Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
File: e84166dd-4497-414d-9864-983017c7c326.roa (raw, json)
Hash identifier: PcxamJ6ntsKx4tmV58SRU2shPnMIXRrU+OSlcqw9xf8=
Subject key identifier: 84:4B:A6:73:21:81:2A:0B:EF:7E:03:C7:87:FF:3B:8E:97:91:A3:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 775E94212B17DCE58B700277622BD07D284E47C1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
Signing time: Mon 01 Sep 2025 20:51:04 +0000
ROA not before: Mon 01 Sep 2025 20:51:04 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:5e:94:21:2b:17:dc:e5:8b:70:02:77:62:2b:d0:7d:28:4e:47:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:51:04 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=e18ba3f6e1563fa14611a75ec042fe865354917fd78f7bfe37239cfd64355263, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:55:58:15:78:13:a4:79:6f:61:29:0a:2d:34:
3b:1b:28:e6:15:6e:9c:1a:c5:c2:7a:bb:93:74:27:
94:44:7e:6a:bd:f1:e4:fd:8a:2b:c1:12:3d:74:85:
5f:64:2f:14:e5:28:f4:dd:5f:7c:a4:b8:f8:3b:d6:
77:4b:40:84:00:15:98:fc:24:e8:22:0f:fc:eb:5a:
08:a1:af:fa:74:7c:96:24:26:87:ad:00:10:83:5a:
b3:75:0e:c4:b4:f8:50:8f:88:20:eb:91:63:89:82:
ed:49:b2:a6:0d:63:4f:d4:ed:96:ab:08:e2:aa:3e:
2c:7b:b5:f1:37:62:51:58:e6:ca:07:af:33:61:9f:
c5:91:b9:7a:fd:96:60:e8:cb:d1:52:8e:e9:02:cc:
89:a3:66:b3:87:15:44:4f:d4:93:65:7c:da:4d:0b:
fc:14:49:14:b2:77:96:19:0a:d5:a4:d1:bb:2f:fc:
5d:94:40:c3:b1:a4:74:22:6d:95:37:42:ba:15:1a:
32:85:12:f8:bd:80:ff:17:74:cc:b8:6c:a7:80:39:
f1:3a:2c:72:3d:43:42:0b:9c:a6:50:15:d9:06:b3:
54:ea:8d:e2:87:d4:df:dc:20:79:b6:0c:b3:64:56:
c2:ea:16:dd:8b:98:79:89:9a:2d:18:c6:1f:5c:3b:
3c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:4B:A6:73:21:81:2A:0B:EF:7E:03:C7:87:FF:3B:8E:97:91:A3:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e84166dd-4497-414d-9864-983017c7c326.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:5000::/40
Signature Algorithm: sha256WithRSAEncryption
4c:73:4a:1c:59:5e:97:e4:2d:2a:08:4b:b9:85:85:40:74:c8:
c2:ad:bb:69:eb:50:43:31:44:7d:83:d3:57:7a:69:31:c1:4e:
57:4d:59:99:ee:8e:da:10:a5:63:2e:02:c7:f8:b9:bd:a0:33:
94:9a:74:75:55:2f:8e:13:d5:dd:2d:25:3c:55:9f:c1:9d:1d:
18:f5:04:e1:b6:fa:4a:d0:5a:51:94:83:22:67:50:0c:21:10:
0c:ee:c0:e5:8b:2b:72:11:d4:e6:dc:8d:5f:29:3a:f3:43:5a:
a9:3c:c6:a5:83:33:ae:6c:3d:64:52:e2:74:0c:af:d9:bd:f1:
20:1e:d9:86:88:d2:63:6a:2f:a3:28:44:95:48:8f:ca:3b:40:
a7:5d:30:f4:99:3d:0d:d5:96:59:ae:d0:6c:d1:af:f6:b1:57:
26:b3:b4:b6:1c:80:dd:ee:68:88:47:dc:d0:f8:df:f2:7f:1a:
fc:6a:63:5f:b4:54:29:8b:a7:a1:a9:3b:47:15:93:93:37:95:
45:0f:80:ed:76:b2:c0:57:be:e3:2c:34:1d:6a:10:1e:43:36:
0d:f1:fd:59:f0:eb:84:d6:ae:ea:68:b3:e7:29:41:e8:bd:cd:
02:8d:92:3c:10:f7:e7:68:17:5a:54:cf:bd:b5:46:a7:42:4d:
99:0b:16:ef
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd16UISsX3OWLcAJ3YivQfShOR8EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDUxMDRaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxOGJhM2Y2ZTE1NjNmYTE0NjExYTc1ZWMwNDJmZTg2NTM1NDkxN2ZkNzhm
N2JmZTM3MjM5Y2ZkNjQzNTUyNjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANxVWBV4E6R5b2EpCi00Oxso5hVunBrFwnq7k3QnlER+ar3x5P2KK8ESPXSF
X2QvFOUo9N1ffKS4+DvWd0tAhAAVmPwk6CIP/OtaCKGv+nR8liQmh60AEINas3UO
xLT4UI+IIOuRY4mC7Umypg1jT9TtlqsI4qo+LHu18TdiUVjmygevM2GfxZG5ev2W
YOjL0VKO6QLMiaNms4cVRE/Uk2V82k0L/BRJFLJ3lhkK1aTRuy/8XZRAw7GkdCJt
lTdCuhUaMoUS+L2A/xd0zLhsp4A58Toscj1DQgucplAV2QazVOqN4ofU39wgebYM
s2RWwuoW3YuYeYmaLRjGH1w7PDkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSES6Zz
IYEqC+9+A8eH/zuOl5GjvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTg0MTY2ZGQtNDQ5Ny00MTRkLTk4NjQtOTgzMDE3YzdjMzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBMc0ocWV6X5C0qCEu5hYVAdMjCrbtp61BDMUR9
g9NXemkxwU5XTVmZ7o7aEKVjLgLH+Lm9oDOUmnR1VS+OE9XdLSU8VZ/BnR0Y9QTh
tvpK0FpRlIMiZ1AMIRAM7sDliytyEdTm3I1fKTrzQ1qpPMalgzOubD1kUuJ0DK/Z
vfEgHtmGiNJjai+jKESVSI/KO0CnXTD0mT0N1ZZZrtBs0a/2sVcms7S2HIDd7miI
R9zQ+N/yfxr8amNftFQpi6ehqTtHFZOTN5VFD4DtdrLAV77jLDQdahAeQzYN8f1Z
8OuE1q7qaLPnKUHovc0CjZI8EPfnaBdaVM+9tUanQk2ZCxbv
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:10:25 2025 by rpki-client