Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
File: d84b5798-b167-465e-8272-054986363200.roa (raw, json)
Hash identifier: RPZhlibt0C3SlXuMNHX3u3QI8x416yTCUMxI/VWw3nY=
Subject key identifier: 40:00:0D:FF:17:2D:AB:90:1E:AC:27:B6:FF:72:B5:02:FD:9B:8F:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 732060CF61D6D9107F73C3F7CB394BF3942FE245
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
Signing time: Mon 01 Sep 2025 20:21:31 +0000
ROA not before: Mon 01 Sep 2025 20:21:31 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:20:60:cf:61:d6:d9:10:7f:73:c3:f7:cb:39:4b:f3:94:2f:e2:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:21:31 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=d6a9c82418cdb2d36a92bf2ad76023e5f19c64974e30ce72f1866f4f57f60026, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:13:6e:01:b0:f1:8b:6c:a3:8c:97:bd:6d:5f:
b5:86:a5:93:4e:9b:77:db:44:60:f4:0d:0e:5f:81:
62:58:e7:88:17:02:d5:93:dd:8f:8d:e7:41:6a:0e:
92:b7:a4:ed:4b:96:be:e3:b3:95:62:3b:36:77:c9:
80:9f:76:8f:f5:9f:4c:9a:2b:85:23:3b:8d:9d:d0:
4c:76:13:65:98:ef:94:42:ad:f6:e2:91:44:89:31:
9d:69:bd:01:ee:7e:11:0b:db:03:45:38:74:d5:20:
d0:06:c3:22:98:aa:6b:50:41:57:26:cf:6c:e1:90:
a7:a0:c8:f7:e7:20:5f:43:55:1b:1a:02:dd:88:a2:
b0:7c:b4:e6:71:fe:1a:bb:eb:d7:2b:17:e2:e8:56:
6d:25:8e:60:7c:50:0a:8e:fd:e8:c3:22:ef:45:76:
57:bb:b8:98:ba:c1:ba:3a:eb:e9:90:76:21:05:f4:
d5:81:3c:67:5f:b6:a6:5e:32:ce:66:ef:b1:9a:da:
56:d1:46:28:81:18:91:50:7f:8e:63:c5:dc:f3:23:
9a:17:21:26:74:f6:0a:57:1f:71:21:66:98:a1:8c:
b2:84:b9:16:6d:f2:70:b3:97:25:b7:b5:e4:95:10:
18:96:f7:2d:89:23:21:09:95:7b:48:ba:6d:46:84:
c9:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:00:0D:FF:17:2D:AB:90:1E:AC:27:B6:FF:72:B5:02:FD:9B:8F:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d84b5798-b167-465e-8272-054986363200.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
56:3c:ff:ea:38:52:f9:4d:9d:c5:d6:08:37:bc:ad:13:7b:3c:
4c:2a:5c:ed:52:d5:7d:da:74:eb:bf:77:10:04:98:0a:31:83:
42:07:5e:f6:69:13:6e:3d:97:6b:b5:5d:a7:7d:e0:49:ea:66:
0f:dc:49:74:32:da:5f:2a:96:02:6f:9a:7f:d1:09:b9:ec:f7:
d1:9b:35:c4:d7:7e:d6:fd:84:69:7d:6a:53:c4:0b:1f:13:01:
3c:12:74:93:7c:e4:7b:dd:42:b5:ae:9e:ed:4f:9e:5d:f8:f2:
5c:83:c1:51:8b:3f:5b:c6:25:31:cd:06:91:a8:05:61:63:b7:
4d:f7:b1:38:2d:f9:c4:44:e4:85:67:a2:cc:5b:c7:83:50:df:
c2:e5:b1:11:70:15:03:d0:c2:07:c0:c8:6f:ff:51:9e:39:7a:
cb:ff:5e:dd:c0:5e:75:1e:08:0f:0d:db:66:a2:2a:40:d2:c1:
66:c1:7e:81:c9:14:f0:7b:34:0a:53:64:55:a4:83:60:4c:63:
84:89:72:76:1f:67:f7:e5:39:06:b8:75:c5:80:f7:a1:a2:0f:
37:44:28:44:94:7b:fd:fc:71:09:e7:0c:fc:d9:cc:d8:da:8e:
21:be:d5:0d:e7:8d:c6:ee:ae:78:47:4f:b8:c7:5c:59:5e:bf:
bf:50:9b:ac
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcyBgz2HW2RB/c8P3yzlL85Qv4kUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDIxMzFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2YTljODI0MThjZGIyZDM2YTkyYmYyYWQ3NjAyM2U1ZjE5YzY0OTc0ZTMw
Y2U3MmYxODY2ZjRmNTdmNjAwMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0TbgGw8Ytso4yXvW1ftYalk06bd9tEYPQNDl+BYljniBcC1ZPdj43nQWoO
krek7UuWvuOzlWI7NnfJgJ92j/WfTJorhSM7jZ3QTHYTZZjvlEKt9uKRRIkxnWm9
Ae5+EQvbA0U4dNUg0AbDIpiqa1BBVybPbOGQp6DI9+cgX0NVGxoC3YiisHy05nH+
Grvr1ysX4uhWbSWOYHxQCo796MMi70V2V7u4mLrBujrr6ZB2IQX01YE8Z1+2pl4y
zmbvsZraVtFGKIEYkVB/jmPF3PMjmhchJnT2ClcfcSFmmKGMsoS5Fm3ycLOXJbe1
5JUQGJb3LYkjIQmVe0i6bUaEyesCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRAAA3/
Fy2rkB6sJ7b/crUC/ZuP5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDg0YjU3OTgtYjE2Ny00NjVlLTgyNzItMDU0OTg2MzYzMjAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
wDANBgkqhkiG9w0BAQsFAAOCAQEAVjz/6jhS+U2dxdYIN7ytE3s8TCpc7VLVfdp0
6793EASYCjGDQgde9mkTbj2Xa7Vdp33gSepmD9xJdDLaXyqWAm+af9EJuez30Zs1
xNd+1v2EaX1qU8QLHxMBPBJ0k3zke91Cta6e7U+eXfjyXIPBUYs/W8YlMc0GkagF
YWO3TfexOC35xETkhWeizFvHg1DfwuWxEXAVA9DCB8DIb/9Rnjl6y/9e3cBedR4I
Dw3bZqIqQNLBZsF+gckU8Hs0ClNkVaSDYExjhIlydh9n9+U5Brh1xYD3oaIPN0Qo
RJR7/fxxCecM/NnM2NqOIb7VDeeNxu6ueEdPuMdcWV6/v1CbrA==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:46 2025 by rpki-client