Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
File: d6931f13-0c44-4edc-b1b7-89dc8e035321.roa (raw, json)
Hash identifier: LAVvCw/KfB8AmwljlthKmZIzj7s6yCdbJ2bwZQ0QnwU=
Subject key identifier: 6E:D7:B3:D3:B9:25:F3:23:66:03:6F:74:EE:99:C5:19:A5:2B:5A:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 015AAC9B5097EBC54FCE39DE8899EEEA94ABBCBF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
Signing time: Mon 01 Sep 2025 20:51:32 +0000
ROA not before: Mon 01 Sep 2025 20:51:32 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:5a:ac:9b:50:97:eb:c5:4f:ce:39:de:88:99:ee:ea:94:ab:bc:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:51:32 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=86370e493fad61c7df98981892f1590887f47759b9cb3c1f4719af4536bf4630, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:59:c6:04:84:c1:80:53:18:e6:e3:63:5f:b3:
14:32:5e:9b:ae:33:6b:98:b4:5f:d5:7b:dd:9d:e4:
25:da:60:cf:21:01:0a:bd:1a:e3:3e:32:04:6f:57:
6a:e4:f8:59:e7:26:41:aa:ae:fb:b9:54:4c:43:c6:
d6:73:87:bd:a4:32:c6:9c:28:5f:a0:6d:b2:41:35:
29:29:1e:b0:d2:ab:78:f0:11:8e:0d:e2:0e:b3:eb:
77:2a:9b:db:02:db:06:fa:c6:50:b5:1d:48:e7:86:
08:60:1c:61:a1:5d:1f:45:53:94:cd:7c:f8:b9:46:
ca:3e:bd:25:cb:f1:48:c4:4f:01:75:54:1a:fe:96:
d2:d3:b0:6c:44:90:46:9c:39:20:85:c7:70:2c:93:
88:4a:a3:74:80:47:9f:d3:2e:f0:d2:46:48:19:87:
27:5a:ba:cb:9b:a0:17:2b:64:c9:f8:1d:13:60:7d:
89:03:08:74:79:26:08:e6:8d:0e:a5:45:1a:77:67:
67:f7:2b:8d:2a:8f:94:89:6e:51:cb:1c:bd:16:87:
34:fc:9c:69:3e:b3:82:e4:03:49:2f:ce:66:c0:c9:
70:7a:db:ae:63:92:f4:ea:dc:92:61:0f:25:a2:4c:
47:21:c6:ac:d6:2e:20:bc:e8:0e:68:39:8c:79:e5:
57:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:D7:B3:D3:B9:25:F3:23:66:03:6F:74:EE:99:C5:19:A5:2B:5A:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6931f13-0c44-4edc-b1b7-89dc8e035321.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058::/32
Signature Algorithm: sha256WithRSAEncryption
1d:04:ab:81:32:f0:ed:f6:3e:36:5e:ee:e3:b8:68:b9:4b:da:
eb:d1:d0:1c:1a:dd:08:f1:d6:2f:82:a4:af:eb:86:70:44:00:
f4:08:3b:90:f1:eb:88:6f:b4:45:7f:b6:79:46:68:b8:93:61:
4b:b8:b3:f1:f9:dd:16:97:a5:e6:78:8d:38:0d:34:22:83:c2:
7a:9d:03:f9:ea:a2:68:63:5c:ea:7e:8c:e7:65:93:5e:3d:9b:
60:01:73:c1:cf:78:db:25:78:2c:ff:3e:98:13:43:50:26:60:
92:17:15:cc:0d:e2:0c:e2:5c:d2:0a:5a:71:52:79:32:2f:a1:
74:a2:fb:50:9b:22:1b:99:2f:f9:36:54:ee:ba:e2:36:e4:be:
31:84:17:7e:3b:36:e1:df:69:49:69:fd:f5:7b:e6:b9:7c:3a:
a8:a0:59:80:bb:e2:e4:c2:81:3f:74:fb:99:c5:ce:c1:0a:61:
12:b1:eb:9c:78:88:98:e2:80:cc:73:cd:db:6c:c2:83:16:c7:
e2:a3:06:ce:a7:17:a8:75:ac:9d:94:2c:87:18:57:62:cb:56:
6e:5f:b9:07:3d:46:98:e5:bc:14:4d:c0:95:d7:8c:fd:3c:98:
88:fd:95:24:ea:08:cc:6b:a5:d7:87:1d:01:b4:d6:a8:91:1e:
18:fc:42:a9
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUAVqsm1CX68VPzjneiJnu6pSrvL8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUxMzJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2MzcwZTQ5M2ZhZDYxYzdkZjk4OTgxODkyZjE1OTA4ODdmNDc3NTliOWNi
M2MxZjQ3MTlhZjQ1MzZiZjQ2MzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlZxgSEwYBTGObjY1+zFDJem64za5i0X9V73Z3kJdpgzyEBCr0a4z4yBG9X
auT4WecmQaqu+7lUTEPG1nOHvaQyxpwoX6BtskE1KSkesNKrePARjg3iDrPrdyqb
2wLbBvrGULUdSOeGCGAcYaFdH0VTlM18+LlGyj69JcvxSMRPAXVUGv6W0tOwbESQ
Rpw5IIXHcCyTiEqjdIBHn9Mu8NJGSBmHJ1q6y5ugFytkyfgdE2B9iQMIdHkmCOaN
DqVFGndnZ/crjSqPlIluUcscvRaHNPycaT6zguQDSS/OZsDJcHrbrmOS9OrckmEP
JaJMRyHGrNYuILzoDmg5jHnlV2UCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRu17PT
uSXzI2YDb3TumcUZpSta4jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDY5MzFmMTMtMGM0NC00ZWRjLWIxYjctODlkYzhlMDM1MzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Fgw
DQYJKoZIhvcNAQELBQADggEBAB0Eq4Ey8O32PjZe7uO4aLlL2uvR0Bwa3Qjx1i+C
pK/rhnBEAPQIO5Dx64hvtEV/tnlGaLiTYUu4s/H53RaXpeZ4jTgNNCKDwnqdA/nq
omhjXOp+jOdlk149m2ABc8HPeNsleCz/PpgTQ1AmYJIXFcwN4gziXNIKWnFSeTIv
oXSi+1CbIhuZL/k2VO664jbkvjGEF347NuHfaUlp/fV75rl8OqigWYC74uTCgT90
+5nFzsEKYRKx65x4iJjigMxzzdtswoMWx+KjBs6nF6h1rJ2ULIcYV2LLVm5fuQc9
RpjlvBRNwJXXjP08mIj9lSTqCMxrpdeHHQG01qiRHhj8Qqk=
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:04 2025 by rpki-client