Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa
File: ad017d4e-10ed-4706-a728-1b3d3feae80f.roa (raw, json)
Hash identifier: W/OVW6DSbYtZi4YVk7rzETaXDqdcigYupbjOoBSZ0Eo=
Subject key identifier: 77:79:C7:CB:DB:1F:23:0F:CD:53:CE:AF:53:25:31:6B:86:55:7D:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A63B0B1E4AEBE28C0654DC0376D50E4BB86DCB7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa
Signing time: Mon 01 Sep 2025 21:00:45 +0000
ROA not before: Mon 01 Sep 2025 21:00:45 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:63:b0:b1:e4:ae:be:28:c0:65:4d:c0:37:6d:50:e4:bb:86:dc:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:00:45 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=0f18c0b812a06b563ce2fc46afe1e6ba593a1304518c7980c6acfdc91bbb63fb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ea:a3:8e:01:fa:b0:d0:6a:22:48:d5:78:da:
ab:de:cf:7e:e0:2e:15:61:a8:f6:13:5a:fc:99:a7:
ba:6a:0d:ac:1d:6f:ad:2f:34:50:bf:83:43:2b:21:
65:18:d1:84:04:cd:91:0b:22:f9:88:52:1c:b5:97:
d3:5e:e1:7b:f5:33:15:f3:70:9a:e7:f9:de:81:27:
f5:60:f1:1c:41:28:e6:fa:a0:2a:04:15:8c:e5:a7:
b9:1a:94:36:78:6f:bf:49:ed:50:38:f4:3d:81:13:
90:5a:ac:3a:6f:95:a5:3a:bd:b4:d5:ef:8f:95:18:
55:b0:72:34:1f:49:78:c0:2e:97:28:b3:bf:7a:bf:
dd:31:79:f0:21:63:c2:9b:f7:e3:f8:ff:d1:f3:42:
4e:6c:83:05:04:17:cf:77:d8:e9:0b:04:85:79:5d:
08:77:26:9b:50:89:c2:54:da:61:0f:e1:c4:62:37:
98:34:7d:d3:bb:99:3e:f4:64:cf:5c:1f:01:34:d8:
48:26:f8:f6:bb:b0:04:c0:3b:3c:6d:da:11:0e:18:
32:81:60:0a:6e:be:48:2b:20:82:e0:04:68:03:1e:
68:c4:11:fd:6c:07:71:96:a1:7e:67:8f:33:ed:a9:
bc:14:1d:a2:ca:ee:51:81:fb:fa:87:95:dd:60:29:
cd:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:79:C7:CB:DB:1F:23:0F:CD:53:CE:AF:53:25:31:6B:86:55:7D:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad017d4e-10ed-4706-a728-1b3d3feae80f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
7b:09:bc:af:58:e2:37:b7:08:54:75:d1:70:66:e2:ed:7d:d5:
02:ba:1d:d7:67:14:de:72:c5:75:a3:f4:6e:f6:84:0f:72:03:
00:66:86:c9:e8:91:d2:13:ed:6b:cb:ef:f0:79:cd:ba:21:c9:
fb:92:63:2c:ef:9a:ab:39:6b:ed:37:07:48:d5:57:31:d8:0c:
99:61:33:fd:94:aa:5f:30:2f:80:9d:13:e3:aa:23:d7:44:6f:
3f:59:18:76:38:ff:2c:e5:d4:a2:e1:c1:7c:4f:32:1e:74:7b:
10:a4:d0:1d:74:f5:ef:16:4c:59:18:a9:fe:4d:fe:24:9a:f0:
49:d3:71:30:8b:86:cb:fb:f0:0e:a5:f3:bf:8b:99:6a:7b:62:
71:f2:44:23:7f:d9:fb:33:a0:6f:37:91:d6:a1:80:26:2a:83:
41:4a:51:76:56:93:d4:39:82:74:5b:12:e2:68:ea:1c:fd:0b:
57:64:64:da:f2:db:0c:2d:12:63:ff:1b:16:5d:f4:c7:fe:b5:
ec:58:65:97:b1:3f:4c:a1:46:7f:5a:53:bd:34:fa:ad:34:6f:
fd:19:dc:3e:fc:55:0b:f2:3a:59:8b:76:b3:65:19:75:f2:01:
f1:bb:23:8c:25:46:f3:e1:97:d8:85:9e:b9:55:24:98:a0:d2:
8f:41:87:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOmOwseSuvijAZU3AN21Q5LuG3LcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTAwNDVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmMThjMGI4MTJhMDZiNTYzY2UyZmM0NmFmZTFlNmJhNTkzYTEzMDQ1MThj
Nzk4MGM2YWNmZGM5MWJiYjYzZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHqo44B+rDQaiJI1Xjaq97PfuAuFWGo9hNa/JmnumoNrB1vrS80UL+DQysh
ZRjRhATNkQsi+YhSHLWX017he/UzFfNwmuf53oEn9WDxHEEo5vqgKgQVjOWnuRqU
Nnhvv0ntUDj0PYETkFqsOm+VpTq9tNXvj5UYVbByNB9JeMAulyizv3q/3TF58CFj
wpv34/j/0fNCTmyDBQQXz3fY6QsEhXldCHcmm1CJwlTaYQ/hxGI3mDR907uZPvRk
z1wfATTYSCb49ruwBMA7PG3aEQ4YMoFgCm6+SCsgguAEaAMeaMQR/WwHcZahfmeP
M+2pvBQdosruUYH7+oeV3WApzVkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR3ecfL
2x8jD81Tzq9TJTFrhlV90DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWQwMTdkNGUtMTBlZC00NzA2LWE3MjgtMWIzZDNmZWFlODBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9A
MA0GCSqGSIb3DQEBCwUAA4IBAQB7CbyvWOI3twhUddFwZuLtfdUCuh3XZxTecsV1
o/Ru9oQPcgMAZobJ6JHSE+1ry+/wec26Icn7kmMs75qrOWvtNwdI1Vcx2AyZYTP9
lKpfMC+AnRPjqiPXRG8/WRh2OP8s5dSi4cF8TzIedHsQpNAddPXvFkxZGKn+Tf4k
mvBJ03Ewi4bL+/AOpfO/i5lqe2Jx8kQjf9n7M6BvN5HWoYAmKoNBSlF2VpPUOYJ0
WxLiaOoc/QtXZGTa8tsMLRJj/xsWXfTH/rXsWGWXsT9MoUZ/WlO9NPqtNG/9Gdw+
/FUL8jpZi3azZRl18gHxuyOMJUbz4ZfYhZ65VSSYoNKPQYe2
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:45 2025 by rpki-client