Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
File: ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa (raw, json)
Hash identifier: Lngjc7D02BtbeeLaOh6XsKn1wTX+Mmc5X5WC/AOIb0A=
Subject key identifier: C8:36:EC:FA:73:AC:F9:4E:54:DE:9C:F9:BD:A2:3E:88:75:FF:88:D1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6AB4B7261F24477ACD2A1B905B940D79C150F05C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
Signing time: Mon 01 Sep 2025 20:10:42 +0000
ROA not before: Mon 01 Sep 2025 20:10:42 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:b4:b7:26:1f:24:47:7a:cd:2a:1b:90:5b:94:0d:79:c1:50:f0:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:10:42 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=008e39fa03384c96148e480751ce38e87b5d897c0de2dc14e0ece2bce365dc10, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c0:a5:97:a7:42:a4:b5:25:0b:39:05:76:31:
4b:3b:17:39:61:bb:2c:ec:49:cd:b7:b6:47:b9:01:
a4:7b:12:50:a7:a2:5d:b9:46:54:00:a9:fe:6d:c5:
26:a3:73:64:6e:71:ff:bf:74:fa:72:e0:fb:bc:d9:
6a:ce:e8:70:0a:70:24:96:f7:91:78:51:a1:ea:12:
d3:3a:8a:b3:2b:f1:95:cc:b3:77:0d:71:d8:a6:75:
66:51:ab:08:04:a3:d8:10:26:b8:2f:a9:8e:d5:33:
93:ed:12:6b:8a:2f:ed:42:e1:d2:45:84:69:a4:91:
10:a4:01:cb:17:4d:2c:71:07:e3:f8:3a:46:ca:ae:
25:99:3c:15:77:af:f3:2b:fd:43:97:f8:10:cc:83:
a1:49:b3:02:f4:0d:1b:f8:35:e6:e4:b9:c4:0c:26:
8e:62:e3:6c:ad:9a:27:da:dc:64:12:4b:91:ba:25:
3d:f3:44:b7:32:16:9d:bb:a5:81:fd:aa:c0:0f:f9:
04:33:58:22:04:e3:d9:a3:b3:4d:28:f4:86:5b:68:
f9:bb:cd:c1:d2:3f:f8:54:e2:1b:f9:24:8c:8c:26:
0e:11:d0:96:c8:a1:2d:ca:57:79:b0:75:4a:a7:39:
d0:21:30:32:aa:45:bb:69:30:b4:c8:9f:38:51:a6:
f7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:36:EC:FA:73:AC:F9:4E:54:DE:9C:F9:BD:A2:3E:88:75:FF:88:D1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab232b86-9bd6-409c-8de5-92bfff2a8b5a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
89:1e:ee:89:32:04:a0:f0:d3:3d:38:8c:55:6d:43:ff:b1:6a:
6b:06:6e:ef:79:db:97:f3:1e:33:a0:c8:6a:83:ba:a4:f5:96:
1d:d2:1d:cb:3e:4c:e0:eb:2a:10:91:4b:01:9e:d4:d7:4e:a9:
c4:6e:64:b9:62:55:d7:21:ff:61:dd:61:7c:01:43:93:ef:2b:
94:b3:77:28:fc:35:c2:de:57:83:49:d7:15:83:4f:00:e7:79:
1e:0a:6e:ca:04:43:9f:11:9e:21:8d:b8:ea:54:6e:99:39:2a:
81:21:71:62:f4:68:08:77:ec:13:e2:9a:ec:07:d9:bd:7e:5e:
d3:81:e2:d6:c7:66:4a:cf:89:68:2f:14:97:30:4d:c0:03:92:
20:54:e9:9e:c4:0c:33:f8:fd:c0:67:67:ab:56:51:d2:e7:75:
6f:29:cf:53:40:2c:04:82:52:33:09:80:17:c2:b8:b2:cb:11:
c1:f2:fb:88:94:a2:d3:fe:d8:91:41:66:32:f9:59:7d:e0:15:
b4:35:56:d9:bd:87:03:2d:c0:16:d6:b8:d4:a5:18:f9:30:85:
91:a9:44:25:a2:b3:a1:69:cf:30:18:67:00:59:82:84:1e:50:
d4:ec:26:05:fa:9c:b0:3f:4e:df:01:af:69:61:65:e9:2d:e0:
f2:96:a0:b9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUarS3Jh8kR3rNKhuQW5QNecFQ8FwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDEwNDJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwOGUzOWZhMDMzODRjOTYxNDhlNDgwNzUxY2UzOGU4N2I1ZDg5N2MwZGUy
ZGMxNGUwZWNlMmJjZTM2NWRjMTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3ApZenQqS1JQs5BXYxSzsXOWG7LOxJzbe2R7kBpHsSUKeiXblGVACp/m3F
JqNzZG5x/790+nLg+7zZas7ocApwJJb3kXhRoeoS0zqKsyvxlcyzdw1x2KZ1ZlGr
CASj2BAmuC+pjtUzk+0Sa4ov7ULh0kWEaaSREKQByxdNLHEH4/g6RsquJZk8FXev
8yv9Q5f4EMyDoUmzAvQNG/g15uS5xAwmjmLjbK2aJ9rcZBJLkbolPfNEtzIWnbul
gf2qwA/5BDNYIgTj2aOzTSj0hlto+bvNwdI/+FTiG/kkjIwmDhHQlsihLcpXebB1
Sqc50CEwMqpFu2kwtMifOFGm9wcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTINuz6
c6z5TlTenPm9oj6Idf+I0TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIyMzJiODYtOWJkNi00MDljLThkZTUtOTJiZmZmMmE4YjVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
wDANBgkqhkiG9w0BAQsFAAOCAQEAiR7uiTIEoPDTPTiMVW1D/7FqawZu73nbl/Me
M6DIaoO6pPWWHdIdyz5M4OsqEJFLAZ7U106pxG5kuWJV1yH/Yd1hfAFDk+8rlLN3
KPw1wt5Xg0nXFYNPAOd5HgpuygRDnxGeIY246lRumTkqgSFxYvRoCHfsE+Ka7AfZ
vX5e04Hi1sdmSs+JaC8UlzBNwAOSIFTpnsQMM/j9wGdnq1ZR0ud1bynPU0AsBIJS
MwmAF8K4sssRwfL7iJSi0/7YkUFmMvlZfeAVtDVW2b2HAy3AFta41KUY+TCFkalE
JaKzoWnPMBhnAFmChB5Q1OwmBfqcsD9O3wGvaWFl6S3g8paguQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:48 2025 by rpki-client