Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
File: 9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa (raw, json)
Hash identifier: wESg3pBAYShzTgcCcm3ebpmshYZGo4Ms4Fh9DKOFzjE=
Subject key identifier: 51:C7:D5:71:C8:17:D5:61:C3:85:F7:F9:F4:C8:14:63:A5:35:6F:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 649E19693CAA15D2E89113705293D9C867D1FDA2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
Signing time: Mon 01 Sep 2025 20:30:53 +0000
ROA not before: Mon 01 Sep 2025 20:30:53 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:9e:19:69:3c:aa:15:d2:e8:91:13:70:52:93:d9:c8:67:d1:fd:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:53 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=633c6058c35ea99eb43bf606cbb349950c39544c578a7b32c0dffaf30b94a27a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:44:6d:3b:87:83:e7:9e:c8:44:cc:bc:77:f9:
f8:3e:b5:02:e3:05:5d:9c:80:1d:a4:c4:50:41:3b:
ec:df:2a:89:4f:7a:61:e1:fa:bc:fb:e3:c3:54:53:
f6:0a:1e:59:64:53:dd:37:7a:fa:69:e6:7b:13:13:
77:9c:b2:6a:11:5b:d6:b8:63:39:c8:ff:b7:cd:11:
36:64:af:1e:85:12:10:82:b8:47:70:d4:58:1b:b2:
8e:42:52:4b:ec:f8:0a:07:52:bf:52:a2:94:62:73:
db:39:36:bd:83:fc:da:9d:8d:1e:43:08:5e:e9:39:
cf:80:b4:55:72:31:e2:d2:f0:2c:5c:9b:db:d4:97:
3c:5e:0f:d2:86:22:42:b1:25:06:4e:9c:02:0e:c2:
84:f5:1d:0a:43:f4:25:e5:96:a1:c4:da:fe:54:91:
4f:77:cc:6c:43:bb:07:70:fa:89:64:9d:d0:e0:7a:
73:f0:31:c6:78:bd:2c:62:4b:51:c9:38:b9:62:a7:
fc:67:fa:73:b2:3d:ea:4b:71:72:6a:72:c0:e8:1d:
26:22:3f:1b:c3:1a:6f:22:33:94:df:57:73:a6:b9:
36:9c:6b:d4:d1:e0:90:b1:d9:36:0d:d6:dd:0e:fd:
ce:fd:40:54:e3:ed:c4:9a:3f:71:e5:d1:72:c4:89:
41:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C7:D5:71:C8:17:D5:61:C3:85:F7:F9:F4:C8:14:63:A5:35:6F:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:a000::/40
Signature Algorithm: sha256WithRSAEncryption
04:1d:f2:58:81:9f:a2:d0:de:4a:00:56:67:48:8d:fb:f1:f3:
9b:80:c6:03:95:90:ef:18:c7:54:d2:06:7c:c6:de:be:6a:12:
2f:9e:c5:50:47:5d:49:06:3f:fc:6a:b1:d8:b9:94:39:e2:29:
61:29:ca:9d:ca:6f:f3:53:97:85:f4:f2:10:3d:53:0d:d4:8e:
b2:6a:a1:e4:2c:83:e5:3f:d5:b2:ed:bf:ce:db:53:30:d2:c6:
fd:d6:64:a8:38:ea:81:28:07:16:8f:f6:2e:9f:80:74:c4:ba:
2d:55:04:46:86:e8:09:9c:10:94:26:94:8f:a9:95:19:b8:31:
55:f1:4d:e0:e1:ab:6c:34:18:b7:97:6d:4f:07:81:ea:55:31:
33:b9:ef:54:2e:21:5e:b4:49:70:66:7e:af:8b:cf:d7:cf:4f:
8a:78:96:64:78:5e:af:70:d0:33:ec:10:db:2a:68:3d:f5:7c:
1f:2b:f5:88:35:a2:45:70:b5:c8:17:7c:0d:c0:73:6c:db:fb:
63:4e:25:81:28:34:48:8e:3b:bf:c7:63:bb:5b:6f:4e:db:cd:
45:bb:b7:36:10:c0:ee:c6:ae:48:a5:74:22:ff:ea:88:7a:d3:
92:b2:4e:43:5f:ac:c4:70:31:0f:83:5f:33:03:6f:fc:16:d3:
8c:3e:6f:12
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZJ4ZaTyqFdLokRNwUpPZyGfR/aIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwNTNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzM2M2MDU4YzM1ZWE5OWViNDNiZjYwNmNiYjM0OTk1MGMzOTU0NGM1Nzhh
N2IzMmMwZGZmYWYzMGI5NGEyN2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIpEbTuHg+eeyETMvHf5+D61AuMFXZyAHaTEUEE77N8qiU96YeH6vPvjw1RT
9goeWWRT3Td6+mnmexMTd5yyahFb1rhjOcj/t80RNmSvHoUSEIK4R3DUWBuyjkJS
S+z4CgdSv1KilGJz2zk2vYP82p2NHkMIXuk5z4C0VXIx4tLwLFyb29SXPF4P0oYi
QrElBk6cAg7ChPUdCkP0JeWWocTa/lSRT3fMbEO7B3D6iWSd0OB6c/Axxni9LGJL
Uck4uWKn/Gf6c7I96ktxcmpywOgdJiI/G8MabyIzlN9Xc6a5Npxr1NHgkLHZNg3W
3Q79zv1AVOPtxJo/ceXRcsSJQUUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRRx9Vx
yBfVYcOF9/n0yBRjpTVvHzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQyZWEyYWEtZDQwYS00OWE3LWFiMDAtNDRmZjVkYmY3MjliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGg
MA0GCSqGSIb3DQEBCwUAA4IBAQAEHfJYgZ+i0N5KAFZnSI378fObgMYDlZDvGMdU
0gZ8xt6+ahIvnsVQR11JBj/8arHYuZQ54ilhKcqdym/zU5eF9PIQPVMN1I6yaqHk
LIPlP9Wy7b/O21Mw0sb91mSoOOqBKAcWj/Yun4B0xLotVQRGhugJnBCUJpSPqZUZ
uDFV8U3g4atsNBi3l21PB4HqVTEzue9ULiFetElwZn6vi8/Xz0+KeJZkeF6vcNAz
7BDbKmg99XwfK/WINaJFcLXIF3wNwHNs2/tjTiWBKDRIjju/x2O7W29O281Fu7c2
EMDuxq5IpXQi/+qIetOSsk5DX6zEcDEPg18zA2/8FtOMPm8S
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:06 2025 by rpki-client