Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
File: bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa (raw, json)
Hash identifier: Vs1PFBvaaRPa0IbU2WcCyHWIdApiWUzKHBhRWJbYaDc=
Subject key identifier: EF:08:32:E1:B7:37:77:0D:23:A6:35:45:01:F4:DA:7E:C1:52:AF:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12A97AF7B59436C43615291C5B87EA2E246B2022
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
Signing time: Mon 01 Sep 2025 20:51:23 +0000
ROA not before: Mon 01 Sep 2025 20:51:23 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:a9:7a:f7:b5:94:36:c4:36:15:29:1c:5b:87:ea:2e:24:6b:20:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:51:23 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=f0e5bf025be7160b49b72486c9a7fbd444f2a98638639f176349a6326878d2cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b6:90:e1:90:53:eb:92:b6:11:11:0f:e1:d0:
7c:87:dc:4a:5e:a4:51:65:d3:a7:d4:9f:f2:24:10:
ad:7d:7f:c3:17:bf:ea:80:51:28:91:93:90:3b:b8:
77:5b:b9:86:d9:c0:66:b7:1c:3b:14:83:77:98:36:
47:60:2c:a1:92:bd:d2:07:b3:7e:0c:3d:bd:cc:92:
54:3c:cc:c9:78:00:e1:c0:90:10:21:a8:77:22:00:
f0:a9:11:8b:12:66:f5:c8:58:87:a1:69:e9:54:45:
89:d0:ce:34:14:ea:54:0e:56:b4:1c:ea:fd:8c:18:
66:70:e2:18:2d:5b:da:d7:7a:42:56:41:43:70:bd:
4f:98:49:f4:65:50:d9:9f:5f:17:15:bc:8b:e4:4d:
18:2e:71:3a:a1:f6:9a:3f:85:45:36:6b:c9:86:63:
29:06:ef:3c:94:e9:a1:dd:82:44:41:c1:5b:ab:26:
76:b3:61:2b:29:98:0a:b6:c6:10:e4:83:eb:cc:6e:
dc:55:e5:33:72:59:6c:f2:ed:ec:4a:a7:41:9b:ab:
da:97:d5:5f:0e:e1:1e:e4:1f:16:6b:de:13:64:5b:
f4:55:1d:ba:ec:10:99:62:1d:52:1a:b1:4a:6d:07:
85:57:bc:61:b0:53:a3:cf:7b:26:c1:65:7d:e2:67:
2f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:08:32:E1:B7:37:77:0D:23:A6:35:45:01:F4:DA:7E:C1:52:AF:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bb21710a-a37a-4476-ab6b-3d079e9d1cc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:4000::/40
Signature Algorithm: sha256WithRSAEncryption
9c:8c:29:70:6e:9f:eb:43:71:e0:8d:be:3a:60:61:49:83:8a:
de:f6:dc:a4:8f:29:0a:58:01:08:45:dd:60:8c:36:8c:ea:e3:
84:71:aa:83:51:fd:ad:3f:c4:3c:f5:8d:3e:94:49:47:76:71:
a4:2a:28:7a:e4:de:7f:fa:79:fe:92:ca:b4:4c:29:43:9b:de:
05:51:3e:ad:70:0e:3d:0b:63:66:03:1f:37:79:09:a1:5f:c6:
cc:32:a8:0c:21:96:2e:2a:bf:4b:f0:e7:15:3a:f8:0c:69:c9:
5d:25:54:57:98:3a:a0:52:3b:82:5d:62:25:3d:fa:83:92:e6:
76:ba:60:92:f1:4d:df:26:76:25:20:c3:be:99:db:46:19:63:
1c:20:67:93:5a:a8:1d:d4:69:53:e4:82:98:71:eb:51:6e:68:
62:cd:86:cf:9f:16:b9:4e:a6:6a:1c:fa:19:bd:cc:a7:a9:cc:
5c:2c:cd:22:bb:57:66:95:f0:19:d8:38:d4:ab:fa:cc:6d:5d:
c7:c2:ba:da:69:67:da:4e:ec:61:4d:af:d8:bc:91:98:e6:78:
c3:5e:cb:e8:5f:40:dc:f2:a1:8a:99:ec:33:b1:46:cf:a5:69:
ec:db:9e:0e:7a:d6:6f:dd:24:e7:54:3a:4b:70:98:24:96:0a:
0b:01:6b:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEql697WUNsQ2FSkcW4fqLiRrICIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUxMjNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwZTViZjAyNWJlNzE2MGI0OWI3MjQ4NmM5YTdmYmQ0NDRmMmE5ODYzODYz
OWYxNzYzNDlhNjMyNjg3OGQyY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJe2kOGQU+uSthERD+HQfIfcSl6kUWXTp9Sf8iQQrX1/wxe/6oBRKJGTkDu4
d1u5htnAZrccOxSDd5g2R2AsoZK90gezfgw9vcySVDzMyXgA4cCQECGodyIA8KkR
ixJm9chYh6Fp6VRFidDONBTqVA5WtBzq/YwYZnDiGC1b2td6QlZBQ3C9T5hJ9GVQ
2Z9fFxW8i+RNGC5xOqH2mj+FRTZryYZjKQbvPJTpod2CREHBW6smdrNhKymYCrbG
EOSD68xu3FXlM3JZbPLt7EqnQZur2pfVXw7hHuQfFmveE2Rb9FUduuwQmWIdUhqx
Sm0HhVe8YbBTo897JsFlfeJnL00CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTvCDLh
tzd3DSOmNUUB9Np+wVKvATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmIyMTcxMGEtYTM3YS00NDc2LWFiNmItM2QwNzllOWQxY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H5A
MA0GCSqGSIb3DQEBCwUAA4IBAQCcjClwbp/rQ3Hgjb46YGFJg4re9tykjykKWAEI
Rd1gjDaM6uOEcaqDUf2tP8Q89Y0+lElHdnGkKih65N5/+nn+ksq0TClDm94FUT6t
cA49C2NmAx83eQmhX8bMMqgMIZYuKr9L8OcVOvgMacldJVRXmDqgUjuCXWIlPfqD
kuZ2umCS8U3fJnYlIMO+mdtGGWMcIGeTWqgd1GlT5IKYcetRbmhizYbPnxa5TqZq
HPoZvcynqcxcLM0iu1dmlfAZ2DjUq/rMbV3HwrraaWfaTuxhTa/YvJGY5njDXsvo
X0Dc8qGKmewzsUbPpWns254OetZv3STnVDpLcJgklgoLAWtQ
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:46 2025 by rpki-client