Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
File: 93932fd5-a431-4690-94d6-ed2f97f585c1.roa (raw, json)
Hash identifier: 6THpsNrxunHyV8nqh2TOE2sTWm38QlZsC2utcmKcWk8=
Subject key identifier: 2D:33:DF:E7:48:EF:00:92:56:43:47:E2:CB:D4:E1:9A:03:66:9F:8B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2D1D90B6DEB0AE9E276BC73E07F8B3C6D7C3C414
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
Signing time: Mon 01 Sep 2025 21:01:22 +0000
ROA not before: Mon 01 Sep 2025 21:01:22 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:1d:90:b6:de:b0:ae:9e:27:6b:c7:3e:07:f8:b3:c6:d7:c3:c4:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:01:22 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=9a0efb8990246c31fb384ef638660ad694c95a2042c7660c6ec5ea544189b4d2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9d:a7:43:8c:e8:ad:69:dd:e0:a1:5d:f5:f8:
c4:3c:91:6c:37:38:b5:83:b8:13:fa:03:8b:82:a6:
02:50:20:5c:de:47:b0:37:f0:39:69:f4:43:14:05:
70:8a:72:43:9f:19:cf:3a:63:57:d2:30:d5:0c:d5:
9a:0a:a1:06:e0:2e:a7:9c:09:3b:62:04:4f:32:05:
eb:bc:d3:63:b3:44:4e:4f:e9:c9:45:46:61:3c:3a:
e8:89:7a:b8:1a:91:fc:1e:91:23:b2:88:89:11:04:
71:b7:fb:b8:c5:66:16:bd:ca:67:54:b1:28:bb:c0:
a0:f2:38:8e:86:0f:bf:32:e7:67:0c:7e:57:28:22:
e8:b8:52:2f:e5:bf:90:1a:6d:3f:e8:d3:71:8e:43:
8e:cb:e0:58:22:a3:e4:fc:75:db:45:cb:71:fd:a7:
e6:42:bd:fe:9f:f7:e7:91:f5:25:ec:6f:50:36:5e:
f9:89:da:cd:b0:56:42:aa:32:b4:47:fb:87:66:b7:
e0:a7:13:b9:96:b6:69:e7:64:6f:0f:9b:73:b4:17:
c1:fd:12:e5:fd:4a:19:eb:9e:2d:a5:4f:e4:a8:a3:
1f:8f:d6:b1:19:4f:7a:ab:0d:e5:e0:c7:21:33:15:
87:8c:28:8d:03:b0:18:3b:c6:ad:ab:f6:7e:4f:02:
e9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:33:DF:E7:48:EF:00:92:56:43:47:E2:CB:D4:E1:9A:03:66:9F:8B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:800::/38
Signature Algorithm: sha256WithRSAEncryption
67:85:bd:d9:b1:58:de:0e:54:d9:da:90:0b:25:d1:32:57:25:
a2:c1:db:f9:fc:34:4e:34:69:75:b3:36:67:64:98:a9:d5:01:
e4:c7:5c:a8:bd:cb:87:12:c5:a7:16:58:4b:c1:ec:ea:ff:e6:
1b:15:f4:04:7b:41:7f:e5:b2:56:36:d5:cd:96:68:a2:f5:8d:
7e:14:b1:af:43:81:b2:ee:83:76:27:f3:2b:f5:66:f6:a9:a8:
5d:26:f1:dc:ac:d3:79:e9:57:5a:70:d4:9e:65:32:82:26:fa:
e7:89:f4:be:0c:5c:c8:45:12:8d:78:40:4c:04:df:80:46:b8:
f9:e3:b3:f9:38:ff:3a:71:c7:88:22:35:a7:99:e7:09:6f:bf:
b2:e6:45:2d:14:23:82:3b:60:96:ed:7f:f8:2e:bc:5d:90:9c:
6c:ba:7f:69:67:c0:21:c5:ce:4f:c1:80:ad:e6:33:57:2d:08:
48:f2:dd:d2:69:3c:89:d3:d8:38:a3:28:d2:82:cc:ea:e6:a0:
77:dd:df:36:57:65:f4:e2:a8:fd:62:ec:bc:a8:86:6d:aa:4b:
cc:bb:36:f6:2e:15:2a:31:f4:87:1d:95:63:3b:27:b8:59:51:
fd:07:25:86:87:2b:c5:9c:86:fb:a7:0b:6f:b2:4b:ff:30:55:
66:91:37:34
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULR2Qtt6wrp4na8c+B/izxtfDxBQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAxMjJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhMGVmYjg5OTAyNDZjMzFmYjM4NGVmNjM4NjYwYWQ2OTRjOTVhMjA0MmM3
NjYwYzZlYzVlYTU0NDE4OWI0ZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+dp0OM6K1p3eChXfX4xDyRbDc4tYO4E/oDi4KmAlAgXN5HsDfwOWn0QxQF
cIpyQ58ZzzpjV9Iw1QzVmgqhBuAup5wJO2IETzIF67zTY7NETk/pyUVGYTw66Il6
uBqR/B6RI7KIiREEcbf7uMVmFr3KZ1SxKLvAoPI4joYPvzLnZwx+Vygi6LhSL+W/
kBptP+jTcY5DjsvgWCKj5Px120XLcf2n5kK9/p/355H1JexvUDZe+YnazbBWQqoy
tEf7h2a34KcTuZa2aedkbw+bc7QXwf0S5f1KGeueLaVP5KijH4/WsRlPeqsN5eDH
ITMVh4wojQOwGDvGrav2fk8C6QECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQtM9/n
SO8AklZDR+LL1OGaA2afizAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM5MzJmZDUtYTQzMS00NjkwLTk0ZDYtZWQyZjk3ZjU4NWMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BII
MA0GCSqGSIb3DQEBCwUAA4IBAQBnhb3ZsVjeDlTZ2pALJdEyVyWiwdv5/DRONGl1
szZnZJip1QHkx1yovcuHEsWnFlhLwezq/+YbFfQEe0F/5bJWNtXNlmii9Y1+FLGv
Q4Gy7oN2J/Mr9Wb2qahdJvHcrNN56VdacNSeZTKCJvrnifS+DFzIRRKNeEBMBN+A
Rrj547P5OP86cceIIjWnmecJb7+y5kUtFCOCO2CW7X/4LrxdkJxsun9pZ8Ahxc5P
wYCt5jNXLQhI8t3SaTyJ09g4oyjSgszq5qB33d82V2X04qj9Yuy8qIZtqkvMuzb2
LhUqMfSHHZVjOye4WVH9ByWGhyvFnIb7pwtvskv/MFVmkTc0
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:21 2025 by rpki-client