Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
File: 182e091e-259f-44bd-bb67-c5e36fa6958b.roa (raw, json)
Hash identifier: bdDFXkVagZ++IRDNscnATNMaj5G693DNYD+SExGy46c=
Subject key identifier: A2:01:CE:43:3B:5D:CF:F5:F9:78:73:F6:F6:50:D0:5A:AE:EC:AE:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E8E443FAFD00D299C1B7FB493C8811C1C95233B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
Signing time: Tue 05 Aug 2025 20:10:20 +0000
ROA not before: Tue 05 Aug 2025 20:10:20 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01c:400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:8e:44:3f:af:d0:0d:29:9c:1b:7f:b4:93:c8:81:1c:1c:95:23:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:10:20 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=714338a52af3e38beb301f5fa62458c3fbfd161ccd8d5570804021eebf7d4709, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:34:1e:b4:98:d0:ca:26:9d:88:9b:15:8c:5b:
6b:a5:ae:69:fe:f4:3c:85:b7:65:0d:ba:40:e5:af:
70:ef:64:53:ef:1b:c5:d6:31:22:ff:6e:b0:d1:fa:
be:00:f2:3c:b8:69:96:02:51:91:30:d1:ef:2c:0e:
e2:5a:90:17:7f:dd:c7:80:4c:6d:70:6e:c5:45:b0:
3e:f6:fa:21:bf:f6:7b:b3:c8:e3:c5:d1:ed:4a:3b:
48:d1:0b:ff:90:7a:5c:5c:82:20:bf:2c:1c:38:b5:
f7:87:a6:a8:51:0d:41:4c:a8:1d:77:fd:54:32:d9:
4e:75:26:a6:ce:86:5b:59:07:71:c1:15:f4:d6:64:
1b:4c:39:0e:88:5d:ff:f2:50:d2:b9:da:d9:5f:b2:
87:dd:b7:b4:c2:3f:e8:01:58:51:60:ea:cf:c0:38:
9c:36:2f:42:a7:9e:39:17:61:92:c1:4b:81:34:15:
d8:24:1f:dd:8a:73:bf:31:e6:79:f6:30:78:65:f4:
28:cd:50:9b:7d:98:b2:40:41:cc:cc:92:ce:aa:54:
11:ff:26:46:69:0c:1a:42:29:31:c7:b7:4f:72:47:
a7:7f:7e:ee:19:e3:76:ac:37:b1:08:87:d2:ff:10:
61:3e:c2:c6:04:09:60:05:45:f8:c1:81:11:f1:b5:
9a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:01:CE:43:3B:5D:CF:F5:F9:78:73:F6:F6:50:D0:5A:AE:EC:AE:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/182e091e-259f-44bd-bb67-c5e36fa6958b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01c:400::/38
Signature Algorithm: sha256WithRSAEncryption
7d:30:b3:19:48:4a:53:89:14:65:ed:a1:be:0c:81:3b:9d:a3:
de:ae:f0:ee:fa:20:c0:03:ae:74:04:00:58:32:bf:7f:fb:c7:
ac:76:c2:4e:6f:c7:e1:0a:95:9c:95:09:5e:da:90:dd:2e:5b:
df:4a:d9:50:5e:34:ae:4c:aa:51:85:18:8a:0c:35:9d:1f:c6:
4b:cb:fd:4d:97:65:08:17:a9:22:0c:4d:92:29:74:d3:83:ef:
26:c1:74:42:03:85:87:60:05:3a:1e:9e:9f:60:b5:97:03:a4:
1a:e3:42:b8:c3:9d:ef:62:8a:27:40:c2:ba:c1:30:6e:27:5a:
f2:67:7d:f7:e9:3f:69:03:eb:5f:91:c7:a9:63:85:95:0b:24:
e5:03:3c:a5:90:91:5f:71:47:a0:c2:4f:5c:63:d6:b7:98:80:
d6:e3:a0:c8:e8:2d:62:4f:8f:33:d9:77:cd:64:be:8d:70:92:
2a:08:ae:2e:af:e6:12:72:ee:fe:b5:c2:59:41:3d:75:bc:78:
65:02:c3:e4:47:61:97:da:a4:92:bb:27:4a:dd:9e:d6:d9:5d:
85:46:da:1d:b5:33:dc:e4:be:5c:fc:9c:6a:c6:8f:ac:66:15:
c0:09:15:ba:5c:00:05:23:35:63:c3:ab:84:e6:de:43:a7:a5:
5f:7b:5e:10
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfo5EP6/QDSmcG3+0k8iBHByVIzswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDEwMjBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxNDMzOGE1MmFmM2UzOGJlYjMwMWY1ZmE2MjQ1OGMzZmJmZDE2MWNjZDhk
NTU3MDgwNDAyMWVlYmY3ZDQ3MDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMY0HrSY0MomnYibFYxba6Wuaf70PIW3ZQ26QOWvcO9kU+8bxdYxIv9usNH6
vgDyPLhplgJRkTDR7ywO4lqQF3/dx4BMbXBuxUWwPvb6Ib/2e7PI48XR7Uo7SNEL
/5B6XFyCIL8sHDi194emqFENQUyoHXf9VDLZTnUmps6GW1kHccEV9NZkG0w5Dohd
//JQ0rna2V+yh923tMI/6AFYUWDqz8A4nDYvQqeeORdhksFLgTQV2CQf3YpzvzHm
efYweGX0KM1Qm32YskBBzMySzqpUEf8mRmkMGkIpMce3T3JHp39+7hnjdqw3sQiH
0v8QYT7CxgQJYAVF+MGBEfG1mmsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSiAc5D
O13P9fl4c/b2UNBaruyurjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTgyZTA5MWUtMjU5Zi00NGJkLWJiNjctYzVlMzZmYTY5NThiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwE
MA0GCSqGSIb3DQEBCwUAA4IBAQB9MLMZSEpTiRRl7aG+DIE7naPervDu+iDAA650
BABYMr9/+8esdsJOb8fhCpWclQle2pDdLlvfStlQXjSuTKpRhRiKDDWdH8ZLy/1N
l2UIF6kiDE2SKXTTg+8mwXRCA4WHYAU6Hp6fYLWXA6Qa40K4w53vYoonQMK6wTBu
J1ryZ3336T9pA+tfkcepY4WVCyTlAzylkJFfcUegwk9cY9a3mIDW46DI6C1iT48z
2XfNZL6NcJIqCK4ur+YScu7+tcJZQT11vHhlAsPkR2GX2qSSuydK3Z7W2V2FRtod
tTPc5L5c/Jxqxo+sZhXACRW6XAAFIzVjw6uE5t5Dp6Vfe14Q
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:42 2025 by rpki-client