Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
File: bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa (raw, json)
Hash identifier: VXS6lsVTG9+W3C2cvvOD0fSpnuCuSWEHtSiOyvJPYYs=
Subject key identifier: 20:3F:A9:74:EE:A8:07:A2:2B:8B:23:BD:5B:3A:40:9C:9B:6C:69:0B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4EC8EAECDB7FF53370B1659B1055F3523AC3D1F8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
Signing time: Mon 01 Sep 2025 20:51:34 +0000
ROA not before: Mon 01 Sep 2025 20:51:34 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:c8:ea:ec:db:7f:f5:33:70:b1:65:9b:10:55:f3:52:3a:c3:d1:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:51:34 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=93eeda2c7f49fe34a4525f6a753f60f091da88d0ca22e363f536b978de6332b3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:54:fb:f2:6d:6b:78:47:57:15:e9:48:a8:ff:
b6:82:02:ca:09:d9:ee:fe:db:68:e7:f4:e5:5f:67:
ab:91:5b:40:6c:4b:48:34:5e:20:98:67:26:87:fd:
ce:09:2f:6d:24:0f:92:8b:51:31:55:0f:27:17:c6:
f7:35:ec:eb:89:0d:0f:ab:05:58:6f:e3:aa:e1:21:
42:4d:6e:9f:e1:89:fe:36:ab:02:29:94:fe:f2:10:
50:9d:35:c5:10:51:e0:4f:da:ef:f3:5f:70:d2:ee:
0f:ce:fe:4d:83:ff:8a:9d:64:e3:25:59:4a:b7:9c:
8d:35:94:d4:9f:2e:9b:6f:b2:a1:20:03:fc:b0:a9:
0e:b7:0c:4f:c8:24:26:dd:4f:c0:91:ae:09:2d:62:
85:5d:5b:93:d2:db:bf:df:c7:f3:3a:86:45:17:66:
d3:7c:bc:b4:00:3a:df:b5:bd:69:f6:ba:8a:67:be:
76:a8:95:5e:e4:35:c2:83:8c:6e:08:58:7f:68:85:
e1:4e:2b:8b:71:f3:8d:a5:79:78:4a:30:56:2b:eb:
e4:ad:29:bd:92:aa:73:6e:a0:42:9b:2f:b5:c3:df:
33:9f:60:11:ea:d9:b3:fc:82:53:50:24:66:9c:e3:
50:b9:ba:c7:d6:24:2d:90:ef:03:30:96:66:c0:0a:
53:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:3F:A9:74:EE:A8:07:A2:2B:8B:23:BD:5B:3A:40:9C:9B:6C:69:0B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:5000::/40
Signature Algorithm: sha256WithRSAEncryption
42:b6:6a:31:d1:f7:f9:d2:ef:f8:0d:da:5c:dd:ab:1a:81:24:
68:f9:55:ee:98:90:c7:cb:89:fc:be:72:3f:a6:fa:9f:7c:7e:
2a:c4:85:10:b3:d0:ac:0c:40:9e:33:e5:8d:8b:ca:0d:97:63:
0e:ba:07:45:64:58:63:ba:1a:78:0d:de:32:1e:c4:35:ed:7a:
64:d3:28:62:6d:4c:7d:e8:e7:7a:34:72:8e:f4:91:34:cc:4e:
0e:18:9f:71:a6:8f:72:e1:d0:d1:9b:9b:24:8c:34:47:0b:63:
6c:7e:55:60:93:fc:a6:c6:ef:ff:28:36:b9:b2:55:49:d1:15:
62:40:b8:1a:66:1a:87:8a:78:4c:3c:ef:87:21:1c:23:e3:4a:
a2:16:93:fb:13:0c:07:d8:28:b5:5d:f2:11:37:5d:73:f7:f4:
9f:5b:4c:6f:dd:bb:81:15:0c:cd:37:47:5b:61:25:f4:e5:24:
fe:36:d8:e3:65:99:29:08:31:6c:c7:9d:d4:c5:fb:84:ed:ae:
76:d8:df:8d:49:ab:40:7c:d9:52:bc:c2:84:95:c5:50:84:d4:
ca:c8:48:11:08:2a:b3:e0:a6:d5:e1:54:e5:e5:be:03:10:86:
e6:6d:39:c2:bd:b0:5b:9c:3b:55:f0:6d:6a:ca:7a:cc:4d:63:
58:36:98:21
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTsjq7Nt/9TNwsWWbEFXzUjrD0fgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUxMzRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzZWVkYTJjN2Y0OWZlMzRhNDUyNWY2YTc1M2Y2MGYwOTFkYTg4ZDBjYTIy
ZTM2M2Y1MzZiOTc4ZGU2MzMyYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlU+/Jta3hHVxXpSKj/toICygnZ7v7baOf05V9nq5FbQGxLSDReIJhnJof9
zgkvbSQPkotRMVUPJxfG9zXs64kND6sFWG/jquEhQk1un+GJ/jarAimU/vIQUJ01
xRBR4E/a7/NfcNLuD87+TYP/ip1k4yVZSrecjTWU1J8um2+yoSAD/LCpDrcMT8gk
Jt1PwJGuCS1ihV1bk9Lbv9/H8zqGRRdm03y8tAA637W9afa6ime+dqiVXuQ1woOM
bghYf2iF4U4ri3HzjaV5eEowVivr5K0pvZKqc26gQpsvtcPfM59gEerZs/yCU1Ak
ZpzjULm6x9YkLZDvAzCWZsAKUwsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQgP6l0
7qgHoiuLI71bOkCcm2xpCzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmM2OWY4ZjYtMDNjOC00NDY4LWE5OGEtZjIzZmU0MGVlYWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBCtmox0ff50u/4Ddpc3asagSRo+VXumJDHy4n8
vnI/pvqffH4qxIUQs9CsDECeM+WNi8oNl2MOugdFZFhjuhp4Dd4yHsQ17Xpk0yhi
bUx96Od6NHKO9JE0zE4OGJ9xpo9y4dDRm5skjDRHC2NsflVgk/ymxu//KDa5slVJ
0RViQLgaZhqHinhMPO+HIRwj40qiFpP7EwwH2Ci1XfIRN11z9/SfW0xv3buBFQzN
N0dbYSX05ST+NtjjZZkpCDFsx53UxfuE7a522N+NSatAfNlSvMKElcVQhNTKyEgR
CCqz4KbV4VTl5b4DEIbmbTnCvbBbnDtV8G1qynrMTWNYNpgh
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:10 2025 by rpki-client