Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
File: 94d1ece6-a642-4297-8fb7-d7003b36fe75.roa (raw, json)
Hash identifier: wWlclPWvdVyAYQTHtDb4LJjbEOg4itzqmiqw2LzHXA8=
Subject key identifier: DC:91:DB:6D:C8:6D:F8:1C:3A:BC:51:86:C1:E5:BC:D4:80:76:31:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13B94AB242ECB81EDCD63DB3E6F94E6EC7DA61C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
Signing time: Mon 01 Sep 2025 21:11:14 +0000
ROA not before: Mon 01 Sep 2025 21:11:14 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:b9:4a:b2:42:ec:b8:1e:dc:d6:3d:b3:e6:f9:4e:6e:c7:da:61:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:11:14 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=03f6eada5982632346400c1220dfc0f1dddae6d38f01292c2eab09d135ad98bc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a0:0d:53:fa:18:f9:de:4f:03:03:29:ea:58:
a6:f4:c9:6a:4c:10:b0:42:95:18:42:76:97:4d:4e:
8d:21:fd:d7:11:e8:fa:fa:f1:ad:1b:9b:12:88:28:
b8:9a:f7:dc:5c:b8:c9:b1:8d:12:93:2b:df:42:ab:
aa:47:7e:11:c5:3a:7d:86:8f:81:8b:5f:74:4b:2a:
0c:74:49:dc:e4:12:6c:2b:09:af:9f:69:26:17:0a:
23:1f:6e:0a:2e:c7:97:6f:e6:d6:c0:82:03:b5:ff:
1c:a9:48:2d:9e:6b:f9:81:a6:a5:02:fb:be:c6:d5:
ea:ed:0e:63:34:0d:3e:bb:c0:cd:59:b5:41:08:5e:
35:13:d2:36:8a:31:59:ed:cc:9e:f2:ef:82:0e:a4:
90:04:01:df:1b:d5:5d:39:06:06:4b:94:f1:87:28:
74:46:d7:a7:3e:39:79:cb:36:13:ae:37:b9:f2:37:
8d:be:25:cf:d4:b8:6b:73:83:1e:3b:9a:75:13:2b:
46:c0:6f:f1:e9:90:bb:3b:df:64:ff:fa:10:ee:b4:
c2:15:8e:31:13:3f:c7:1f:cd:f4:ab:6b:28:24:4a:
db:0a:0b:37:f2:b9:08:4f:9c:95:d0:8b:5d:62:8f:
ac:26:8e:63:6a:74:97:b6:27:31:b2:56:b0:35:3e:
c7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:91:DB:6D:C8:6D:F8:1C:3A:BC:51:86:C1:E5:BC:D4:80:76:31:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:800::/38
Signature Algorithm: sha256WithRSAEncryption
bf:95:51:69:59:e0:0c:a5:44:e4:98:64:21:27:e7:a0:1c:19:
bb:54:46:2f:64:45:9f:dd:d8:0d:b6:6a:46:86:d5:9f:2f:6c:
ad:b3:0a:51:2d:3d:33:cb:71:0a:bf:e2:cf:c5:43:d9:b3:88:
8a:ca:9d:bc:93:34:a9:48:ab:45:89:2e:30:a4:cb:52:74:26:
3e:43:8f:9c:31:69:e4:4f:e6:e7:71:f6:ee:7e:42:d9:b8:7d:
41:78:9f:18:99:1c:24:6e:ce:a0:e2:ab:9e:d5:36:b7:11:43:
2d:ad:61:06:4c:fa:0e:1b:8c:a2:fa:d6:79:d0:e5:99:67:fa:
d9:19:bb:ed:a7:9a:29:25:d8:00:9d:4d:53:fd:52:93:15:16:
fb:43:3b:d4:9b:96:d8:fa:9d:51:eb:8f:e7:41:40:ae:c9:db:
a2:36:a1:29:45:8d:2f:86:23:15:b5:67:dc:a7:20:61:5e:06:
70:b2:97:21:9d:0c:63:92:5c:56:d3:85:e8:e6:cc:a7:5d:1c:
4f:54:bf:d4:65:3d:16:ea:fb:59:3b:2b:ad:a8:16:25:5f:01:
08:f0:e0:1c:54:0a:8a:c7:37:16:a4:65:b1:fd:37:5f:53:1a:
3d:3b:07:a4:61:06:d7:d6:e9:2b:0c:59:c4:d2:b4:cb:43:85:
0f:63:80:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE7lKskLsuB7c1j2z5vlObsfaYcgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTExMTRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzZjZlYWRhNTk4MjYzMjM0NjQwMGMxMjIwZGZjMGYxZGRkYWU2ZDM4ZjAx
MjkyYzJlYWIwOWQxMzVhZDk4YmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKegDVP6GPneTwMDKepYpvTJakwQsEKVGEJ2l01OjSH91xHo+vrxrRubEogo
uJr33Fy4ybGNEpMr30Krqkd+EcU6fYaPgYtfdEsqDHRJ3OQSbCsJr59pJhcKIx9u
Ci7Hl2/m1sCCA7X/HKlILZ5r+YGmpQL7vsbV6u0OYzQNPrvAzVm1QQheNRPSNoox
We3MnvLvgg6kkAQB3xvVXTkGBkuU8YcodEbXpz45ecs2E643ufI3jb4lz9S4a3OD
HjuadRMrRsBv8emQuzvfZP/6EO60whWOMRM/xx/N9KtrKCRK2woLN/K5CE+cldCL
XWKPrCaOY2p0l7YnMbJWsDU+x38CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTckdtt
yG34HDq8UYbB5bzUgHYxhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRkMWVjZTYtYTY0Mi00Mjk3LThmYjctZDcwMDNiMzZmZTc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgI
MA0GCSqGSIb3DQEBCwUAA4IBAQC/lVFpWeAMpUTkmGQhJ+egHBm7VEYvZEWf3dgN
tmpGhtWfL2ytswpRLT0zy3EKv+LPxUPZs4iKyp28kzSpSKtFiS4wpMtSdCY+Q4+c
MWnkT+bncfbufkLZuH1BeJ8YmRwkbs6g4que1Ta3EUMtrWEGTPoOG4yi+tZ50OWZ
Z/rZGbvtp5opJdgAnU1T/VKTFRb7QzvUm5bY+p1R64/nQUCuyduiNqEpRY0vhiMV
tWfcpyBhXgZwspchnQxjklxW04Xo5synXRxPVL/UZT0W6vtZOyutqBYlXwEI8OAc
VAqKxzcWpGWx/TdfUxo9OwekYQbX1ukrDFnE0rTLQ4UPY4C/
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:40 2025 by rpki-client