Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
File: be609ec8-2ad0-42f7-9159-0a3ece35241f.roa (raw, json)
Hash identifier: 8y8ynwOtDM1WNrjFhBO65kI8zk32E2t9EUD7mAxlLec=
Subject key identifier: 9F:FB:DC:F4:E1:06:31:E5:42:10:35:A2:F7:FD:96:6A:CC:AC:11:38
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 422B6FF4C9B61E10BB6EACF4173F3F0E633D21BA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
Signing time: Tue 26 Aug 2025 17:20:07 +0000
ROA not before: Tue 26 Aug 2025 17:20:07 +0000
ROA not after: Tue 30 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:2b:6f:f4:c9:b6:1e:10:bb:6e:ac:f4:17:3f:3f:0e:63:3d:21:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 26 17:20:07 2025 GMT
Not After : Sep 30 23:59:59 2025 GMT
Subject: serialNumber=d54674fc822c30c3b8a694d27fd332cb21cb8fde079082eb80bc81b14b5c9436, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:ab:89:ad:58:7b:d3:92:e2:95:1f:ea:dc:4f:
51:e6:bd:a8:31:30:67:77:35:8f:06:61:fe:72:cd:
87:a1:48:e2:3b:40:1f:0a:26:c9:e3:5f:90:c9:27:
65:c5:48:d6:a3:75:17:56:ff:79:dd:44:6c:7c:aa:
d1:a2:6c:17:2d:6e:5a:df:f9:f1:6f:e4:d3:57:81:
6e:7a:37:e1:aa:5e:a8:c7:d1:fb:40:14:17:76:79:
17:93:8d:3d:9e:9d:7c:87:5f:dc:0b:0b:12:e0:d1:
21:90:06:41:d0:92:32:d4:38:5c:89:dc:24:05:57:
e1:49:12:7c:27:70:ae:e0:54:80:71:04:34:9f:a6:
e2:40:7a:d7:13:b9:ca:e5:56:fd:79:30:66:3c:56:
33:56:25:b4:17:57:50:92:72:7a:3e:4f:d0:b0:8a:
c4:1c:9d:4d:d1:12:99:a7:21:49:2c:9b:cf:d5:be:
77:c1:47:c2:58:0f:9d:3a:3e:8a:d3:69:39:a3:84:
3f:cf:89:71:f7:f6:3b:76:bf:20:0b:dc:89:73:a2:
0e:b1:b9:6f:66:6d:f5:83:20:6d:b8:d1:cf:a0:5c:
da:86:bf:44:17:f2:21:e2:9d:9a:f6:68:c9:1d:64:
69:a2:85:fc:ed:2d:6c:61:84:df:25:ca:44:4c:f6:
44:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:FB:DC:F4:E1:06:31:E5:42:10:35:A2:F7:FD:96:6A:CC:AC:11:38
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/be609ec8-2ad0-42f7-9159-0a3ece35241f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:800::/40
Signature Algorithm: sha256WithRSAEncryption
29:72:d6:ec:b4:e8:a1:36:62:c3:c3:4d:35:85:5a:76:0d:a6:
ee:cc:ee:e5:cc:66:95:a3:12:ce:01:8b:1b:48:c2:3a:2f:76:
d8:e3:bb:f7:41:dc:06:44:63:c0:73:51:84:70:30:1c:d3:f9:
a2:fe:47:ce:d9:f2:98:2d:a2:90:00:da:f1:69:2d:9d:7a:a8:
44:6b:70:6f:3b:e5:a8:74:db:46:5d:be:da:d5:e7:29:84:36:
0d:5e:2c:d0:88:82:95:8a:76:85:b9:23:cc:22:64:d6:a0:0a:
ed:09:d4:4b:72:2c:85:b1:22:94:bb:c6:27:b2:e7:89:05:8c:
0b:3a:1e:31:50:b2:18:33:14:2a:55:97:8a:52:74:00:59:da:
45:bb:5e:c6:e6:6f:6c:f5:72:88:2a:58:c0:2b:b3:b4:82:47:
45:c9:0f:b8:95:d8:47:1e:68:d8:44:8d:1e:60:9e:39:67:e8:
70:ed:56:81:1f:ee:03:8b:bb:71:bb:89:e0:07:8c:60:4d:72:
b4:33:c5:1e:dc:db:89:8d:a3:f5:a6:e1:fb:3c:48:77:d2:b0:
6d:4a:ad:15:85:f6:1a:1e:12:f3:9b:89:2a:63:95:1d:f6:99:
db:b4:62:67:05:d9:dd:57:c4:0f:8e:80:d3:ae:a2:c1:70:8f:
0b:40:37:4c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQitv9Mm2HhC7bqz0Fz8/DmM9IbowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjYxNzIwMDdaFw0yNTA5MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1NDY3NGZjODIyYzMwYzNiOGE2OTRkMjdmZDMzMmNiMjFjYjhmZGUwNzkw
ODJlYjgwYmM4MWIxNGI1Yzk0MzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPOria1Ye9OS4pUf6txPUea9qDEwZ3c1jwZh/nLNh6FI4jtAHwomyeNfkMkn
ZcVI1qN1F1b/ed1EbHyq0aJsFy1uWt/58W/k01eBbno34apeqMfR+0AUF3Z5F5ON
PZ6dfIdf3AsLEuDRIZAGQdCSMtQ4XIncJAVX4UkSfCdwruBUgHEENJ+m4kB61xO5
yuVW/XkwZjxWM1YltBdXUJJyej5P0LCKxBydTdESmachSSybz9W+d8FHwlgPnTo+
itNpOaOEP8+Jcff2O3a/IAvciXOiDrG5b2Zt9YMgbbjRz6Bc2oa/RBfyIeKdmvZo
yR1kaaKF/O0tbGGE3yXKREz2RFECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSf+9z0
4QYx5UIQNaL3/ZZqzKwRODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmU2MDllYzgtMmFkMC00MmY3LTkxNTktMGEzZWNlMzUyNDFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FAI
MA0GCSqGSIb3DQEBCwUAA4IBAQApctbstOihNmLDw001hVp2DabuzO7lzGaVoxLO
AYsbSMI6L3bY47v3QdwGRGPAc1GEcDAc0/mi/kfO2fKYLaKQANrxaS2deqhEa3Bv
O+WodNtGXb7a1ecphDYNXizQiIKVinaFuSPMImTWoArtCdRLciyFsSKUu8YnsueJ
BYwLOh4xULIYMxQqVZeKUnQAWdpFu17G5m9s9XKIKljAK7O0gkdFyQ+4ldhHHmjY
RI0eYJ45Z+hw7VaBH+4Di7txu4ngB4xgTXK0M8Ue3NuJjaP1puH7PEh30rBtSq0V
hfYaHhLzm4kqY5Ud9pnbtGJnBdndV8QPjoDTrqLBcI8LQDdM
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:06 2025 by rpki-client