Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
File: ea271f77-763d-42f8-a315-60081847d059.roa (raw, json)
Hash identifier: ligT3uv2V1ML87UwfdR1XYv6ksIrb+abt46rGf9rO3I=
Subject key identifier: 6E:11:38:81:D8:C0:1B:34:7C:09:58:1D:8A:D1:BB:60:B9:F3:98:4F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79438106F65CE8F430C9CB1A1C811B5804677327
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
Signing time: Mon 01 Sep 2025 19:40:42 +0000
ROA not before: Mon 01 Sep 2025 19:40:42 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:43:81:06:f6:5c:e8:f4:30:c9:cb:1a:1c:81:1b:58:04:67:73:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:40:42 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=67569da56f1ae2cbff07518ea6ae99be1e6d41bdb8bd6f698e1caf91d41937e3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:43:48:38:9c:40:10:14:2f:9d:11:12:15:dc:
53:68:e6:a4:9b:81:f2:92:3d:c6:b8:b1:cd:f9:9a:
07:a1:d5:96:00:60:13:d9:8b:d6:9c:ef:da:86:2c:
3d:c8:3c:9a:c1:ff:53:6c:69:08:6b:33:0b:9a:56:
30:dd:94:d7:1b:af:7f:63:b9:fb:90:b5:b4:9c:1b:
d4:f6:85:dc:9c:5c:08:52:e6:16:e6:b5:d1:f0:f8:
61:63:17:96:84:d9:62:bf:d2:0b:c8:c6:a3:7b:e5:
fd:d8:f3:2e:f2:3e:99:ef:21:c8:21:d1:85:5e:ef:
05:73:6b:72:a5:fb:b0:94:ee:d0:cc:39:84:e5:e8:
53:04:64:be:91:ba:a4:12:5b:7b:d8:ed:8b:27:00:
75:54:c4:2a:82:cf:12:79:d0:0f:a4:c4:c0:5f:a4:
50:71:e9:a7:7e:f8:03:5e:80:df:5c:06:b4:a9:35:
0c:45:99:2a:51:e0:62:c8:f7:b1:27:6a:65:4d:a3:
90:f7:12:ab:28:c7:11:5a:02:1c:ed:d2:28:e4:c8:
cb:57:b3:bb:39:d4:4e:8b:5e:51:c2:2d:6e:34:27:
85:ee:69:39:e1:dd:ab:f0:f9:a9:7d:e8:1a:cf:d4:
45:a1:fd:99:54:d6:1b:d3:c5:ec:35:02:73:bb:b8:
2f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:11:38:81:D8:C0:1B:34:7C:09:58:1D:8A:D1:BB:60:B9:F3:98:4F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ea271f77-763d-42f8-a315-60081847d059.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:e040::/48
Signature Algorithm: sha256WithRSAEncryption
a0:20:38:03:d0:81:03:bf:b7:da:aa:18:84:97:53:ab:c1:da:
13:fa:a3:7d:ae:0e:ac:dc:1c:9e:95:82:b2:c2:1c:03:cf:57:
fe:fa:50:4a:52:9a:7e:f0:72:be:a9:29:b5:af:54:86:d6:79:
96:08:20:dd:b8:c9:a3:21:05:f1:d2:4a:aa:cc:99:71:e3:ab:
e6:3e:c5:ef:d5:73:04:db:b1:c2:b3:6b:3e:57:22:6d:1b:ef:
e9:1d:fb:f1:62:bf:c2:0c:9c:31:f6:1e:1e:1c:15:28:60:a0:
13:df:f9:f7:e8:b2:e6:c5:00:16:e4:8a:d6:02:e5:ae:aa:5e:
9f:4e:70:71:a2:66:b2:77:9f:6e:b7:e3:62:c5:00:7f:40:a3:
b2:51:b2:96:b7:8a:50:ce:11:84:77:7c:29:90:9b:c4:1c:f1:
4b:f9:83:55:b6:ea:48:8f:87:11:57:48:de:a9:0e:4a:88:7d:
e7:d9:2b:4c:f5:28:c1:a4:fe:52:0a:c8:02:c3:70:52:4e:f7:
0a:1a:74:ce:4b:f6:f3:9a:1a:22:0f:ad:82:00:42:4b:69:42:
de:ce:2c:30:90:48:9a:bb:e9:90:f6:db:c3:a5:f1:7b:a6:2a:
64:2b:fd:8e:d0:de:55:77:71:c0:7a:9a:c7:ac:9a:8b:f7:e6:
12:90:19:bf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeUOBBvZc6PQwycsaHIEbWARncycwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTQwNDJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3NTY5ZGE1NmYxYWUyY2JmZjA3NTE4ZWE2YWU5OWJlMWU2ZDQxYmRiOGJk
NmY2OThlMWNhZjkxZDQxOTM3ZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL9DSDicQBAUL50REhXcU2jmpJuB8pI9xrixzfmaB6HVlgBgE9mL1pzv2oYs
Pcg8msH/U2xpCGszC5pWMN2U1xuvf2O5+5C1tJwb1PaF3JxcCFLmFua10fD4YWMX
loTZYr/SC8jGo3vl/djzLvI+me8hyCHRhV7vBXNrcqX7sJTu0Mw5hOXoUwRkvpG6
pBJbe9jtiycAdVTEKoLPEnnQD6TEwF+kUHHpp374A16A31wGtKk1DEWZKlHgYsj3
sSdqZU2jkPcSqyjHEVoCHO3SKOTIy1ezuznUToteUcItbjQnhe5pOeHdq/D5qX3o
Gs/URaH9mVTWG9PF7DUCc7u4L2cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRuETiB
2MAbNHwJWB2K0btgufOYTzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWEyNzFmNzctNzYzZC00MmY4LWEzMTUtNjAwODE4NDdkMDU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg
QDANBgkqhkiG9w0BAQsFAAOCAQEAoCA4A9CBA7+32qoYhJdTq8HaE/qjfa4OrNwc
npWCssIcA89X/vpQSlKafvByvqkpta9UhtZ5lggg3bjJoyEF8dJKqsyZceOr5j7F
79VzBNuxwrNrPlcibRvv6R378WK/wgycMfYeHhwVKGCgE9/59+iy5sUAFuSK1gLl
rqpen05wcaJmsnefbrfjYsUAf0CjslGylreKUM4RhHd8KZCbxBzxS/mDVbbqSI+H
EVdI3qkOSoh959krTPUowaT+UgrIAsNwUk73Chp0zkv285oaIg+tggBCS2lC3s4s
MJBImrvpkPbbw6Xxe6YqZCv9jtDeVXdxwHqax6yai/fmEpAZvw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:13:23 2025 by rpki-client