Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
File: be1170a3-5a68-4c9c-8b51-b7efde64b945.roa (raw, json)
Hash identifier: /4R/2qRjAIaRDUEUdRd8UH7zBTHTsJRbyE821xBxyAY=
Subject key identifier: 24:D3:24:9E:12:E8:06:B7:C2:6C:05:E3:D0:43:E1:CC:01:13:2B:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35373909E9AE80E10BD426702CC5DDBED231F307
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
Signing time: Mon 01 Sep 2025 20:31:10 +0000
ROA not before: Mon 01 Sep 2025 20:31:10 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 07:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:37:39:09:e9:ae:80:e1:0b:d4:26:70:2c:c5:dd:be:d2:31:f3:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:31:10 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=26351d8fef4b8a19507b7981995531f412cee1780b1586ade2e8c5b13ebdb81c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2a:24:b8:fe:db:fd:86:1e:19:cf:d5:41:19:
e6:b7:4d:d7:9d:68:d8:ef:1c:c9:6a:18:89:ee:bd:
45:2e:64:97:d1:26:e5:7b:94:57:4d:e3:83:55:6d:
e3:08:b6:f2:0a:e1:0f:99:79:c5:e8:95:c5:70:06:
a2:3d:53:f4:0a:24:84:dd:ad:75:fc:fd:e5:49:2f:
37:dc:1d:b0:7e:e3:09:93:c2:b7:02:e4:0f:5c:5b:
5d:c4:b6:db:54:3c:1b:10:01:09:89:ff:27:65:a3:
93:f0:31:3b:13:28:ac:60:b7:75:bc:34:1a:d7:57:
24:73:04:26:e2:38:a8:04:9e:ad:8e:bd:0c:df:40:
cc:0e:30:a8:eb:7b:f0:c7:11:ef:38:b2:1e:0d:7c:
a9:6e:f2:a7:0e:20:54:ad:55:17:58:f2:ce:52:57:
17:30:e8:14:ba:fc:c8:5d:1b:a8:25:43:9f:94:31:
b8:eb:ba:df:ea:ef:15:8e:58:60:0d:dc:86:a2:c8:
28:73:81:2a:57:b1:81:d3:cc:aa:d5:83:0d:79:12:
58:39:b3:39:61:0d:7f:11:b5:03:37:c6:13:ff:a5:
5d:6b:99:e7:bb:1d:1c:f2:0f:63:b1:3b:5c:02:12:
93:90:8f:fa:75:95:6e:bc:7c:9c:0e:c0:04:22:94:
c0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D3:24:9E:12:E8:06:B7:C2:6C:05:E3:D0:43:E1:CC:01:13:2B:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be1170a3-5a68-4c9c-8b51-b7efde64b945.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:6000::/40
Signature Algorithm: sha256WithRSAEncryption
ba:ec:ef:33:2b:f1:ca:67:b4:ff:5b:cd:b3:d7:6b:52:95:80:
e5:bb:8e:f3:93:18:ff:09:91:45:a7:58:77:be:f3:06:27:be:
91:1c:cf:ec:f8:9c:7f:c5:ae:5e:93:e2:5f:9a:bf:6e:2c:87:
ea:74:22:29:1f:44:5f:0c:ea:1a:ec:40:8c:05:a7:54:6b:68:
1c:63:04:71:fb:3d:c9:17:a8:ab:27:84:9e:50:dc:98:9d:c4:
45:eb:c8:ff:00:d8:8c:3c:47:9f:94:9d:44:ad:e2:e8:35:39:
01:16:42:f7:8d:ee:14:d1:ef:f1:f2:7e:3c:34:86:74:24:c5:
3d:71:2a:c6:0a:85:fe:3f:fd:a5:0f:df:44:e4:0f:7a:bc:e7:
da:c1:d7:a3:ea:e9:b5:7a:7d:b6:ea:6e:6c:83:ff:1f:20:52:
a3:a3:df:e6:1d:74:14:3c:c7:6a:23:8f:d3:36:59:44:ee:e2:
59:ff:d3:85:40:2e:60:59:29:69:c7:26:28:24:ec:e2:24:df:
d6:c8:cf:fc:ba:26:99:59:74:3d:93:23:8a:ac:7e:1c:3d:56:
52:c8:40:67:23:47:2d:7f:87:2b:34:f2:55:0d:01:96:32:15:
98:00:12:b9:33:4b:a5:60:90:6a:99:20:99:e1:5c:15:57:88:
3c:4c:79:3d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNTc5CemugOEL1CZwLMXdvtIx8wcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMxMTBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2MzUxZDhmZWY0YjhhMTk1MDdiNzk4MTk5NTUzMWY0MTJjZWUxNzgwYjE1
ODZhZGUyZThjNWIxM2ViZGI4MWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIqJLj+2/2GHhnP1UEZ5rdN151o2O8cyWoYie69RS5kl9Em5XuUV03jg1Vt
4wi28grhD5l5xeiVxXAGoj1T9AokhN2tdfz95UkvN9wdsH7jCZPCtwLkD1xbXcS2
21Q8GxABCYn/J2Wjk/AxOxMorGC3dbw0GtdXJHMEJuI4qASerY69DN9AzA4wqOt7
8McR7ziyHg18qW7ypw4gVK1VF1jyzlJXFzDoFLr8yF0bqCVDn5QxuOu63+rvFY5Y
YA3chqLIKHOBKlexgdPMqtWDDXkSWDmzOWENfxG1AzfGE/+lXWuZ57sdHPIPY7E7
XAISk5CP+nWVbrx8nA7ABCKUwFUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQk0ySe
EugGt8JsBePQQ+HMARMr3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmUxMTcwYTMtNWE2OC00YzljLThiNTEtYjdlZmRlNjRiOTQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFg
MA0GCSqGSIb3DQEBCwUAA4IBAQC67O8zK/HKZ7T/W82z12tSlYDlu47zkxj/CZFF
p1h3vvMGJ76RHM/s+Jx/xa5ek+Jfmr9uLIfqdCIpH0RfDOoa7ECMBadUa2gcYwRx
+z3JF6irJ4SeUNyYncRF68j/ANiMPEeflJ1EreLoNTkBFkL3je4U0e/x8n48NIZ0
JMU9cSrGCoX+P/2lD99E5A96vOfawdej6um1en226m5sg/8fIFKjo9/mHXQUPMdq
I4/TNllE7uJZ/9OFQC5gWSlpxyYoJOziJN/WyM/8uiaZWXQ9kyOKrH4cPVZSyEBn
I0ctf4crNPJVDQGWMhWYABK5M0ulYJBqmSCZ4VwVV4g8THk9
-----END CERTIFICATE-----
Generated at Wed Sep 17 14:14:52 2025 by rpki-client