da:08:b3:94:
94:b6:5f:f7:42:8a:ee:04:30:54:a2:ed:d5:b7:6d:e7:ed:77:
1b:93:b3:f1:45:21:fb:2d:48:78:73:da:9a:dc:2b:2c:98:0b:
f1:10:4d:33:25:14:5a:42:28:9e:f9:f1:18:0d:8d:99:e4:d3:
52:78:d6:3d:f5:a0:57:eb:b4:39:58:30:8a:94:71:ac:4f:cc:
7c:cd:18:95:18:ae:46:7f:3d:42:9d:e5:19:9c:43:3f:e9:1d:
b5:d3:29:01:d9:27:c5:ab:26:5f:a4:bf:23:45:fa:f8:b2:4a:
5b:36:30:85:7c:23:14:e2:35:c0:0e:c9:a1:5a:ae:2d:be:15:
ee:6d:eb:7f:af:01:a6:84:90:76:05:b4:28:1b:76:fe:9c:91:
27:7d:8c:43
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOJYPMEmgmy8DeQZNN9g9dAu/1e8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTQxNDBaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4Zjg3YzA4ZjhiOTEzNTU2Zjk4NDFjMDViNDRjZmE0YzRjYTgxNDg2ODY4
MDg3YTU4ZmE1M2ZkM2IyNTQ0ODIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsUoPTsDqKwwaCzIFRFaol1ZO4Uxcebwa+yjjkaqQkbuAz0fUWX/AlvoR6P
AYngbGnMdGzS71uDWD9vSmafJhJzpLN8QKBRCyv0yQs7/wPrJ5RRQuPDruv+PPv5
9tGECxQZaPpYp4BkhBdnYrfpgzksluEBUbuSz1jsrBIP7mTjFJblBFYGE7MUB8Ae
NXGmm2BF73PIHu4mPcImGsWgl5x/P9gsc4IhM9/mkXyGJXjyIas3GoAhUfSigHNZ
Nl9viwH6erKBnAYtcEx1wzD/WyKLSD6XeixPgsJM/JVGVB3EC7BG9kOmkrkVqD9G
3oKn6vJWYhjckVisTNiaOp5SoxsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSWLUL4
zeIvyFbJ8Wb5JCMai0m7VjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTE0YTZhY2MtY2I4OC00ZGEyLTg0NDMtZmJhZjkyN2M5NjUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HOQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBA5UHjIZfRvwByndKrGTZ3An8IxGjhzRbb/rum
tMuu52xv3ODKBZoK7qi6R5/LvhbUszPhHHIP0R4pajM4mlfagmUu9/0sdU3BgMwp
rPddkDhGUrcvi7J12QDyi9lCaTANWyOa+Rj1SdoIs5SUtl/3QoruBDBUou3Vt23n
7Xcbk7PxRSH7LUh4c9qa3CssmAvxEE0zJRRaQiie+fEYDY2Z5NNSeNY99aBX67Q5
WDCKlHGsT8x8zRiVGK5Gfz1CneUZnEM/6R210ykB2SfFqyZfpL8jRfr4skpbNjCF
fCMU4jXADsmhWq4tvhXubet/rwGmhJB2BbQoG3b+nJEnfYxD
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:08 2025 by rpki-client