Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
File: f7a46ea9-b416-4218-a790-28cf84d702ce.roa (raw, json)
Hash identifier: 54xBHEgaNIvgUPbBhrXgn8Hn3A8l1ERU38JsPR4plLs=
Subject key identifier: A3:67:C2:26:48:EA:D1:21:EE:FE:AA:04:3B:11:DF:AF:3A:FD:9A:4A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 494CF0FD66962A8ECD178E38034EE9D24797BE7A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
Signing time: Mon 01 Sep 2025 21:21:02 +0000
ROA not before: Mon 01 Sep 2025 21:21:02 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d026::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:4c:f0:fd:66:96:2a:8e:cd:17:8e:38:03:4e:e9:d2:47:97:be:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:21:02 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=c512644584f6f0ca9912d0da9c9e135d499e3601dceaf1b1393eeee48ef947cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:fe:24:b5:a8:93:d3:e1:f6:f6:2a:02:6b:b4:
ab:cf:d5:5d:26:c8:10:5f:e6:74:bd:38:f9:83:85:
3f:ce:38:ab:2d:e0:5e:a6:1c:53:7b:b6:29:de:cf:
4d:85:82:fa:5d:70:b2:71:b0:2a:c3:d6:b9:1d:21:
32:3e:fe:23:2f:8c:0e:2a:3c:19:da:75:0e:cd:c5:
25:c3:92:1c:26:d1:f5:51:3a:22:26:dd:46:70:c7:
1c:ba:87:80:ac:94:23:df:1a:e5:d8:7a:88:dc:3e:
d9:42:ff:11:df:0b:f8:65:88:51:00:19:fb:c3:37:
5f:ad:cd:c2:40:2f:ff:1e:1f:6b:2f:f4:be:26:4b:
d1:c1:53:c4:66:d0:23:f0:49:b9:f9:e3:bc:f9:11:
77:70:23:92:e1:89:7e:c9:37:55:b4:0b:97:ff:33:
62:0d:b8:b4:4c:ab:80:11:14:c3:91:c2:b1:03:b4:
f8:07:45:2b:4f:0c:52:c3:1a:36:98:9b:34:e8:c7:
33:ca:e3:3a:80:5a:9d:fa:86:86:23:10:30:2d:6d:
cf:04:92:ae:1e:55:e2:36:97:cf:39:7d:05:c1:18:
95:bb:4a:2a:31:ce:f5:13:fe:b4:0b:9d:8e:99:9f:
35:0b:25:58:69:6d:4f:81:1d:8a:e5:53:08:ef:2c:
aa:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:67:C2:26:48:EA:D1:21:EE:FE:AA:04:3B:11:DF:AF:3A:FD:9A:4A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7a46ea9-b416-4218-a790-28cf84d702ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d026::/36
Signature Algorithm: sha256WithRSAEncryption
1f:b9:75:56:53:f0:05:9b:24:2c:60:5d:51:12:d6:89:52:d9:
a7:e3:a1:d0:ca:f6:ac:c3:9c:be:fa:4f:d6:c2:c3:99:b4:51:
7d:a0:ac:1f:99:44:cb:20:ce:6f:7e:9c:f0:b4:f7:15:e3:04:
5a:cf:c6:c1:35:10:59:16:4e:13:72:2a:8b:d5:27:e8:43:f9:
1f:76:b9:71:38:7d:33:69:55:4a:a7:48:a7:96:b1:66:66:ee:
a2:12:0b:b2:55:21:df:69:d5:8f:ad:13:a6:25:f8:d4:eb:1a:
4a:1e:c8:4b:2b:0f:6f:08:91:b1:b6:68:d0:fe:58:e4:b9:ff:
42:af:20:22:cb:34:8b:cd:8a:b5:0f:45:23:dc:26:7c:64:ba:
a5:d5:51:f3:57:d4:5b:8e:bd:82:c9:ec:b1:97:74:5c:24:9b:
6d:c1:7f:a9:17:1b:33:2a:55:26:f9:04:6b:84:67:d5:2d:fb:
51:2c:ec:52:c1:1e:6b:f1:29:05:7e:2d:d7:96:d1:04:c7:d3:
cd:89:01:74:13:bc:52:ad:bf:e0:29:bb:9e:26:f3:42:53:d1:
e1:f5:c4:ac:6a:c0:f9:39:8b:bd:f3:ea:6c:d4:15:20:10:15:
77:49:36:3c:37:d9:88:4e:39:8b:03:be:8a:af:3e:a7:b7:8b:
2a:95:fd:c5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSUzw/WaWKo7NF444A07p0keXvnowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIxMDJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1MTI2NDQ1ODRmNmYwY2E5OTEyZDBkYTljOWUxMzVkNDk5ZTM2MDFkY2Vh
ZjFiMTM5M2VlZWU0OGVmOTQ3Y2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN7+JLWok9Ph9vYqAmu0q8/VXSbIEF/mdL04+YOFP844qy3gXqYcU3u2Kd7P
TYWC+l1wsnGwKsPWuR0hMj7+Iy+MDio8Gdp1Ds3FJcOSHCbR9VE6IibdRnDHHLqH
gKyUI98a5dh6iNw+2UL/Ed8L+GWIUQAZ+8M3X63NwkAv/x4fay/0viZL0cFTxGbQ
I/BJufnjvPkRd3AjkuGJfsk3VbQLl/8zYg24tEyrgBEUw5HCsQO0+AdFK08MUsMa
NpibNOjHM8rjOoBanfqGhiMQMC1tzwSSrh5V4jaXzzl9BcEYlbtKKjHO9RP+tAud
jpmfNQslWGltT4EdiuVTCO8sqrMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSjZ8Im
SOrRIe7+qgQ7Ed+vOv2aSjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdhNDZlYTktYjQxNi00MjE4LWE3OTAtMjhjZjg0ZDcwMmNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CYA
MA0GCSqGSIb3DQEBCwUAA4IBAQAfuXVWU/AFmyQsYF1REtaJUtmn46HQyvasw5y+
+k/WwsOZtFF9oKwfmUTLIM5vfpzwtPcV4wRaz8bBNRBZFk4TciqL1SfoQ/kfdrlx
OH0zaVVKp0inlrFmZu6iEguyVSHfadWPrROmJfjU6xpKHshLKw9vCJGxtmjQ/ljk
uf9CryAiyzSLzYq1D0Uj3CZ8ZLql1VHzV9Rbjr2Cyeyxl3RcJJttwX+pFxszKlUm
+QRrhGfVLftRLOxSwR5r8SkFfi3XltEEx9PNiQF0E7xSrb/gKbueJvNCU9Hh9cSs
asD5OYu98+ps1BUgEBV3STY8N9mITjmLA76Krz6nt4sqlf3F
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:17:05 2025 by rpki-client