Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
File: 91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa (raw, json)
Hash identifier: stMuaoc+AMfwI8ow+g95c5akcV95Bovde2zNv455HTw=
Subject key identifier: C0:2D:FF:F8:4F:9D:7D:CA:F4:F6:3C:4B:EC:A4:15:8E:D1:D8:13:98
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38D9D8856D323D44C0FC65E931E9829A50D31BFE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
Signing time: Mon 01 Sep 2025 19:40:12 +0000
ROA not before: Mon 01 Sep 2025 19:40:12 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:d9:d8:85:6d:32:3d:44:c0:fc:65:e9:31:e9:82:9a:50:d3:1b:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:40:12 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=704b45783cba1f77ddc2c6127cb2d873c250bb1650e9cd1fc3d92e0c5e14a5f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:75:7d:2a:94:ac:96:55:c9:a1:23:ab:34:79:
14:13:f3:22:12:10:d4:0a:79:70:e5:b8:99:2e:31:
24:87:d0:62:d6:b9:26:4a:3a:8c:3b:42:78:f3:0a:
4f:c0:dd:40:db:81:1f:0e:e9:ea:8c:b8:9a:8d:7f:
2c:72:a8:27:7a:07:08:45:99:03:04:f8:48:d2:2e:
fb:47:2e:cc:d0:91:51:0a:20:8b:3d:f1:82:0c:59:
ee:8e:62:da:68:5a:5b:95:19:7f:74:5a:e8:c8:87:
5a:88:92:d4:7f:f5:46:7c:da:e2:05:9c:e6:03:5d:
d6:1b:48:32:e0:c9:76:65:c1:3a:69:18:74:80:4a:
95:fb:8b:ac:35:64:bf:08:29:f1:40:f9:26:11:b4:
a5:26:9c:e8:f2:54:e7:5d:e3:1c:8e:fd:b1:ac:db:
3b:0e:cc:72:6e:b7:87:82:e8:c7:7e:a3:fe:5a:5c:
5b:c4:13:d5:77:81:62:ae:63:06:3b:f5:eb:3f:9b:
b1:96:90:1d:19:32:d7:06:8e:01:6b:19:2f:07:3e:
86:77:5c:eb:a0:6d:6f:16:43:99:0f:ce:90:8e:b1:
18:8a:62:23:2f:24:41:3f:b8:c1:46:9b:a5:24:35:
b4:e0:a6:a1:f0:94:ef:f9:95:f7:29:5a:59:6c:b6:
e6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:2D:FF:F8:4F:9D:7D:CA:F4:F6:3C:4B:EC:A4:15:8E:D1:D8:13:98
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8080::/48
Signature Algorithm: sha256WithRSAEncryption
7a:e2:f5:ad:c2:6f:db:86:2d:21:cf:90:13:4e:01:ed:50:e5:
d6:a6:3f:09:8c:6b:40:bb:05:29:e0:97:50:82:07:76:49:45:
a3:30:b1:f7:2c:e5:8f:51:b5:45:6a:78:8b:59:98:7f:5d:2e:
83:57:12:0f:21:34:d7:2d:71:58:16:f0:0a:fc:0e:02:75:f1:
c6:cc:5d:62:08:79:08:6d:40:00:9a:cf:27:78:d7:b1:af:87:
6a:d4:56:91:05:95:60:fb:23:23:16:ef:dd:38:8f:2f:cc:d3:
aa:23:0b:41:a3:7d:36:f0:de:5f:f0:4e:b8:c7:29:fb:ee:f9:
c3:c8:46:fe:3e:2b:b8:99:27:82:33:57:42:f1:cc:4a:d4:a4:
3a:b2:fa:63:d7:fa:71:50:35:57:af:08:2e:cb:43:78:b8:83:
e7:7f:1e:eb:59:48:b8:c5:9c:13:f0:2e:62:c9:2d:bd:1c:0d:
22:de:56:da:43:51:61:b9:e7:6a:95:ee:16:29:59:38:35:37:
fe:c4:ea:ec:3e:6c:68:ce:83:bc:f9:9a:55:71:1c:f0:18:25:
b2:9f:3c:40:b4:57:1f:28:a7:6c:b0:57:e2:68:d6:1a:d9:26:
41:25:d0:94:83:86:6a:57:68:1e:5f:00:b7:24:78:88:ca:ca:
63:87:e5:8c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUONnYhW0yPUTA/GXpMemCmlDTG/4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTQwMTJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwNGI0NTc4M2NiYTFmNzdkZGMyYzYxMjdjYjJkODczYzI1MGJiMTY1MGU5
Y2QxZmMzZDkyZTBjNWUxNGE1ZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMB1fSqUrJZVyaEjqzR5FBPzIhIQ1Ap5cOW4mS4xJIfQYta5Jko6jDtCePMK
T8DdQNuBHw7p6oy4mo1/LHKoJ3oHCEWZAwT4SNIu+0cuzNCRUQogiz3xggxZ7o5i
2mhaW5UZf3Ra6MiHWoiS1H/1Rnza4gWc5gNd1htIMuDJdmXBOmkYdIBKlfuLrDVk
vwgp8UD5JhG0pSac6PJU513jHI79sazbOw7Mcm63h4Lox36j/lpcW8QT1XeBYq5j
Bjv16z+bsZaQHRky1waOAWsZLwc+hndc66BtbxZDmQ/OkI6xGIpiIy8kQT+4wUab
pSQ1tOCmofCU7/mV9ylaWWy25kECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTALf/4
T519yvT2PEvspBWO0dgTmDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTFlZTM2NTUtZGNiNC00MWM2LWI0YTQtMjcwY2E1Y2FjZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
gDANBgkqhkiG9w0BAQsFAAOCAQEAeuL1rcJv24YtIc+QE04B7VDl1qY/CYxrQLsF
KeCXUIIHdklFozCx9yzlj1G1RWp4i1mYf10ug1cSDyE01y1xWBbwCvwOAnXxxsxd
Ygh5CG1AAJrPJ3jXsa+HatRWkQWVYPsjIxbv3TiPL8zTqiMLQaN9NvDeX/BOuMcp
++75w8hG/j4ruJkngjNXQvHMStSkOrL6Y9f6cVA1V68ILstDeLiD538e61lIuMWc
E/AuYsktvRwNIt5W2kNRYbnnapXuFilZODU3/sTq7D5saM6DvPmaVXEc8Bglsp88
QLRXHyinbLBX4mjWGtkmQSXQlIOGaldoHl8AtyR4iMrKY4fljA==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:23 2025 by rpki-client