Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dec4a7df-5727-45ab-92fb-7078e26fd54d.roa
File: dec4a7df-5727-45ab-92fb-7078e26fd54d.roa (raw, json)
Hash identifier: ySQ93wDE/3vkZxlYIHc1SiMiXzX0ImOuWbk4I2o+7D0=
Subject key identifier: 92:40:B4:5E:AD:A0:10:95:8A:D9:C8:D7:F2:A8:FA:C4:03:F8:BA:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 782BB9862B0CBE18905960B09C184F22E353A26A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dec4a7df-5727-45ab-92fb-7078e26fd54d.roa
Signing time: Mon 01 Sep 2025 20:50:09 +0000
ROA not before: Mon 01 Sep 2025 20:50:09 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:2b:b9:86:2b:0c:be:18:90:59:60:b0:9c:18:4f:22:e3:53:a2:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:50:09 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=5e3ffd0886ea7dffa7f31831f856629ecfc4ca411dfaf938fab4a469d855b7e2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:83:a2:66:52:95:82:54:84:fa:38:fe:ab:f3:
47:89:f0:43:5f:1e:63:85:44:ad:62:ca:8a:f9:28:
b1:3d:14:9b:11:52:0c:1c:28:c0:a9:b0:94:fd:28:
f8:b3:bd:7b:dc:f2:4a:b3:bb:4a:00:2f:79:5d:28:
e8:ba:00:3f:50:32:eb:d8:a8:b5:53:31:9e:39:d4:
c0:34:1f:b0:67:f5:87:e3:5b:93:32:4f:80:47:5f:
c0:47:c1:a2:b1:26:24:2f:0e:c8:08:a6:24:d4:35:
81:34:dc:a8:f1:24:8e:67:41:21:64:0e:e2:53:52:
d2:fa:f5:83:29:70:ca:7b:ec:93:09:c3:21:2b:bc:
81:70:b5:8e:e6:ec:c6:be:67:2a:e4:5d:3b:1d:b8:
6d:28:fa:c6:05:d8:50:a5:81:57:84:91:bd:1e:3b:
35:c2:5a:99:74:99:45:27:14:55:4b:49:46:49:9b:
60:9b:9c:28:02:2d:5b:cf:dc:77:92:93:b3:ee:34:
fb:47:9e:fc:b7:0e:99:f6:8d:aa:07:62:38:8f:41:
f4:3f:72:f0:85:4a:f1:61:3f:85:5c:6f:63:08:f1:
19:1c:84:84:41:a8:4f:d9:32:eb:ac:f8:bb:1b:a2:
af:a1:2d:a9:e5:88:fe:3e:aa:a0:97:ab:41:25:20:
3b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:40:B4:5E:AD:A0:10:95:8A:D9:C8:D7:F2:A8:FA:C4:03:F8:BA:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dec4a7df-5727-45ab-92fb-7078e26fd54d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076::/32
Signature Algorithm: sha256WithRSAEncryption
04:d4:75:dc:6a:65:46:d3:44:6b:ec:e3:95:20:a8:28:f7:42:
3e:f7:9c:7f:f9:4e:94:a4:b4:36:25:33:6c:1f:1e:a5:35:7b:
39:22:2a:15:71:a9:47:11:79:3e:72:8f:bc:29:d7:da:28:46:
ae:20:c3:04:d3:10:80:59:03:27:44:09:58:a0:9f:8a:51:e6:
7c:bc:d9:e8:1b:50:01:27:3e:4d:53:58:2a:b2:2c:0e:30:70:
1b:14:32:9c:dd:6f:2b:83:4e:40:64:c5:ae:80:50:09:66:e3:
f9:68:99:81:51:04:2c:4e:65:e9:c9:72:0a:26:ba:54:4b:e3:
8e:6c:75:eb:7d:4b:93:66:ed:5e:86:72:64:53:9b:4d:79:b5:
c9:49:7b:0d:ca:1f:53:10:ab:0e:c0:ca:20:5d:b5:4e:b8:ef:
60:2c:26:74:32:c3:e1:9d:fa:58:e4:1f:99:b4:2d:3a:c1:fa:
74:d4:a9:5d:35:65:0e:78:33:90:84:ff:b3:86:fd:a2:0f:a6:
c3:05:dc:2b:36:f5:8d:03:eb:a7:64:a8:a7:f5:78:1b:27:4e:
6a:97:39:99:87:31:8b:4b:96:50:05:6f:66:bd:85:0d:33:60:
94:1c:c2:15:ae:f3:1f:b7:4a:f8:e4:c5:5a:ed:45:bc:6b:6d:
69:d0:c8:5c
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUeCu5hisMvhiQWWCwnBhPIuNTomowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUwMDlaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlM2ZmZDA4ODZlYTdkZmZhN2YzMTgzMWY4NTY2MjllY2ZjNGNhNDExZGZh
ZjkzOGZhYjRhNDY5ZDg1NWI3ZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJKDomZSlYJUhPo4/qvzR4nwQ18eY4VErWLKivkosT0UmxFSDBwowKmwlP0o
+LO9e9zySrO7SgAveV0o6LoAP1Ay69iotVMxnjnUwDQfsGf1h+NbkzJPgEdfwEfB
orEmJC8OyAimJNQ1gTTcqPEkjmdBIWQO4lNS0vr1gylwynvskwnDISu8gXC1jubs
xr5nKuRdOx24bSj6xgXYUKWBV4SRvR47NcJamXSZRScUVUtJRkmbYJucKAItW8/c
d5KTs+40+0ee/LcOmfaNqgdiOI9B9D9y8IVK8WE/hVxvYwjxGRyEhEGoT9ky66z4
uxuir6EtqeWI/j6qoJerQSUgOzsCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSSQLRe
raAQlYrZyNfyqPrEA/i6GDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGVjNGE3ZGYtNTcyNy00NWFiLTkyZmItNzA3OGUyNmZkNTRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HYw
DQYJKoZIhvcNAQELBQADggEBAATUddxqZUbTRGvs45UgqCj3Qj73nH/5TpSktDYl
M2wfHqU1ezkiKhVxqUcReT5yj7wp19ooRq4gwwTTEIBZAydECVign4pR5ny82egb
UAEnPk1TWCqyLA4wcBsUMpzdbyuDTkBkxa6AUAlm4/lomYFRBCxOZenJcgomulRL
445sdet9S5Nm7V6GcmRTm015tclJew3KH1MQqw7AyiBdtU6472AsJnQyw+Gd+ljk
H5m0LTrB+nTUqV01ZQ54M5CE/7OG/aIPpsMF3Cs29Y0D66dkqKf1eBsnTmqXOZmH
MYtLllAFb2a9hQ0zYJQcwhWu8x+3SvjkxVrtRbxrbWnQyFw=
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:04 2025 by rpki-client