Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
File: e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa (raw, json)
Hash identifier: DCHP4Lh3oTB7yxoGzbugpFsSiNY7iA/pNuYmXBV+vb8=
Subject key identifier: FB:5F:B7:DD:C1:50:CB:4F:C7:98:B6:44:49:12:EE:E4:72:62:72:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5B13CB0150787F030BE6BCE89D165CB76F453F18
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
Signing time: Mon 25 Aug 2025 19:00:10 +0000
ROA not before: Mon 25 Aug 2025 19:00:10 +0000
ROA not after: Mon 29 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:13:cb:01:50:78:7f:03:0b:e6:bc:e8:9d:16:5c:b7:6f:45:3f:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 25 19:00:10 2025 GMT
Not After : Sep 29 23:59:59 2025 GMT
Subject: serialNumber=b820f7004a3ca1240dfd3eb708feed69a0c6d572d37287e40256f329a1f4a114, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:83:05:03:d7:91:12:3f:bc:2b:d9:f5:08:25:
3b:f1:21:4f:e4:f6:80:e9:42:9a:40:4d:1e:01:e1:
e7:1a:3f:12:e4:7c:ad:dc:c6:28:40:1f:b1:5d:c0:
48:45:4b:07:99:5d:f4:e3:57:56:b7:01:cc:28:0b:
04:1c:5b:43:2a:d0:87:5e:69:8a:3f:14:10:00:07:
0c:a0:54:a1:99:39:10:8c:f9:9e:c3:83:bc:fe:a1:
b3:df:4b:eb:16:04:59:47:f2:e6:d8:14:91:9a:14:
98:46:ef:1d:c7:9a:54:6b:1c:7d:68:05:66:10:63:
5e:cb:8e:15:a5:6f:3c:09:4e:d2:a6:52:fa:9a:d6:
54:9f:17:41:83:0a:06:99:c4:3b:20:0c:57:c2:9e:
9c:9e:5e:9b:ed:0e:b5:e5:b5:48:66:df:9e:b3:e1:
38:ef:b0:e4:ed:1d:ed:f1:b7:ed:8d:5f:f3:e7:9e:
b3:25:fc:f7:ea:6a:93:ce:7f:0b:ae:4f:d3:67:d6:
f4:29:91:b5:fc:49:9d:c1:00:7d:04:19:b4:e4:3b:
e4:1a:b8:bb:3e:70:8d:9f:7a:30:75:d8:1c:75:e1:
07:d9:96:78:ce:d6:7b:c2:9a:eb:27:7c:96:27:78:
9a:b0:21:20:91:cf:2a:8a:df:05:90:f5:8e:49:08:
34:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:5F:B7:DD:C1:50:CB:4F:C7:98:B6:44:49:12:EE:E4:72:62:72:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:a000::/40
Signature Algorithm: sha256WithRSAEncryption
aa:af:f3:92:4f:76:5a:dd:3f:6b:48:d7:ee:7d:dc:fa:5b:97:
5d:a2:d0:24:42:70:68:c5:68:b9:e0:95:12:fe:e3:20:95:60:
13:3f:cf:c5:40:ad:1f:b5:ba:25:8b:a3:63:b1:9c:fd:7b:03:
3c:23:37:a5:b4:ee:7c:b6:3a:43:47:22:65:ef:76:10:da:e1:
8d:fe:52:1f:9a:00:74:b8:ad:8d:b9:ae:99:91:a7:9c:ca:19:
7d:ff:a9:58:07:f1:a4:98:c5:ba:3d:bc:33:62:5d:88:20:67:
ed:6a:2a:8b:76:d6:1e:4b:f0:96:1f:0e:89:cd:0c:a8:6a:96:
25:0f:c4:3e:72:bf:cc:99:29:86:fd:e0:86:e8:b2:36:fa:64:
b3:d3:ab:68:1a:76:9a:34:f6:50:e2:81:4d:e1:60:69:0d:40:
b9:bf:71:fa:59:4d:d7:9f:07:a5:99:34:97:e0:6f:44:cf:ba:
e3:e2:8a:54:ba:9e:39:82:96:74:9f:84:16:b5:00:2f:d1:37:
11:87:c1:38:76:40:85:3a:ed:fe:85:cb:88:39:7e:e5:3a:04:
7d:54:01:97:8f:ae:f7:9d:5e:78:b3:7c:9d:94:35:98:0f:da:
8b:40:33:87:5d:20:e9:d7:7e:1e:6c:f2:5f:14:0a:92:25:86:
34:e0:5c:83
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWxPLAVB4fwML5rzonRZct29FPxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjUxOTAwMTBaFw0yNTA5MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4MjBmNzAwNGEzY2ExMjQwZGZkM2ViNzA4ZmVlZDY5YTBjNmQ1NzJkMzcy
ODdlNDAyNTZmMzI5YTFmNGExMTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIaDBQPXkRI/vCvZ9QglO/EhT+T2gOlCmkBNHgHh5xo/EuR8rdzGKEAfsV3A
SEVLB5ld9ONXVrcBzCgLBBxbQyrQh15pij8UEAAHDKBUoZk5EIz5nsODvP6hs99L
6xYEWUfy5tgUkZoUmEbvHceaVGscfWgFZhBjXsuOFaVvPAlO0qZS+prWVJ8XQYMK
BpnEOyAMV8KenJ5em+0OteW1SGbfnrPhOO+w5O0d7fG37Y1f8+eesyX89+pqk85/
C65P02fW9CmRtfxJncEAfQQZtOQ75Bq4uz5wjZ96MHXYHHXhB9mWeM7We8Ka6yd8
lid4mrAhIJHPKorfBZD1jkkINHMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT7X7fd
wVDLT8eYtkRJEu7kcmJyXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTYxNWZlYTMtMzgyNi00YzU5LTk1NzQtNzJmYjZjYzhmMmVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hag
MA0GCSqGSIb3DQEBCwUAA4IBAQCqr/OST3Za3T9rSNfufdz6W5ddotAkQnBoxWi5
4JUS/uMglWATP8/FQK0ftboli6NjsZz9ewM8IzeltO58tjpDRyJl73YQ2uGN/lIf
mgB0uK2Nua6Zkaecyhl9/6lYB/GkmMW6PbwzYl2IIGftaiqLdtYeS/CWHw6JzQyo
apYlD8Q+cr/MmSmG/eCG6LI2+mSz06toGnaaNPZQ4oFN4WBpDUC5v3H6WU3Xnwel
mTSX4G9Ez7rj4opUup45gpZ0n4QWtQAv0TcRh8E4dkCFOu3+hcuIOX7lOgR9VAGX
j673nV54s3ydlDWYD9qLQDOHXSDp134ebPJfFAqSJYY04FyD
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:05 2025 by rpki-client