Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
File: 9a732efb-e23f-49a4-ad51-1a43431e07c9.roa (raw, json)
Hash identifier: mw5U3K1YFETouf41WwAw+jNzQ0Qi9JeMecnjaDD9tnE=
Subject key identifier: 58:37:DC:A0:F7:A6:3F:00:34:23:38:CF:95:3B:EA:C9:8F:2A:F5:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25DEA7CDAA1A346259CB392FCA98997C31E0B0C2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
Signing time: Mon 01 Sep 2025 20:50:21 +0000
ROA not before: Mon 01 Sep 2025 20:50:21 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d034:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 08:32:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:de:a7:cd:aa:1a:34:62:59:cb:39:2f:ca:98:99:7c:31:e0:b0:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:50:21 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=27864ca9755f6e6ad7ea1faf16ed54333679a5fc9bf1c9e6735ddc1363d87178, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:92:d9:e7:7b:cf:0c:a4:da:45:f4:12:7c:82:
b2:10:35:da:a7:df:ed:98:3a:71:88:d5:2d:2e:a3:
b8:bd:27:18:2b:a7:da:c0:fa:8b:e4:7d:f8:f8:7c:
17:71:ca:c3:d9:fd:ec:a0:22:6f:46:d6:fe:4e:7d:
12:ae:76:90:35:00:a8:71:4f:7a:67:15:17:32:1b:
b5:de:5b:4c:28:69:19:15:b7:0d:bc:58:e9:a4:da:
63:be:a4:56:7b:c2:c8:37:88:cc:d0:21:b5:5e:5a:
2b:ae:d0:a0:6d:b0:e9:47:3b:9f:d2:88:21:17:33:
db:6f:bb:d3:92:7f:ea:9b:5d:a4:0e:78:0c:20:7a:
59:9a:ac:18:49:d2:86:32:7b:2f:a7:33:6b:70:72:
7e:cb:7e:7a:d3:c2:8a:c4:40:75:c3:bf:3e:40:30:
0f:6d:fb:ef:47:22:a2:f2:ca:d7:5e:78:85:8b:4d:
44:bb:49:d2:f8:94:16:4c:b1:15:b9:e6:d4:ba:bc:
c4:ef:53:bd:ec:ba:93:ff:e4:99:34:ec:87:f8:b3:
bc:9d:30:15:46:30:93:ca:ae:fc:1c:30:e1:7c:9b:
ea:2a:63:f8:3b:e8:b3:f6:58:5b:c6:d5:1c:32:a0:
7b:20:20:dc:e0:0e:bb:08:e9:b6:9a:a2:a7:d7:09:
66:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:37:DC:A0:F7:A6:3F:00:34:23:38:CF:95:3B:EA:C9:8F:2A:F5:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a732efb-e23f-49a4-ad51-1a43431e07c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:9000::/40
Signature Algorithm: sha256WithRSAEncryption
af:73:9e:92:07:a5:c5:23:f4:f9:02:b8:c9:12:3e:bd:78:3f:
23:bc:d9:64:61:ae:e9:b0:84:d4:e2:b6:ac:2f:95:5e:8b:b0:
08:d5:75:d0:37:29:bf:a9:e8:a7:f0:0f:48:f3:71:2b:92:6d:
e8:bb:8c:35:e0:9a:1b:45:1e:7a:af:eb:7f:25:c0:ae:67:3a:
81:d6:e2:b3:ff:c4:2e:32:86:d1:ee:ba:36:7a:e3:76:4b:1b:
75:7c:0b:81:2b:ff:2f:90:c0:f0:e7:94:db:eb:33:91:23:88:
b7:47:59:f5:66:2a:df:88:78:8f:49:ca:ab:89:55:48:67:81:
f1:0d:a7:a5:e7:c7:fd:b3:9d:3a:0a:70:cc:06:bd:8a:f9:6e:
e0:af:d4:bb:85:50:c9:4d:8d:78:b7:d2:40:15:32:50:a4:9d:
af:6e:28:17:47:3f:0c:3a:19:fa:9b:d5:3a:b4:ac:e4:25:e8:
88:f2:9c:3b:55:1e:ce:28:67:e2:8b:44:35:c7:97:59:fb:7d:
1e:2a:45:eb:83:4c:f6:05:2f:43:d1:78:99:83:67:53:44:5e:
20:85:91:87:12:06:fa:c2:31:08:43:77:fe:54:5e:37:d9:53:
e9:9f:c5:a0:f4:26:0e:af:2b:c1:07:36:10:79:38:43:7a:bd:
70:b9:ed:30
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJd6nzaoaNGJZyzkvypiZfDHgsMIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUwMjFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3ODY0Y2E5NzU1ZjZlNmFkN2VhMWZhZjE2ZWQ1NDMzMzY3OWE1ZmM5YmYx
YzllNjczNWRkYzEzNjNkODcxNzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOWS2ed7zwyk2kX0EnyCshA12qff7Zg6cYjVLS6juL0nGCun2sD6i+R9+Ph8
F3HKw9n97KAib0bW/k59Eq52kDUAqHFPemcVFzIbtd5bTChpGRW3DbxY6aTaY76k
VnvCyDeIzNAhtV5aK67QoG2w6Uc7n9KIIRcz22+705J/6ptdpA54DCB6WZqsGEnS
hjJ7L6cza3Byfst+etPCisRAdcO/PkAwD23770ciovLK1154hYtNRLtJ0viUFkyx
Fbnm1Lq8xO9Tvey6k//kmTTsh/izvJ0wFUYwk8qu/Bww4Xyb6ipj+Dvos/ZYW8bV
HDKgeyAg3OAOuwjptpqip9cJZkcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRYN9yg
96Y/ADQjOM+VO+rJjyr1CjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWE3MzJlZmItZTIzZi00OWE0LWFkNTEtMWE0MzQzMWUwN2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DSQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCvc56SB6XFI/T5ArjJEj69eD8jvNlkYa7psITU
4rasL5Vei7AI1XXQNym/qein8A9I83Erkm3ou4w14JobRR56r+t/JcCuZzqB1uKz
/8QuMobR7ro2euN2Sxt1fAuBK/8vkMDw55Tb6zORI4i3R1n1ZirfiHiPScqriVVI
Z4HxDael58f9s506CnDMBr2K+W7gr9S7hVDJTY14t9JAFTJQpJ2vbigXRz8MOhn6
m9U6tKzkJeiI8pw7VR7OKGfii0Q1x5dZ+30eKkXrg0z2BS9D0XiZg2dTRF4ghZGH
Egb6wjEIQ3f+VF432VPpn8Wg9CYOryvBBzYQeThDer1wue0w
-----END CERTIFICATE-----
Generated at Thu Sep 18 11:29:38 2025 by rpki-client