Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdd33562-2653-4549-84dc-25f96aa10a83.roa
File: bdd33562-2653-4549-84dc-25f96aa10a83.roa (raw, json)
Hash identifier: JqKXCQvvwxly3fb9IT1sgNw9ZMDbJu6novDtv4g/utI=
Subject key identifier: 2F:8C:90:98:22:6E:6A:42:55:9A:2D:43:C3:9D:BB:E7:30:A4:F8:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F4394ABA958E8C9F3F9B9A907A9B6F763AC772C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdd33562-2653-4549-84dc-25f96aa10a83.roa
Signing time: Mon 01 Sep 2025 21:21:01 +0000
ROA not before: Mon 01 Sep 2025 21:21:01 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d021::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:43:94:ab:a9:58:e8:c9:f3:f9:b9:a9:07:a9:b6:f7:63:ac:77:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:21:01 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=08cc073b61154d2c9707d03fa01f8ba3b0366144f0ccdcba5bd12c33a8554c79, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6d:eb:72:81:a2:f4:6a:25:9c:14:40:32:50:
5e:62:28:d3:37:82:a8:7f:0f:e0:85:3d:2a:5f:b8:
9e:93:e8:23:7b:e2:6e:3a:ec:4f:16:25:16:bb:72:
da:08:62:e6:c4:ed:b4:b3:c9:49:70:9a:e2:d3:08:
f2:cb:75:7f:74:46:d1:ad:7a:76:72:7f:b4:cc:b5:
95:a6:14:b7:1c:21:a6:5c:32:b2:1a:dc:85:94:5b:
35:42:39:d8:0d:7e:52:42:67:1f:72:ff:be:0c:14:
9a:78:3f:82:30:75:6c:b3:c6:eb:b6:2e:38:d3:cf:
00:62:22:13:e3:cc:19:e5:14:a3:39:ad:27:c9:b8:
33:23:7f:bf:5a:32:bf:00:55:6c:b0:a6:1f:33:21:
5d:80:ab:f5:25:aa:fc:68:80:13:d1:97:28:75:e9:
c6:5f:66:26:cb:3d:06:7f:2b:b7:e1:f0:5b:1b:45:
fa:0e:18:60:8b:45:fc:6a:ac:49:1e:b6:65:d9:1e:
f4:bb:b5:ba:a3:e5:b6:78:20:bd:54:16:fb:ff:3d:
cc:7d:e2:c5:5a:ba:a5:1f:6b:dd:dc:64:23:7d:3d:
97:5b:e2:c8:66:c1:dc:07:3b:81:6e:94:5f:5e:c8:
77:6d:cb:0a:4c:b7:22:e6:88:10:a0:1d:a2:3e:cd:
05:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:8C:90:98:22:6E:6A:42:55:9A:2D:43:C3:9D:BB:E7:30:A4:F8:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bdd33562-2653-4549-84dc-25f96aa10a83.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d021::/36
Signature Algorithm: sha256WithRSAEncryption
1a:c0:6b:99:49:da:c0:5a:3e:50:e8:5b:c4:3b:49:99:70:47:
59:95:e9:d8:62:d3:f6:c8:71:7a:18:29:20:b8:c5:ed:7c:2c:
a3:2a:87:1b:0f:6c:5c:90:82:39:f4:f1:f2:a7:b6:bb:6d:3e:
61:17:54:f6:cd:a1:35:cc:02:11:71:5b:2c:de:07:92:5e:20:
f8:79:41:88:ed:00:c7:4a:0c:6e:ac:13:62:05:54:97:5d:3a:
6b:67:06:25:f8:23:34:f8:f1:0a:c2:3d:ad:ca:31:98:0d:31:
e9:0a:65:cd:db:41:b8:18:43:03:6c:f7:3c:cf:f6:70:31:e7:
1a:86:e6:bd:47:88:4f:87:fd:24:0b:4c:2e:98:73:57:69:5b:
16:1e:e4:56:74:37:eb:8b:88:92:a5:0a:41:d7:b7:56:c7:eb:
56:a6:f5:aa:30:44:8e:d6:9f:c9:0c:55:f2:e2:3e:45:e4:9e:
a9:04:04:07:24:71:2e:d0:0d:b1:df:93:66:26:cc:b6:63:58:
5a:c8:b4:33:c6:7e:cf:aa:f1:da:5f:80:b5:c0:45:72:92:0d:
60:8f:34:91:a0:4b:5c:7f:58:a4:bd:d9:3d:1c:df:9c:84:9d:
07:87:1f:8a:ff:cd:8a:8c:7d:e4:46:38:de:a9:fc:3c:40:2c:
ef:c5:15:e8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX0OUq6lY6Mnz+bmpB6m292OsdywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIxMDFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4Y2MwNzNiNjExNTRkMmM5NzA3ZDAzZmEwMWY4YmEzYjAzNjYxNDRmMGNj
ZGNiYTViZDEyYzMzYTg1NTRjNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1t63KBovRqJZwUQDJQXmIo0zeCqH8P4IU9Kl+4npPoI3vibjrsTxYlFrty
2ghi5sTttLPJSXCa4tMI8st1f3RG0a16dnJ/tMy1laYUtxwhplwyshrchZRbNUI5
2A1+UkJnH3L/vgwUmng/gjB1bLPG67YuONPPAGIiE+PMGeUUozmtJ8m4MyN/v1oy
vwBVbLCmHzMhXYCr9SWq/GiAE9GXKHXpxl9mJss9Bn8rt+HwWxtF+g4YYItF/Gqs
SR62Zdke9Lu1uqPltnggvVQW+/89zH3ixVq6pR9r3dxkI309l1viyGbB3Ac7gW6U
X17Id23LCky3IuaIEKAdoj7NBTkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQvjJCY
Im5qQlWaLUPDnbvnMKT4HDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmRkMzM1NjItMjY1My00NTQ5LTg0ZGMtMjVmOTZhYTEwYTgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CEA
MA0GCSqGSIb3DQEBCwUAA4IBAQAawGuZSdrAWj5Q6FvEO0mZcEdZlenYYtP2yHF6
GCkguMXtfCyjKocbD2xckII59PHyp7a7bT5hF1T2zaE1zAIRcVss3geSXiD4eUGI
7QDHSgxurBNiBVSXXTprZwYl+CM0+PEKwj2tyjGYDTHpCmXN20G4GEMDbPc8z/Zw
Mecahua9R4hPh/0kC0wumHNXaVsWHuRWdDfri4iSpQpB17dWx+tWpvWqMESO1p/J
DFXy4j5F5J6pBAQHJHEu0A2x35NmJsy2Y1hayLQzxn7PqvHaX4C1wEVykg1gjzSR
oEtcf1ikvdk9HN+chJ0Hhx+K/82KjH3kRjjeqfw8QCzvxRXo
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:47 2025 by rpki-client