Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa
File: e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa (raw, json)
Hash identifier: kM2NV6yU9qV9Hra3Ogsnes+dFe5+q8MteL7nXfbgA8A=
Subject key identifier: ED:B3:D8:F0:E2:8C:16:BE:95:20:ED:81:79:58:60:84:AA:F0:21:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 176BB1DEA189B671C5294976890380D4EA2E8AD9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa
Signing time: Tue 05 Aug 2025 19:31:07 +0000
ROA not before: Tue 05 Aug 2025 19:31:07 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:6b:b1:de:a1:89:b6:71:c5:29:49:76:89:03:80:d4:ea:2e:8a:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:31:07 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=9cd65082aabc4a67e1e7484a506fea3bfe7cca773a49e90e0a03f0230fb094e2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6f:5e:b8:d7:18:66:87:4f:fd:88:6b:a6:fe:
56:9c:90:36:0e:9a:7c:f1:40:64:46:72:af:23:b7:
47:15:9b:e7:6b:f7:fa:87:af:9f:89:b1:c1:5c:a6:
ba:e3:4a:f5:31:3e:f2:3e:49:de:0e:10:8c:c5:32:
ed:32:68:bc:2a:c7:b7:8f:51:73:0f:5f:9c:65:6a:
c5:ee:f9:73:72:b8:dd:97:1f:24:eb:a1:76:4e:1e:
0c:08:50:dd:6f:3f:33:99:d1:8d:2b:06:e1:96:b7:
c7:0a:1d:98:57:94:8f:25:90:08:45:83:47:8f:a6:
32:fe:81:ae:25:72:e1:65:c0:c3:49:d6:98:76:06:
ce:e9:0f:27:0a:11:87:80:6c:57:69:7d:6d:e1:ff:
6c:b9:86:8a:87:6b:b7:6e:95:d1:eb:76:e4:b7:ef:
0b:6d:2a:7d:b7:94:8b:c4:67:f3:10:56:c4:ef:be:
67:0a:84:6a:95:73:ea:ed:52:d7:77:79:c0:c6:19:
f0:c5:54:7b:f7:0f:4f:8f:c4:75:21:10:76:d7:45:
69:d1:cf:36:f2:29:bc:d3:8a:da:ce:30:a8:94:3b:
85:94:a3:6d:90:1a:43:4e:c4:8f:fd:8e:a9:ee:33:
15:9f:d9:1c:d9:0f:09:15:9f:bb:a5:a5:6d:b3:74:
1c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:B3:D8:F0:E2:8C:16:BE:95:20:ED:81:79:58:60:84:AA:F0:21:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e6ac0def-833f-4e1b-a75d-2d1fb3b8c3d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:c000::/40
Signature Algorithm: sha256WithRSAEncryption
86:29:70:a8:78:ef:82:f4:a2:06:d7:c1:08:0a:66:70:9d:2b:
64:c6:19:33:a9:72:7e:8d:9f:3d:bb:f1:56:2b:d7:14:8a:5b:
f2:aa:d7:d0:f4:08:85:c1:2f:74:80:0f:60:08:f7:6c:3f:a1:
23:79:7c:73:b6:a8:a1:e9:a0:95:56:fb:b5:5d:a3:39:92:51:
57:c5:b2:b8:aa:99:81:1c:ee:18:bc:1c:ba:5a:91:0c:40:6a:
54:ed:c5:1c:33:68:2b:52:4f:85:e0:6e:ad:b9:95:dc:01:c7:
a8:2e:76:6c:ba:36:f0:35:f2:23:d2:b0:d2:c1:fe:af:8e:84:
4e:76:41:e3:8b:bf:e4:f3:d9:b1:7e:a5:98:32:fb:47:5d:8f:
35:56:6c:0b:32:9d:96:c4:0d:14:91:60:33:16:e5:d4:97:a1:
93:11:f1:2b:39:92:34:6e:97:37:18:4b:15:28:39:ea:0b:19:
f9:ea:d8:47:fc:e4:9f:ff:a3:97:66:23:2c:14:e8:1b:df:9d:
15:5a:0f:d0:df:9c:8a:c0:8c:9b:68:de:ba:38:ff:88:8d:9c:
22:2c:fa:3c:d3:c0:c2:49:06:50:ab:ff:0a:d0:51:cf:78:5e:
56:c5:e1:70:65:dc:f5:b3:a1:7e:73:02:9a:16:f1:e0:09:e5:
46:49:92:4a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF2ux3qGJtnHFKUl2iQOA1OouitkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMxMDdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDljZDY1MDgyYWFiYzRhNjdlMWU3NDg0YTUwNmZlYTNiZmU3Y2NhNzczYTQ5
ZTkwZTBhMDNmMDIzMGZiMDk0ZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNvXrjXGGaHT/2Ia6b+VpyQNg6afPFAZEZyryO3RxWb52v3+oevn4mxwVym
uuNK9TE+8j5J3g4QjMUy7TJovCrHt49Rcw9fnGVqxe75c3K43ZcfJOuhdk4eDAhQ
3W8/M5nRjSsG4Za3xwodmFeUjyWQCEWDR4+mMv6BriVy4WXAw0nWmHYGzukPJwoR
h4BsV2l9beH/bLmGiodrt26V0et25LfvC20qfbeUi8Rn8xBWxO++ZwqEapVz6u1S
13d5wMYZ8MVUe/cPT4/EdSEQdtdFadHPNvIpvNOK2s4wqJQ7hZSjbZAaQ07Ej/2O
qe4zFZ/ZHNkPCRWfu6WlbbN0HIECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTts9jw
4owWvpUg7YF5WGCEqvAh5zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTZhYzBkZWYtODMzZi00ZTFiLWE3NWQtMmQxZmIzYjhjM2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H7A
MA0GCSqGSIb3DQEBCwUAA4IBAQCGKXCoeO+C9KIG18EICmZwnStkxhkzqXJ+jZ89
u/FWK9cUilvyqtfQ9AiFwS90gA9gCPdsP6EjeXxztqih6aCVVvu1XaM5klFXxbK4
qpmBHO4YvBy6WpEMQGpU7cUcM2grUk+F4G6tuZXcAceoLnZsujbwNfIj0rDSwf6v
joROdkHji7/k89mxfqWYMvtHXY81VmwLMp2WxA0UkWAzFuXUl6GTEfErOZI0bpc3
GEsVKDnqCxn56thH/OSf/6OXZiMsFOgb350VWg/Q35yKwIybaN66OP+IjZwiLPo8
08DCSQZQq/8K0FHPeF5WxeFwZdz1s6F+cwKaFvHgCeVGSZJK
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:43 2025 by rpki-client