Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
File: b0fb422a-c1ce-4269-b503-2c8145fc798a.roa (raw, json)
Hash identifier: eTqBryP+QFr7clrr2WtrkJfAuIAb4SxcHqKaa8Dsn9g=
Subject key identifier: 22:2F:D0:D6:E8:2B:E8:0F:0D:15:B1:E1:56:3F:89:06:17:12:EE:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4A5AA55B4A75597B46432A94AA1EC36BC8177E9A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
Signing time: Mon 01 Sep 2025 20:21:03 +0000
ROA not before: Mon 01 Sep 2025 20:21:03 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:5a:a5:5b:4a:75:59:7b:46:43:2a:94:aa:1e:c3:6b:c8:17:7e:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:21:03 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=ebf336ebf66c62109376f7e890f74be7fd3882f0de212d3712c969f9887561a0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a2:55:c5:57:56:bc:0f:20:79:91:7f:cc:87:
a2:eb:5f:7b:35:5d:8e:7b:89:8c:06:c1:7b:a7:a8:
6f:86:0d:49:8a:cc:1c:9a:e7:05:ae:8e:a3:b4:27:
66:67:93:29:01:3c:49:70:64:c9:35:22:15:a9:42:
00:a3:49:d5:20:30:05:cc:7a:e3:10:1b:0e:b8:82:
5c:d4:4c:dd:08:96:02:16:c6:ab:70:92:f3:23:21:
ef:b6:85:8a:3f:2b:1f:bd:4a:0e:f8:ca:65:04:33:
2b:09:c4:44:f3:01:40:83:31:6e:14:16:a2:aa:ae:
66:df:9b:a9:8d:1f:cc:58:cd:79:91:44:b4:da:6b:
d2:ea:99:1a:94:bc:74:ff:3e:a0:1b:ff:28:1b:08:
7f:58:91:71:4c:ce:87:b6:41:ea:06:3a:39:3d:af:
89:9f:04:e7:d8:ac:26:73:0f:92:3a:44:39:0e:d0:
05:d8:10:0a:7b:76:45:6c:82:e4:4b:82:34:68:e9:
26:99:af:2f:a6:8f:06:c7:e6:30:cb:d5:25:e2:8f:
98:8c:e0:1b:1e:e7:74:c4:95:e2:c7:b0:de:d6:80:
c0:91:38:4d:d5:35:eb:44:75:cc:04:13:d2:a9:9a:
f7:1a:3f:e7:0c:87:ac:79:ed:0e:0b:f8:1d:3f:15:
58:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:2F:D0:D6:E8:2B:E8:0F:0D:15:B1:E1:56:3F:89:06:17:12:EE:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b0fb422a-c1ce-4269-b503-2c8145fc798a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a020::/48
Signature Algorithm: sha256WithRSAEncryption
08:54:76:1e:86:f0:db:04:0c:a4:82:a1:b2:b8:45:08:25:4c:
97:e9:d2:4a:ee:23:6d:25:5f:81:b5:61:92:a4:46:cd:8a:f6:
ab:cc:88:b9:04:62:f1:d2:24:3e:55:c8:72:1f:11:73:a2:3a:
ac:6e:e4:a5:be:95:0a:5b:b5:aa:ab:a4:dc:a5:31:ca:fc:9c:
c2:12:5a:81:cc:ba:9d:a2:e3:e5:67:ed:c7:db:d1:4f:28:db:
3e:c7:e5:58:76:40:3f:b3:fe:85:7e:9c:29:98:bf:89:84:59:
ce:f7:f1:03:00:fb:c9:8f:75:68:05:7d:f9:59:d7:0b:9e:c3:
bc:a9:4f:eb:d2:1d:bf:dc:e9:2e:44:32:0d:bc:9e:73:63:74:
4a:6f:19:f0:1c:6e:23:7e:b3:76:6c:13:f0:de:23:00:f0:d7:
01:32:fb:72:53:d3:d1:43:28:c5:95:d6:eb:de:86:b0:9b:da:
02:13:a2:04:39:97:c8:95:7b:be:89:c4:25:e3:f4:50:41:3d:
9d:e9:1a:f9:a6:88:a5:f2:f5:c4:6c:01:7e:7d:ff:fd:aa:c3:
51:08:99:e6:35:49:f7:8e:9d:78:35:e2:73:ce:bd:20:ec:74:
6f:89:6b:c9:d5:4e:c1:20:a6:24:8a:ef:e2:a9:16:76:d6:e5:
91:ff:62:3a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSlqlW0p1WXtGQyqUqh7Da8gXfpowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIxMDNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGViZjMzNmViZjY2YzYyMTA5Mzc2ZjdlODkwZjc0YmU3ZmQzODgyZjBkZTIx
MmQzNzEyYzk2OWY5ODg3NTYxYTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqiVcVXVrwPIHmRf8yHoutfezVdjnuJjAbBe6eob4YNSYrMHJrnBa6Oo7Qn
ZmeTKQE8SXBkyTUiFalCAKNJ1SAwBcx64xAbDriCXNRM3QiWAhbGq3CS8yMh77aF
ij8rH71KDvjKZQQzKwnERPMBQIMxbhQWoqquZt+bqY0fzFjNeZFEtNpr0uqZGpS8
dP8+oBv/KBsIf1iRcUzOh7ZB6gY6OT2viZ8E59isJnMPkjpEOQ7QBdgQCnt2RWyC
5EuCNGjpJpmvL6aPBsfmMMvVJeKPmIzgGx7ndMSV4sew3taAwJE4TdU160R1zAQT
0qma9xo/5wyHrHntDgv4HT8VWHECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQiL9DW
6CvoDw0VseFWP4kGFxLurjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjBmYjQyMmEtYzFjZS00MjY5LWI1MDMtMmM4MTQ1ZmM3OThhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
IDANBgkqhkiG9w0BAQsFAAOCAQEACFR2Hobw2wQMpIKhsrhFCCVMl+nSSu4jbSVf
gbVhkqRGzYr2q8yIuQRi8dIkPlXIch8Rc6I6rG7kpb6VClu1qquk3KUxyvycwhJa
gcy6naLj5Wftx9vRTyjbPsflWHZAP7P+hX6cKZi/iYRZzvfxAwD7yY91aAV9+VnX
C57DvKlP69Idv9zpLkQyDbyec2N0Sm8Z8BxuI36zdmwT8N4jAPDXATL7clPT0UMo
xZXW696GsJvaAhOiBDmXyJV7vonEJeP0UEE9neka+aaIpfL1xGwBfn3//arDUQiZ
5jVJ946deDXic869IOx0b4lrydVOwSCmJIrv4qkWdtblkf9iOg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:18:33 2025 by rpki-client