Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
File: cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa (raw, json)
Hash identifier: LxF8pmgzRbpGm06aUU0uT3I3Cca5GvZKqTj5h+fBk+Q=
Subject key identifier: 0A:54:52:6D:B3:2D:E4:FF:8B:03:38:B2:2D:2D:1A:76:59:7D:85:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63D922BA1D3768963409BC96DF5A75BD7B91ADB0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
Signing time: Mon 01 Sep 2025 20:50:24 +0000
ROA not before: Mon 01 Sep 2025 20:50:24 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:d9:22:ba:1d:37:68:96:34:09:bc:96:df:5a:75:bd:7b:91:ad:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:50:24 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=c9ee0859342b548be05f0e272e071a47e4cf86e30fc27d442f96e2731a19351e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:00:df:a7:a2:17:98:3c:e3:7d:cb:33:76:33:
f6:27:d2:64:fc:4a:62:8c:a7:0c:0c:1a:15:cb:d5:
91:84:1d:5a:a6:de:5d:41:55:ca:2b:84:cd:47:e7:
51:36:00:e5:22:1e:a5:7c:44:2a:12:65:56:a1:4a:
a2:af:92:f7:10:b2:4a:65:6d:d4:60:ec:5a:b2:11:
ae:d3:c4:58:2e:64:0b:a2:71:7c:56:57:5d:10:e4:
e7:aa:5f:f9:d6:aa:e1:18:1c:13:0f:5e:90:8a:a2:
a5:bf:cc:3e:9f:b5:e6:72:f2:e8:b9:2d:7f:fa:a8:
92:7b:69:73:8d:e6:6b:ec:dc:4f:a1:44:36:6d:e8:
82:65:f8:fe:21:6a:0c:bf:37:b6:db:4b:29:de:7f:
98:2d:8f:70:85:0d:4a:f8:40:7e:1b:90:44:aa:cc:
20:e2:cf:9a:e2:eb:65:a2:f0:73:36:ef:67:94:fc:
26:25:d4:64:e9:a5:18:da:61:38:74:45:c0:4f:46:
1d:8e:4a:b3:79:95:c5:08:80:37:f4:0c:ca:66:24:
79:00:8b:c1:2b:55:21:ce:d4:1a:53:29:44:9f:ca:
96:41:d1:b3:1d:26:59:43:a6:ba:64:6c:c3:9f:87:
53:37:b4:0e:8f:38:6a:e2:37:72:97:81:1f:92:9a:
86:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:54:52:6D:B3:2D:E4:FF:8B:03:38:B2:2D:2D:1A:76:59:7D:85:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb4a73e1-be6b-4cba-b130-a22bb39cf671.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:a000::/40
Signature Algorithm: sha256WithRSAEncryption
10:ed:f8:e1:ae:d3:0b:e4:43:01:98:c8:7f:29:41:6e:1b:f3:
26:fb:cf:43:0b:aa:e9:60:ba:d2:2b:f2:ac:0d:9e:2a:3f:3a:
67:6d:98:8f:1b:df:12:2b:87:4c:33:5a:24:1c:6c:99:9d:8f:
2a:16:dd:55:d1:49:4a:7c:03:c0:ad:4f:a7:e2:6b:dc:b1:d1:
ce:c3:f2:db:85:3d:f8:76:f1:eb:7f:3e:e1:73:af:2c:39:4a:
45:5b:01:5e:20:a0:35:0c:d0:59:86:0e:90:b1:aa:64:ef:66:
1b:3e:e7:8f:6a:0b:12:c7:04:b4:af:ed:ab:22:7d:fe:78:75:
16:69:ca:f6:0c:17:0a:d0:ff:8c:38:8e:c6:74:f8:2b:20:4a:
71:3e:b9:25:7a:3b:2c:a9:5f:f6:ce:67:3a:2f:b4:76:d0:97:
13:9b:1d:35:60:7a:5e:06:ad:99:3c:bc:c6:ba:02:98:c3:c6:
e1:b6:3b:c6:cb:99:57:dc:6e:14:6d:78:9e:f5:4e:fc:a9:d3:
19:35:81:06:4c:9f:92:c4:c5:74:ab:44:ee:6f:c0:10:c4:36:
65:a2:0a:cb:12:4f:80:8e:c7:7f:f0:bd:d4:ef:78:45:b2:62:
d7:32:b6:d9:e8:6c:43:75:27:d3:54:15:06:8d:ee:87:75:2b:
c4:15:e0:8b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY9kiuh03aJY0CbyW31p1vXuRrbAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUwMjRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5ZWUwODU5MzQyYjU0OGJlMDVmMGUyNzJlMDcxYTQ3ZTRjZjg2ZTMwZmMy
N2Q0NDJmOTZlMjczMWExOTM1MWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwA36eiF5g8433LM3Yz9ifSZPxKYoynDAwaFcvVkYQdWqbeXUFVyiuEzUfn
UTYA5SIepXxEKhJlVqFKoq+S9xCySmVt1GDsWrIRrtPEWC5kC6JxfFZXXRDk56pf
+daq4RgcEw9ekIqipb/MPp+15nLy6Lktf/qokntpc43ma+zcT6FENm3ogmX4/iFq
DL83tttLKd5/mC2PcIUNSvhAfhuQRKrMIOLPmuLrZaLwczbvZ5T8JiXUZOmlGNph
OHRFwE9GHY5Ks3mVxQiAN/QMymYkeQCLwStVIc7UGlMpRJ/KlkHRsx0mWUOmumRs
w5+HUze0Do84auI3cpeBH5KahscCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQKVFJt
sy3k/4sDOLItLRp2WX2FyzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I0YTczZTEtYmU2Yi00Y2JhLWIxMzAtYTIyYmIzOWNmNjcxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKg
MA0GCSqGSIb3DQEBCwUAA4IBAQAQ7fjhrtML5EMBmMh/KUFuG/Mm+89DC6rpYLrS
K/KsDZ4qPzpnbZiPG98SK4dMM1okHGyZnY8qFt1V0UlKfAPArU+n4mvcsdHOw/Lb
hT34dvHrfz7hc68sOUpFWwFeIKA1DNBZhg6Qsapk72YbPuePagsSxwS0r+2rIn3+
eHUWacr2DBcK0P+MOI7GdPgrIEpxPrklejssqV/2zmc6L7R20JcTmx01YHpeBq2Z
PLzGugKYw8bhtjvGy5lX3G4UbXie9U78qdMZNYEGTJ+SxMV0q0Tub8AQxDZlogrL
Ek+Ajsd/8L3U73hFsmLXMrbZ6GxDdSfTVBUGje6HdSvEFeCL
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:23 2025 by rpki-client