Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
File: c7743543-1a04-47c2-8128-1b90de9136a9.roa (raw, json)
Hash identifier: wIz63uSD9H7dEHLY+nxSiu3Ga0TYsyKWz/JTwHAiuKM=
Subject key identifier: F7:47:BD:34:1D:D1:54:D9:48:FE:D8:29:28:9F:20:C7:09:AB:3E:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2159468CDA347B034583A8246967B625C4DA0625
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
Signing time: Mon 01 Sep 2025 20:01:05 +0000
ROA not before: Mon 01 Sep 2025 20:01:05 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8090::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:59:46:8c:da:34:7b:03:45:83:a8:24:69:67:b6:25:c4:da:06:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:01:05 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=14749a6681ede6206230abef865c13c05d1dbb8ecee7f085a936446593a1a150, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3a:c4:23:ec:c2:da:a1:4e:6b:5c:69:e8:b1:
7f:ea:7c:09:2e:f1:f3:02:07:7f:4a:58:83:ba:34:
88:b3:25:96:e5:8c:c4:ae:40:ab:3d:10:33:aa:77:
62:67:10:a2:ac:28:87:a3:67:d2:5d:f5:13:12:a0:
9c:0c:4d:d1:3e:3c:35:14:80:ea:7b:8a:0b:82:20:
5d:86:3f:d7:bd:2b:f5:a5:fb:ef:70:bc:c3:f1:3b:
6a:27:f6:31:c6:bd:6e:c7:9d:e1:a5:c3:b6:5d:ce:
d7:39:84:d2:01:cc:70:09:04:bb:eb:99:c4:18:ad:
69:e0:2b:6a:a5:e2:24:63:33:92:c3:50:bd:b3:99:
c9:87:e0:5f:85:2d:da:7e:8f:26:0c:b2:69:d2:3e:
90:81:df:08:67:6f:94:4a:cc:f1:a4:b3:ef:e0:31:
11:6b:52:4a:e3:5c:b1:07:de:25:cd:8c:9b:05:22:
75:b9:d6:01:02:26:21:28:4f:00:2c:5b:70:51:04:
ca:fc:59:ec:f9:66:28:7d:df:5b:ed:6a:38:db:db:
de:1a:0b:61:f4:b0:14:3d:71:c6:22:d7:5b:8b:62:
c5:37:9f:ff:96:c8:6f:9b:e3:18:d0:01:af:fd:a4:
8b:ab:87:5b:63:66:49:f5:7b:b9:b3:a2:c0:17:ea:
28:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:47:BD:34:1D:D1:54:D9:48:FE:D8:29:28:9F:20:C7:09:AB:3E:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8090::/48
Signature Algorithm: sha256WithRSAEncryption
1b:d1:d5:06:fa:a6:29:7f:d6:4e:ce:6c:61:3b:60:d7:44:71:
17:a0:e2:3e:2e:a1:32:aa:82:2e:1f:50:2c:59:5f:b1:ba:6d:
3e:d9:f6:3f:95:47:53:99:dd:ec:60:b7:fc:16:e5:16:f2:fd:
57:3e:af:6c:24:bb:f3:d0:39:8b:c3:5a:6d:12:6c:9f:99:09:
05:ee:b6:cd:04:d6:45:42:f3:16:77:18:88:8a:b2:fd:ea:a0:
bd:f0:1b:dc:ff:ae:8c:2c:8c:46:d3:3d:59:3b:9d:a0:71:3c:
43:07:fa:42:62:a4:6c:24:9d:7c:b7:cb:47:16:0c:e6:7c:a3:
d8:1f:a9:b1:f3:00:23:7d:ec:93:7f:da:60:d8:72:7b:a7:d1:
1c:23:ff:b0:34:f2:89:ce:ba:85:75:d8:0e:1d:3e:7b:d0:6b:
a0:29:2e:b2:90:26:0a:0d:7a:af:11:5b:0b:dd:67:56:f5:00:
0c:35:49:ff:99:81:88:f7:79:3d:fc:77:b0:29:db:16:a4:26:
7e:47:c5:f3:25:4a:75:29:23:54:05:93:23:e6:52:92:ca:41:
00:0e:59:bb:b0:90:c7:c5:0a:d6:ae:4d:bc:84:05:e5:a2:9f:
1e:77:23:fb:60:59:c6:e8:dd:a7:ee:bc:b1:5c:ba:84:d9:09:
c9:71:0d:f6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIVlGjNo0ewNFg6gkaWe2JcTaBiUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDAxMDVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0NzQ5YTY2ODFlZGU2MjA2MjMwYWJlZjg2NWMxM2MwNWQxZGJiOGVjZWU3
ZjA4NWE5MzY0NDY1OTNhMWExNTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK46xCPswtqhTmtcaeixf+p8CS7x8wIHf0pYg7o0iLMlluWMxK5Aqz0QM6p3
YmcQoqwoh6Nn0l31ExKgnAxN0T48NRSA6nuKC4IgXYY/170r9aX773C8w/E7aif2
Mca9bsed4aXDtl3O1zmE0gHMcAkEu+uZxBitaeAraqXiJGMzksNQvbOZyYfgX4Ut
2n6PJgyyadI+kIHfCGdvlErM8aSz7+AxEWtSSuNcsQfeJc2MmwUidbnWAQImIShP
ACxbcFEEyvxZ7PlmKH3fW+1qONvb3hoLYfSwFD1xxiLXW4tixTef/5bIb5vjGNAB
r/2ki6uHW2NmSfV7ubOiwBfqKD8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT3R700
HdFU2Uj+2CkonyDHCas+tjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc3NDM1NDMtMWEwNC00N2MyLTgxMjgtMWI5MGRlOTEzNmE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
kDANBgkqhkiG9w0BAQsFAAOCAQEAG9HVBvqmKX/WTs5sYTtg10RxF6DiPi6hMqqC
Lh9QLFlfsbptPtn2P5VHU5nd7GC3/BblFvL9Vz6vbCS789A5i8NabRJsn5kJBe62
zQTWRULzFncYiIqy/eqgvfAb3P+ujCyMRtM9WTudoHE8Qwf6QmKkbCSdfLfLRxYM
5nyj2B+psfMAI33sk3/aYNhye6fRHCP/sDTyic66hXXYDh0+e9BroCkuspAmCg16
rxFbC91nVvUADDVJ/5mBiPd5Pfx3sCnbFqQmfkfF8yVKdSkjVAWTI+ZSkspBAA5Z
u7CQx8UK1q5NvIQF5aKfHncj+2BZxujdp+68sVy6hNkJyXEN9g==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:22 2025 by rpki-client