Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa
File: cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa (raw, json)
Hash identifier: 0ZqUBXzYZmNyGUWOoYLs1BNAbD43PPBXewRyRfn+dXI=
Subject key identifier: 96:2F:7A:7C:13:54:18:51:ED:12:0F:67:7A:0C:90:3F:12:B7:A4:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 44BFC22517B4E221CE71AB9455EC2F15F6BF518C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa
Signing time: Mon 01 Sep 2025 20:01:32 +0000
ROA not before: Mon 01 Sep 2025 20:01:32 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:bf:c2:25:17:b4:e2:21:ce:71:ab:94:55:ec:2f:15:f6:bf:51:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:01:32 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=459cb0809130e48230129136f8e51e902384d0f5f076c1f646451e7310cc1840, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:39:59:d3:94:ae:52:55:14:4b:04:3f:15:fb:
c9:d6:ac:cb:73:8c:1d:78:ae:c3:07:40:23:9a:b5:
bd:94:1a:f8:3a:1a:8f:13:d4:70:18:93:e6:6d:53:
7d:e9:ca:49:de:98:1b:14:d7:1e:52:02:1e:9b:11:
27:c1:86:5e:51:c1:73:29:f5:19:29:d2:ed:72:ed:
4d:26:47:d9:9f:cc:f0:e5:25:40:92:16:25:4f:b3:
d7:04:aa:e6:ac:f1:67:b0:ba:8e:a9:6f:eb:ee:b3:
95:df:9a:10:8b:83:a3:d0:64:c6:21:40:f7:ee:94:
18:2a:3c:68:ee:45:6c:5c:88:81:82:c4:0a:8d:e9:
c5:e0:f4:2f:48:af:0e:53:96:12:c1:75:eb:ec:8f:
fb:ba:49:19:a3:97:ff:21:a3:49:69:4f:06:92:05:
f6:65:98:5f:ae:d4:4e:15:e6:66:09:34:ee:a4:8b:
17:4f:2b:d8:d6:67:32:d5:d7:88:27:a3:49:7b:bf:
fd:4b:28:39:a5:fd:c4:a1:76:43:c9:10:60:9a:e9:
61:af:66:2f:f1:64:da:f1:a1:3d:03:ce:a2:ac:96:
45:1a:6c:57:50:b9:65:9e:79:c6:b0:4d:ff:0e:1b:
85:c8:3d:0b:c3:2c:ef:45:96:13:de:2a:1b:b4:ef:
cc:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2F:7A:7C:13:54:18:51:ED:12:0F:67:7A:0C:90:3F:12:B7:A4:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80a0::/48
Signature Algorithm: sha256WithRSAEncryption
85:c8:ac:b3:9a:7a:59:ef:42:e0:77:69:1c:2c:8a:40:97:ca:
b7:ce:2e:f7:a0:84:15:80:b3:31:be:96:90:0d:19:d0:42:ff:
0f:7c:12:dc:87:0a:12:61:00:89:1e:bb:73:ea:68:41:0f:e2:
3f:27:f8:3b:b0:03:ec:3a:f7:1f:bd:fb:35:7d:86:cf:2c:08:
02:10:59:ca:5c:17:03:4d:f9:c6:ee:2c:e1:85:c0:09:fc:bd:
8e:b0:02:ca:25:19:0d:e3:5d:07:38:05:26:41:75:96:d9:c7:
b9:17:9b:02:9a:5e:df:ab:e0:81:e3:a5:d8:c5:d5:54:1c:45:
8d:e9:07:35:5e:57:07:43:f7:d9:c1:a1:ca:b8:2a:55:39:47:
ba:a7:2f:46:2f:2a:e3:4d:2d:35:53:a5:59:c2:12:b2:31:3e:
bb:62:66:81:eb:98:3e:06:1d:14:ea:2f:dc:bb:eb:3f:3c:89:
32:c6:9b:ae:99:c5:41:15:4f:84:07:a3:89:7f:ca:6c:ca:2f:
f3:4b:9c:79:a4:40:20:8d:05:b4:2d:2f:26:30:2a:ab:b1:b8:
d5:ff:6e:a9:7b:1d:12:1c:dd:ea:1c:f7:c0:c1:70:f2:bd:ea:
15:24:dc:ec:ef:c3:8e:34:cf:d2:cf:51:db:52:bd:c2:fb:32:
1f:de:21:71
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURL/CJRe04iHOcauUVewvFfa/UYwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDAxMzJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1OWNiMDgwOTEzMGU0ODIzMDEyOTEzNmY4ZTUxZTkwMjM4NGQwZjVmMDc2
YzFmNjQ2NDUxZTczMTBjYzE4NDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIs5WdOUrlJVFEsEPxX7ydasy3OMHXiuwwdAI5q1vZQa+DoajxPUcBiT5m1T
fenKSd6YGxTXHlICHpsRJ8GGXlHBcyn1GSnS7XLtTSZH2Z/M8OUlQJIWJU+z1wSq
5qzxZ7C6jqlv6+6zld+aEIuDo9BkxiFA9+6UGCo8aO5FbFyIgYLECo3pxeD0L0iv
DlOWEsF16+yP+7pJGaOX/yGjSWlPBpIF9mWYX67UThXmZgk07qSLF08r2NZnMtXX
iCejSXu//UsoOaX9xKF2Q8kQYJrpYa9mL/Fk2vGhPQPOoqyWRRpsV1C5ZZ55xrBN
/w4bhcg9C8Ms70WWE94qG7TvzO8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSWL3p8
E1QYUe0SD2d6DJA/ErekZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y2YWMzZWYtODJmNS00YWJjLWEzNmUtNDA1Yjg2M2Y4ODRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
oDANBgkqhkiG9w0BAQsFAAOCAQEAhciss5p6We9C4HdpHCyKQJfKt84u96CEFYCz
Mb6WkA0Z0EL/D3wS3IcKEmEAiR67c+poQQ/iPyf4O7AD7Dr3H737NX2GzywIAhBZ
ylwXA035xu4s4YXACfy9jrACyiUZDeNdBzgFJkF1ltnHuRebAppe36vggeOl2MXV
VBxFjekHNV5XB0P32cGhyrgqVTlHuqcvRi8q400tNVOlWcISsjE+u2JmgeuYPgYd
FOov3LvrPzyJMsabrpnFQRVPhAejiX/KbMov80uceaRAII0FtC0vJjAqq7G41f9u
qXsdEhzd6hz3wMFw8r3qFSTc7O/DjjTP0s9R21K9wvsyH94hcQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:12:45 2025 by rpki-client