Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa
File: 19a2984e-942a-4280-ac0b-904c9860af2f.roa (raw, json)
Hash identifier: IXAtIzaL6FB0PTZM0kaoXyn5BMQnDBNRFmJsgzJbNUs=
Subject key identifier: B4:5E:42:A8:2B:6B:AE:73:0C:E2:AB:81:AB:74:ED:63:E1:8B:C0:77
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25101CBCADB7E4541FBAC9E1CC38209BFE5DB584
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa
Signing time: Tue 05 Aug 2025 19:01:33 +0000
ROA not before: Tue 05 Aug 2025 19:01:33 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:10:1c:bc:ad:b7:e4:54:1f:ba:c9:e1:cc:38:20:9b:fe:5d:b5:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:01:33 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=c265c0f2755d4042b4df68a51ecfd62d35943b94cff430cba9be568bb53384b0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d6:2e:58:e4:c8:d0:a5:01:d0:5f:49:55:c5:
66:62:b2:8f:56:6c:70:2b:a3:c3:fd:49:d5:9a:7e:
99:8f:50:98:58:89:f8:8a:92:fb:9e:c2:aa:8d:83:
6a:c2:d0:d3:1c:c6:fb:aa:b9:98:a7:c9:4b:55:c0:
05:3e:7d:f6:98:75:e0:c8:9a:ef:5c:ca:1a:aa:b5:
b4:a7:bb:f0:0e:43:3f:3f:a7:95:c2:ca:fd:06:ef:
8c:36:44:1d:cd:ed:b6:c0:55:33:80:21:aa:27:b6:
8b:4a:84:ff:12:f2:d8:65:08:e6:d3:23:ac:c0:f6:
7c:27:3c:b2:eb:ba:bb:72:12:c4:21:70:b5:86:8c:
f2:1b:ef:12:9d:de:33:d5:a8:8b:42:d6:af:12:85:
c9:cc:c7:91:2a:21:3c:2e:28:01:50:ec:1e:6a:94:
27:c5:e9:09:41:df:79:75:67:ab:88:69:07:63:2b:
d6:c2:74:83:88:12:bb:91:9b:de:a6:95:61:bd:60:
56:7c:29:75:fc:cf:20:be:86:39:3a:93:b0:4f:65:
bd:e0:21:61:44:c7:50:f6:3c:0b:27:ee:9b:9c:9a:
33:ce:98:13:15:49:66:88:9a:d3:70:13:59:39:37:
70:5f:d0:df:63:57:64:fc:a6:0a:84:80:eb:5d:03:
ea:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:5E:42:A8:2B:6B:AE:73:0C:E2:AB:81:AB:74:ED:63:E1:8B:C0:77
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8020::/48
Signature Algorithm: sha256WithRSAEncryption
1c:44:b1:ca:58:fa:7b:59:a0:b0:df:e5:a4:7e:71:bb:ba:83:
97:51:6e:b9:3a:1c:aa:7a:73:e5:8a:ae:e6:48:6c:41:f5:aa:
17:9d:6d:9b:de:e5:ff:56:cc:04:11:bb:10:8d:88:8f:e0:23:
c5:fa:02:08:09:f1:23:ee:96:72:40:1b:3f:dc:b6:54:c2:26:
72:c4:0e:f0:fb:70:21:a1:0b:0d:bd:95:9f:c3:9b:e8:c3:7c:
1d:13:ae:6c:79:4e:d8:99:e6:65:70:00:76:0f:1a:6a:25:c4:
1b:75:d4:53:0d:59:5f:5d:14:9b:81:c1:4f:17:c7:95:33:4a:
6c:f5:e7:d5:77:1d:38:9d:55:3d:10:8c:72:45:5f:95:b7:fe:
3a:93:34:cb:57:8b:db:61:0b:47:97:d3:76:a3:16:2d:91:a7:
d1:89:5a:33:0c:e4:8a:55:35:2a:a8:09:31:fa:a8:e9:6d:53:
44:ba:4b:ad:f0:d4:47:60:94:db:c8:0e:ea:c4:2a:2d:c1:3d:
59:cd:ab:75:1e:08:8f:6a:76:af:78:33:cb:d0:ca:0c:ee:50:
bc:64:c7:f0:87:33:43:3a:c3:fc:52:00:90:96:8e:8c:d5:5a:
1e:fa:e7:69:5b:55:80:68:cb:8f:e0:21:93:5e:07:da:64:38:
ee:00:5d:7e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJRAcvK235FQfusnhzDggm/5dtYQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAxMzNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyNjVjMGYyNzU1ZDQwNDJiNGRmNjhhNTFlY2ZkNjJkMzU5NDNiOTRjZmY0
MzBjYmE5YmU1NjhiYjUzMzg0YjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJrWLljkyNClAdBfSVXFZmKyj1ZscCujw/1J1Zp+mY9QmFiJ+IqS+57Cqo2D
asLQ0xzG+6q5mKfJS1XABT599ph14Mia71zKGqq1tKe78A5DPz+nlcLK/QbvjDZE
Hc3ttsBVM4Ahqie2i0qE/xLy2GUI5tMjrMD2fCc8suu6u3ISxCFwtYaM8hvvEp3e
M9Woi0LWrxKFyczHkSohPC4oAVDsHmqUJ8XpCUHfeXVnq4hpB2Mr1sJ0g4gSu5Gb
3qaVYb1gVnwpdfzPIL6GOTqTsE9lveAhYUTHUPY8Cyfum5yaM86YExVJZoia03AT
WTk3cF/Q32NXZPymCoSA610D6sUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS0XkKo
K2uucwziq4GrdO1j4YvAdzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTlhMjk4NGUtOTQyYS00MjgwLWFjMGItOTA0Yzk4NjBhZjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
IDANBgkqhkiG9w0BAQsFAAOCAQEAHESxylj6e1mgsN/lpH5xu7qDl1FuuTocqnpz
5Yqu5khsQfWqF51tm97l/1bMBBG7EI2Ij+AjxfoCCAnxI+6WckAbP9y2VMImcsQO
8PtwIaELDb2Vn8Ob6MN8HROubHlO2JnmZXAAdg8aaiXEG3XUUw1ZX10Um4HBTxfH
lTNKbPXn1XcdOJ1VPRCMckVflbf+OpM0y1eL22ELR5fTdqMWLZGn0YlaMwzkilU1
KqgJMfqo6W1TRLpLrfDUR2CU28gO6sQqLcE9Wc2rdR4Ij2p2r3gzy9DKDO5QvGTH
8IczQzrD/FIAkJaOjNVaHvrnaVtVgGjLj+Ahk14H2mQ47gBdfg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:17 2025 by rpki-client