Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c61029-f559-411c-89fd-a1970cac6bc1.roa
File: a6c61029-f559-411c-89fd-a1970cac6bc1.roa (raw, json)
Hash identifier: 4pKyW3J1Id+JCiG+1fB53eFNEmA+gvHn6iKY4mMiMO0=
Subject key identifier: F7:C9:81:7B:FB:BC:14:89:E6:5C:2B:B6:B0:3A:EA:C1:3F:86:36:F0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E6CB0E646F98FEB8A2437C6B0E5B801E8A488B1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c61029-f559-411c-89fd-a1970cac6bc1.roa
Signing time: Mon 01 Sep 2025 20:50:04 +0000
ROA not before: Mon 01 Sep 2025 20:50:04 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:6c:b0:e6:46:f9:8f:eb:8a:24:37:c6:b0:e5:b8:01:e8:a4:88:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:50:04 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=5861671aa83bf356fba9027fc2bcf7ca6837d0c1c912803ce86bddb6ef787f93, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:61:60:46:14:87:9f:ea:ed:9c:45:c9:22:50:
c5:09:85:92:b3:96:a6:4c:a3:38:ef:d6:34:88:f0:
7d:34:58:73:fd:9d:e8:94:03:06:f4:6a:27:67:18:
97:84:f9:ff:08:5e:b6:16:e4:c4:9e:56:7d:e8:07:
06:2a:78:88:b7:c9:3f:55:89:f2:a5:0f:7f:0c:16:
e0:d0:c9:9e:97:61:a0:1f:35:17:65:38:7a:de:b7:
05:9a:00:71:a6:dc:09:69:9b:14:ef:ac:d0:10:16:
8a:e6:dd:46:f6:70:81:f8:0f:e7:99:40:a4:b9:ad:
7e:a2:4a:87:3b:96:2b:d9:cb:f7:09:b0:2b:4c:39:
ef:23:16:80:ea:ec:68:24:e1:0d:84:af:43:e5:2b:
09:b9:27:51:8f:5b:fb:80:c8:25:55:5e:5f:05:c2:
8d:db:c4:cd:7a:9e:0e:bc:01:4f:65:7b:eb:9b:45:
b9:9b:91:f2:a7:1b:2f:ac:80:d1:59:59:86:d8:88:
e7:3f:5f:fe:ba:a4:f4:bf:54:28:63:7f:d4:28:31:
8e:06:7b:bf:0d:58:ec:64:26:b2:4a:8e:f3:d4:7d:
eb:0e:79:a6:9b:25:49:98:5f:0a:4f:90:54:37:82:
f5:5c:01:3a:c5:b4:56:2e:be:bb:63:ef:c6:e1:0b:
58:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C9:81:7B:FB:BC:14:89:E6:5C:2B:B6:B0:3A:EA:C1:3F:86:36:F0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c61029-f559-411c-89fd-a1970cac6bc1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:9000::/40
Signature Algorithm: sha256WithRSAEncryption
56:5b:79:50:a8:04:94:ad:a7:b6:a2:02:e0:7a:20:e4:ab:67:
98:7a:b9:0b:4a:f0:55:5a:76:fd:77:12:28:79:e8:d5:53:ea:
c5:5b:87:9a:89:f2:f0:44:a5:52:ee:e3:7c:2d:e4:69:1f:ed:
12:ea:67:2a:4a:35:6d:58:8c:ee:71:fd:dc:00:21:a3:01:b2:
9e:57:61:5a:90:f8:6f:d9:e0:66:eb:f8:c2:f0:66:f9:4e:01:
f4:61:9c:36:17:66:5d:18:fc:16:cc:e8:77:b6:c2:4a:84:93:
52:d9:87:db:9c:94:94:c3:22:1f:a3:d5:a6:92:b2:6c:dd:bd:
f5:64:79:1e:d1:7a:9f:64:3b:3d:13:16:b8:43:e6:e6:a1:67:
7f:76:53:4c:24:f0:df:02:b3:d4:a0:2d:41:c1:b6:dd:92:a5:
e1:90:35:93:60:25:bb:0a:78:1a:b5:cf:18:2e:ae:7e:fa:26:
e6:65:eb:a7:ca:d2:5d:ee:70:6a:26:3a:31:60:32:51:63:0c:
77:4e:e4:9f:36:f3:a3:0e:80:5b:84:4b:2b:fc:66:ef:e4:59:
fb:05:bb:8d:70:31:3d:44:23:4f:eb:ad:1a:3a:0a:87:c3:06:
0a:b7:a5:42:48:61:1b:b4:8b:56:24:54:37:a4:23:6b:6e:3b:
db:7e:b9:16
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTmyw5kb5j+uKJDfGsOW4AeikiLEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUwMDRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4NjE2NzFhYTgzYmYzNTZmYmE5MDI3ZmMyYmNmN2NhNjgzN2QwYzFjOTEy
ODAzY2U4NmJkZGI2ZWY3ODdmOTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMthYEYUh5/q7ZxFySJQxQmFkrOWpkyjOO/WNIjwfTRYc/2d6JQDBvRqJ2cY
l4T5/whethbkxJ5WfegHBip4iLfJP1WJ8qUPfwwW4NDJnpdhoB81F2U4et63BZoA
cabcCWmbFO+s0BAWiubdRvZwgfgP55lApLmtfqJKhzuWK9nL9wmwK0w57yMWgOrs
aCThDYSvQ+UrCbknUY9b+4DIJVVeXwXCjdvEzXqeDrwBT2V765tFuZuR8qcbL6yA
0VlZhtiI5z9f/rqk9L9UKGN/1CgxjgZ7vw1Y7GQmskqO89R96w55ppslSZhfCk+Q
VDeC9VwBOsW0Vi6+u2PvxuELWPECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT3yYF7
+7wUieZcK7awOurBP4Y28DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZjNjEwMjktZjU1OS00MTFjLTg5ZmQtYTE5NzBjYWM2YmMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBWW3lQqASUrae2ogLgeiDkq2eYerkLSvBVWnb9
dxIoeejVU+rFW4eaifLwRKVS7uN8LeRpH+0S6mcqSjVtWIzucf3cACGjAbKeV2Fa
kPhv2eBm6/jC8Gb5TgH0YZw2F2ZdGPwWzOh3tsJKhJNS2YfbnJSUwyIfo9WmkrJs
3b31ZHke0XqfZDs9Exa4Q+bmoWd/dlNMJPDfArPUoC1BwbbdkqXhkDWTYCW7Cnga
tc8YLq5++ibmZeunytJd7nBqJjoxYDJRYwx3TuSfNvOjDoBbhEsr/Gbv5Fn7BbuN
cDE9RCNP660aOgqHwwYKt6VCSGEbtItWJFQ3pCNrbjvbfrkW
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:30 2025 by rpki-client