Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
File: b4bc5ce4-db80-4527-b720-60a744036322.roa (raw, json)
Hash identifier: g72XgoJNgfh4abcYDNxw7OmGJL5lbMiP5XxADha7G6M=
Subject key identifier: 0B:B3:32:AC:79:4F:92:30:5C:8F:84:28:29:08:6E:B5:01:09:BA:98
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6377CDF63376BB01F8E987ED0452AF987BE578ED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
Signing time: Mon 01 Sep 2025 20:30:50 +0000
ROA not before: Mon 01 Sep 2025 20:30:50 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:77:cd:f6:33:76:bb:01:f8:e9:87:ed:04:52:af:98:7b:e5:78:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:50 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=033d776121e7d69848f491f74ded8ccc132f0d46ba65393947d331612ca18cd9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f1:d7:b8:b5:94:f1:e2:78:1e:90:23:d1:8a:
e2:50:32:97:96:94:a6:71:a9:4d:5f:fd:45:5e:f3:
93:69:83:d0:ef:61:1a:9e:1f:44:05:47:61:2a:01:
27:91:96:e5:2c:14:fb:2a:67:ea:f9:b1:77:2c:7d:
f4:1e:6f:f2:8a:68:07:2f:ad:44:9c:20:7c:29:c2:
b8:66:01:16:0a:11:1c:f3:6b:99:c7:45:46:1a:df:
13:6f:04:6e:26:b7:3a:0e:c5:96:42:e5:bf:a0:bc:
0b:31:a7:4c:b0:5a:ec:fe:2f:cf:39:5f:56:87:19:
bd:c6:2e:d2:8d:a6:1a:80:25:2b:8f:a0:af:9f:5e:
0f:97:76:b4:d1:8b:1a:ad:6a:62:eb:2e:cb:35:14:
21:60:49:03:d4:11:3f:d4:98:4d:3d:2d:b7:00:b5:
67:18:b7:f2:73:5b:92:89:a3:ce:4c:30:b7:a7:bf:
35:15:53:e4:29:ec:0e:66:7f:4b:b8:09:1d:2c:6d:
03:81:35:85:82:75:6b:da:93:6b:5e:6f:de:2e:ee:
0f:9c:0a:d1:85:f0:e4:8f:53:70:f4:18:a7:be:87:
dd:52:5d:e4:ca:5f:f4:81:58:19:d8:5c:9b:fd:b0:
8e:bc:5d:44:83:5d:ea:b7:02:30:29:35:d4:40:ee:
50:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B3:32:AC:79:4F:92:30:5C:8F:84:28:29:08:6E:B5:01:09:BA:98
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b4bc5ce4-db80-4527-b720-60a744036322.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:b000::/40
Signature Algorithm: sha256WithRSAEncryption
37:e1:49:2d:3b:9d:41:a3:8c:ac:42:49:f2:e2:d1:73:1e:6f:
2f:ed:72:9f:98:56:fc:df:fe:b3:74:c9:16:36:d7:34:68:92:
8f:9c:d4:c7:26:78:58:b2:b0:18:c1:69:73:1a:e2:78:f6:27:
1d:5d:be:92:74:ae:d1:f8:d1:3d:c4:91:f1:6a:ac:76:00:86:
dd:29:5c:f5:d0:5e:36:c4:a1:32:24:1a:5e:1f:20:3f:8a:fc:
0a:5f:c4:ae:8f:2c:23:4d:df:94:69:3c:f5:e8:9b:37:4a:27:
72:8c:41:2f:b5:b4:d8:3a:ed:c2:ff:e3:27:bc:cf:84:7e:77:
f3:2e:99:1f:3e:c3:96:f1:ad:1b:79:95:9c:06:24:bc:07:61:
d8:61:7a:56:4e:96:91:3a:6b:18:5d:af:69:57:80:69:06:fa:
32:a7:92:38:81:8a:d4:8f:f9:de:6f:e5:74:be:6a:71:c1:9e:
fc:de:cf:de:61:46:f8:f4:c8:db:b2:9f:8b:db:ea:a4:db:57:
47:da:13:b3:39:eb:f1:07:4c:72:1f:31:91:e1:3a:b7:fc:44:
6a:69:f4:76:2f:e3:81:d7:dd:de:32:8d:64:f4:6f:66:ed:76:
8c:94:69:85:13:bf:90:f0:29:2a:94:ae:7d:f2:98:a0:22:d3:
9c:0a:57:e7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY3fN9jN2uwH46YftBFKvmHvleO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwNTBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzM2Q3NzYxMjFlN2Q2OTg0OGY0OTFmNzRkZWQ4Y2NjMTMyZjBkNDZiYTY1
MzkzOTQ3ZDMzMTYxMmNhMThjZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvx17i1lPHieB6QI9GK4lAyl5aUpnGpTV/9RV7zk2mD0O9hGp4fRAVHYSoB
J5GW5SwU+ypn6vmxdyx99B5v8opoBy+tRJwgfCnCuGYBFgoRHPNrmcdFRhrfE28E
bia3Og7FlkLlv6C8CzGnTLBa7P4vzzlfVocZvcYu0o2mGoAlK4+gr59eD5d2tNGL
Gq1qYusuyzUUIWBJA9QRP9SYTT0ttwC1Zxi38nNbkomjzkwwt6e/NRVT5CnsDmZ/
S7gJHSxtA4E1hYJ1a9qTa15v3i7uD5wK0YXw5I9TcPQYp76H3VJd5Mpf9IFYGdhc
m/2wjrxdRINd6rcCMCk11EDuUBcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQLszKs
eU+SMFyPhCgpCG61AQm6mDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjRiYzVjZTQtZGI4MC00NTI3LWI3MjAtNjBhNzQ0MDM2MzIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6w
MA0GCSqGSIb3DQEBCwUAA4IBAQA34UktO51Bo4ysQkny4tFzHm8v7XKfmFb83/6z
dMkWNtc0aJKPnNTHJnhYsrAYwWlzGuJ49icdXb6SdK7R+NE9xJHxaqx2AIbdKVz1
0F42xKEyJBpeHyA/ivwKX8SujywjTd+UaTz16Js3SidyjEEvtbTYOu3C/+MnvM+E
fnfzLpkfPsOW8a0beZWcBiS8B2HYYXpWTpaROmsYXa9pV4BpBvoyp5I4gYrUj/ne
b+V0vmpxwZ783s/eYUb49Mjbsp+L2+qk21dH2hOzOevxB0xyHzGR4Tq3/ERqafR2
L+OB193eMo1k9G9m7XaMlGmFE7+Q8CkqlK598pigItOcClfn
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:00 2025 by rpki-client