Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
File: a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa (raw, json)
Hash identifier: yL1y6i19014zj+0l0pF0dnmDbzh4V0FGZt7m59xNuG4=
Subject key identifier: DD:0A:54:78:73:90:92:BE:F3:A8:49:D9:05:98:14:BE:74:60:8B:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 581D86C0EA9A91FA89DAF6902E516931A3F54E11
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
Signing time: Mon 01 Sep 2025 20:10:11 +0000
ROA not before: Mon 01 Sep 2025 20:10:11 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:6080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:1d:86:c0:ea:9a:91:fa:89:da:f6:90:2e:51:69:31:a3:f5:4e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:10:11 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=5bb2fc45c9fd1f5ea85fc8df8d14d6dabcafa8f094db40b827f25436b7e6f6ba, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:06:c3:e5:91:3e:b4:1c:c6:15:ab:d3:07:10:
4b:d6:1c:92:39:f5:d8:02:f5:9b:8e:a5:75:17:4b:
5d:47:27:5a:fb:65:42:39:d4:97:f9:b5:c8:3f:42:
6f:d3:7a:1d:52:3d:8f:a9:d0:f5:6e:94:7e:f3:c7:
9e:d2:be:a5:ff:c1:e7:f1:f8:80:00:56:9d:15:85:
e8:07:74:14:ac:a4:ec:8b:fc:31:6a:bf:d9:e0:45:
b9:ea:74:50:70:18:24:3d:fe:62:c4:c9:41:5f:6c:
48:ad:e2:63:ec:21:25:2f:fc:10:92:1a:7d:93:c2:
d4:2c:37:3b:94:c6:c8:a8:ca:35:43:2a:05:2f:c1:
89:d8:74:6b:e9:a7:3a:55:11:57:38:ba:b7:4f:6c:
a4:db:13:5c:05:f3:ab:86:2a:e7:de:52:a8:03:fd:
83:2f:a0:a8:2a:0b:f4:62:fe:fe:54:f3:44:20:d3:
7c:39:c4:f7:f5:4c:ba:d8:67:7e:4f:c4:60:53:27:
c2:d3:4b:b1:3c:d9:ab:e3:68:d9:5c:ed:d2:55:60:
cb:91:80:39:39:39:22:d5:26:a0:25:de:3d:6c:d0:
61:00:1d:d1:ed:fa:9a:c5:70:cd:1c:36:da:95:c7:
90:8b:b6:f3:af:2f:1b:f8:52:42:66:c0:83:42:44:
4e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0A:54:78:73:90:92:BE:F3:A8:49:D9:05:98:14:BE:74:60:8B:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a40e2cf2-d6e4-4813-a5aa-623eda8926e6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:6080::/48
Signature Algorithm: sha256WithRSAEncryption
b6:00:d0:3e:dd:8b:95:d9:44:50:17:70:63:37:da:4c:23:ac:
3b:84:fb:fa:06:12:6b:05:c9:57:d7:d3:fb:9a:54:7e:25:bd:
6c:fa:cf:ac:a2:ba:e3:97:3a:32:3e:b7:dc:01:37:d2:27:c1:
1c:02:88:4f:9b:43:e0:31:16:00:a6:e4:0e:f9:82:c2:2c:b6:
a2:73:97:ae:0d:e2:6c:00:d4:b7:b9:32:0e:fe:f5:c1:b6:32:
2a:af:a5:db:eb:13:9c:26:9f:a4:fd:91:e1:3e:c5:45:33:a3:
10:be:fe:35:5a:bb:85:25:16:9f:3a:10:0f:68:2b:eb:f6:a9:
88:a2:92:63:d7:85:86:03:0a:2a:56:8a:99:7c:69:c5:e0:ac:
56:91:23:c0:86:21:be:ba:3c:4e:99:3b:20:7e:d2:c3:15:b6:
31:d8:33:ef:6a:a3:ef:80:f0:94:61:fe:86:67:35:f6:5f:c6:
27:51:db:08:5b:29:a8:ac:a6:aa:45:8c:52:0f:7d:ee:c4:48:
1f:91:3f:df:14:01:73:f9:ad:26:f3:89:2c:de:ab:26:b5:c9:
9b:7d:96:f7:e5:97:16:01:e4:c6:fc:ec:6a:fd:f5:f6:ee:fc:
52:0e:fb:38:c8:60:bf:68:ef:f2:5b:d3:d7:a6:11:f3:91:c7:
5f:42:45:25
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWB2GwOqakfqJ2vaQLlFpMaP1ThEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDEwMTFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDViYjJmYzQ1YzlmZDFmNWVhODVmYzhkZjhkMTRkNmRhYmNhZmE4ZjA5NGRi
NDBiODI3ZjI1NDM2YjdlNmY2YmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKoGw+WRPrQcxhWr0wcQS9Yckjn12AL1m46ldRdLXUcnWvtlQjnUl/m1yD9C
b9N6HVI9j6nQ9W6UfvPHntK+pf/B5/H4gABWnRWF6Ad0FKyk7Iv8MWq/2eBFuep0
UHAYJD3+YsTJQV9sSK3iY+whJS/8EJIafZPC1Cw3O5TGyKjKNUMqBS/Bidh0a+mn
OlURVzi6t09spNsTXAXzq4Yq595SqAP9gy+gqCoL9GL+/lTzRCDTfDnE9/VMuthn
fk/EYFMnwtNLsTzZq+No2Vzt0lVgy5GAOTk5ItUmoCXePWzQYQAd0e36msVwzRw2
2pXHkIu2868vG/hSQmbAg0JETpkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTdClR4
c5CSvvOoSdkFmBS+dGCLrDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTQwZTJjZjItZDZlNC00ODEzLWE1YWEtNjIzZWRhODkyNmU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DFg
gDANBgkqhkiG9w0BAQsFAAOCAQEAtgDQPt2LldlEUBdwYzfaTCOsO4T7+gYSawXJ
V9fT+5pUfiW9bPrPrKK645c6Mj633AE30ifBHAKIT5tD4DEWAKbkDvmCwiy2onOX
rg3ibADUt7kyDv71wbYyKq+l2+sTnCafpP2R4T7FRTOjEL7+NVq7hSUWnzoQD2gr
6/apiKKSY9eFhgMKKlaKmXxpxeCsVpEjwIYhvro8Tpk7IH7SwxW2Mdgz72qj74Dw
lGH+hmc19l/GJ1HbCFspqKymqkWMUg997sRIH5E/3xQBc/mtJvOJLN6rJrXJm32W
9+WXFgHkxvzsav319u78Ug77OMhgv2jv8lvT16YR85HHX0JFJQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:08 2025 by rpki-client