Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2562684d-020c-40d9-b3bb-3fcb4c638494.roa
File: 2562684d-020c-40d9-b3bb-3fcb4c638494.roa (raw, json)
Hash identifier: cv+P/9gAruwdjG4Qw4+H1HBEFCvlqof4szdmAWsr5Mw=
Subject key identifier: BE:CD:1E:BA:C1:57:86:2D:4D:1B:9A:5B:6E:A2:E9:60:87:83:94:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 58BC157393F7E38CE382F6C91C36EA4CF2EF5832
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2562684d-020c-40d9-b3bb-3fcb4c638494.roa
Signing time: Tue 19 Aug 2025 16:50:23 +0000
ROA not before: Tue 19 Aug 2025 16:50:23 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:bc:15:73:93:f7:e3:8c:e3:82:f6:c9:1c:36:ea:4c:f2:ef:58:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:23 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=15f213ba679c03222eb81a5977200829e9ad8f5a2442b3c16432f91d1252c3db, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a4:cd:90:92:a4:07:2f:bc:40:09:8d:83:50:
31:8a:24:39:b2:ee:e0:9d:12:33:88:bb:a1:75:4b:
5d:13:ad:35:5c:60:41:a6:e5:8a:e2:94:cc:89:7b:
74:2d:a4:ab:59:22:0a:68:43:7d:10:d7:0d:eb:35:
17:db:7e:d5:12:8e:95:37:6a:c7:88:cb:3e:aa:f4:
1c:ff:23:b6:b9:e8:3d:d6:c9:eb:c2:04:e8:01:fa:
7d:14:b3:62:2e:60:1d:89:0d:fb:1d:3d:83:cc:38:
cb:75:09:7a:a5:6a:ef:e5:63:05:1d:94:df:4d:23:
3e:2f:77:dc:6a:6a:28:0a:82:d4:df:26:19:0a:42:
6c:f2:3a:fe:4c:db:89:3c:e0:6b:2e:dc:cf:52:26:
83:27:56:28:39:d3:34:c1:2b:4c:78:1c:f8:41:93:
6d:aa:7f:97:84:d3:fc:41:b1:68:fd:9a:12:b3:80:
9e:18:b0:c6:01:eb:1b:78:cb:12:be:22:dc:1a:9e:
22:29:49:15:8a:36:ea:7b:99:85:46:1c:dd:6a:f7:
a1:5a:e7:f9:0f:f3:a2:0b:9a:9d:04:89:eb:c5:2b:
33:66:0a:60:0a:a3:55:17:1a:3d:42:8a:7d:96:33:
e8:05:f3:6d:44:cc:3a:48:0e:63:15:51:83:12:08:
25:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:CD:1E:BA:C1:57:86:2D:4D:1B:9A:5B:6E:A2:E9:60:87:83:94:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2562684d-020c-40d9-b3bb-3fcb4c638494.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:9000::/40
Signature Algorithm: sha256WithRSAEncryption
4e:5b:2f:1e:56:55:12:2a:68:35:fa:9f:34:09:53:9e:b2:1f:
37:d0:a1:f0:30:61:9d:9a:17:92:ab:ce:8d:70:b2:f7:b9:ae:
07:6b:df:02:99:14:f8:e9:84:71:d1:1a:f3:20:2e:ab:74:10:
5b:a0:17:a9:37:1e:a2:af:21:5b:a8:c4:5e:23:a5:94:a5:e3:
a5:58:4b:8b:77:9c:88:01:d4:33:b9:a9:26:2e:79:1c:d6:7c:
b4:a9:f5:4e:fb:d5:dc:f8:bb:df:ea:03:55:6c:01:72:ac:d1:
1a:f8:cc:86:71:4b:be:91:56:1d:73:85:ee:11:0b:89:fc:78:
c3:9d:56:c6:07:5a:de:54:c0:b3:ef:27:f8:47:39:09:91:58:
c9:da:61:38:db:a3:3e:67:21:90:83:14:b8:f5:6c:af:22:80:
90:17:2c:1a:45:37:48:7c:f9:64:b9:ce:3a:ee:45:b1:70:13:
98:ff:f2:12:a2:b0:ad:24:a4:a4:82:cf:21:99:c3:d3:32:99:
59:61:a7:8f:8d:6d:16:75:99:78:5c:bc:67:5b:f9:b0:c1:ff:
33:e5:41:89:8d:dd:1f:20:23:cc:6b:0d:2f:38:ee:0c:2f:e2:
c4:0b:49:55:8f:18:b0:3e:fa:3e:29:4c:e1:eb:a8:b0:a7:c9:
1e:14:69:ce
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWLwVc5P344zjgvbJHDbqTPLvWDIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwMjNaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1ZjIxM2JhNjc5YzAzMjIyZWI4MWE1OTc3MjAwODI5ZTlhZDhmNWEyNDQy
YjNjMTY0MzJmOTFkMTI1MmMzZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM6kzZCSpAcvvEAJjYNQMYokObLu4J0SM4i7oXVLXROtNVxgQabliuKUzIl7
dC2kq1kiCmhDfRDXDes1F9t+1RKOlTdqx4jLPqr0HP8jtrnoPdbJ68IE6AH6fRSz
Yi5gHYkN+x09g8w4y3UJeqVq7+VjBR2U300jPi933GpqKAqC1N8mGQpCbPI6/kzb
iTzgay7cz1ImgydWKDnTNMErTHgc+EGTbap/l4TT/EGxaP2aErOAnhiwxgHrG3jL
Er4i3BqeIilJFYo26nuZhUYc3Wr3oVrn+Q/zoguanQSJ68UrM2YKYAqjVRcaPUKK
fZYz6AXzbUTMOkgOYxVRgxIIJVECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS+zR66
wVeGLU0bmltuoulgh4OU3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjU2MjY4NGQtMDIwYy00MGQ5LWIzYmItM2ZjYjRjNjM4NDk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBOWy8eVlUSKmg1+p80CVOesh830KHwMGGdmheS
q86NcLL3ua4Ha98CmRT46YRx0RrzIC6rdBBboBepNx6iryFbqMReI6WUpeOlWEuL
d5yIAdQzuakmLnkc1ny0qfVO+9Xc+Lvf6gNVbAFyrNEa+MyGcUu+kVYdc4XuEQuJ
/HjDnVbGB1reVMCz7yf4RzkJkVjJ2mE426M+ZyGQgxS49WyvIoCQFywaRTdIfPlk
uc467kWxcBOY//ISorCtJKSkgs8hmcPTMplZYaePjW0WdZl4XLxnW/mwwf8z5UGJ
jd0fICPMaw0vOO4ML+LEC0lVjxiwPvo+KUzh66iwp8keFGnO
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:03:55 2025 by rpki-client