Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/325fa89c-1511-4efc-84ed-51af85c9ed14.roa
File: 325fa89c-1511-4efc-84ed-51af85c9ed14.roa (raw, json)
Hash identifier: K7Mt9sULFvUlpQDTbmIfCDYsVSEu+pdiY6ARiCRimQw=
Subject key identifier: A2:E0:1C:6F:F7:60:A8:BF:49:A9:25:4C:FD:B1:8B:58:55:3A:80:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04F32A8EFD14BE8C0C606156466172BA35D209D3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/325fa89c-1511-4efc-84ed-51af85c9ed14.roa
Signing time: Tue 19 Aug 2025 16:50:44 +0000
ROA not before: Tue 19 Aug 2025 16:50:44 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:f3:2a:8e:fd:14:be:8c:0c:60:61:56:46:61:72:ba:35:d2:09:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:44 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=7e0407f2ca500c22409827de6dccf8b69fc36b3bd06295ef51bf75623b39a393, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:38:f6:8a:89:8b:0c:c0:d2:e1:e9:91:4d:b2:
9c:5b:e5:29:9b:83:82:37:94:64:6a:b9:20:17:97:
c1:41:fa:17:8d:f2:11:4e:e0:76:25:e5:e3:57:2a:
23:84:af:63:5d:03:88:e2:2f:3e:2f:2a:d7:1a:eb:
dc:fc:e9:e6:aa:9f:f2:4d:f6:a4:85:93:b7:6d:44:
99:fa:50:d0:40:7d:a5:a2:b8:fc:90:31:d2:8f:93:
26:33:ca:a7:eb:0d:2b:6e:e2:55:1e:74:85:f7:b9:
76:3a:a3:47:1d:64:73:17:0f:b8:cf:b5:f6:31:95:
ed:15:0d:ad:72:67:16:54:ef:05:61:2c:60:90:a5:
96:80:b5:61:89:52:4f:62:20:26:9f:24:2f:76:04:
6c:bb:e1:65:34:af:cb:93:df:8a:45:1e:0d:b5:55:
df:1f:85:d2:8c:f9:cd:e1:b0:89:07:ec:59:7f:8b:
73:b2:31:8b:ad:4b:ba:21:af:0b:37:28:f0:f1:70:
d2:7c:ce:21:a6:8a:d2:9e:40:b2:b5:d7:fa:07:73:
eb:ed:19:56:13:72:d0:ca:dc:e3:ff:05:24:47:f2:
7e:0e:a5:80:7a:da:1b:21:39:61:13:f4:73:c6:e6:
20:ca:f5:08:bd:82:a2:2e:10:13:e2:f3:9c:5f:ef:
6d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:E0:1C:6F:F7:60:A8:BF:49:A9:25:4C:FD:B1:8B:58:55:3A:80:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/325fa89c-1511-4efc-84ed-51af85c9ed14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:1000::/40
Signature Algorithm: sha256WithRSAEncryption
79:5d:8e:0f:17:6c:70:de:8a:d8:66:a1:71:f4:d4:c8:17:b6:
e6:8e:50:51:90:0d:f9:35:3b:bf:8e:1e:4e:d1:9e:de:06:02:
31:bf:e0:67:98:26:3c:20:fa:e1:48:a5:67:b5:4a:ec:c4:b5:
c5:a9:2f:50:36:dd:66:f0:9c:29:a2:69:3e:9e:32:2f:cb:2e:
82:e4:ce:29:da:8f:ed:03:d0:73:fc:8b:fa:56:c9:bb:f8:dd:
e8:2f:33:cb:57:d0:1d:6e:ae:51:6a:f1:6e:67:af:8d:58:2d:
41:b1:51:57:d4:70:2c:f3:b3:58:b1:f7:d7:07:63:6e:d8:44:
b7:57:4a:8e:ba:13:65:b1:91:42:b2:d8:9f:e0:7d:6d:f7:0b:
ee:05:a3:d6:6f:96:5d:b4:f5:8e:f9:f1:fa:2a:06:7f:01:4c:
3e:86:ad:2e:85:ad:af:b4:24:ac:57:16:b8:69:81:f4:1e:f9:
3a:f9:7e:6d:0d:55:f6:74:9e:33:d3:d3:3f:71:bd:a6:fb:f6:
ea:97:be:60:fa:78:7e:e8:4a:8b:d2:d1:b5:33:9e:25:3b:67:
00:15:61:16:a7:76:84:53:2c:f9:5f:4f:4f:d4:ac:d4:31:81:
d4:eb:49:4f:f2:e9:34:12:34:6b:f7:9f:ef:19:78:db:e7:07:
dc:af:2c:13
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBPMqjv0UvowMYGFWRmFyujXSCdMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwNDRaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlMDQwN2YyY2E1MDBjMjI0MDk4MjdkZTZkY2NmOGI2OWZjMzZiM2JkMDYy
OTVlZjUxYmY3NTYyM2IzOWEzOTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI849oqJiwzA0uHpkU2ynFvlKZuDgjeUZGq5IBeXwUH6F43yEU7gdiXl41cq
I4SvY10DiOIvPi8q1xrr3Pzp5qqf8k32pIWTt21EmfpQ0EB9paK4/JAx0o+TJjPK
p+sNK27iVR50hfe5djqjRx1kcxcPuM+19jGV7RUNrXJnFlTvBWEsYJClloC1YYlS
T2IgJp8kL3YEbLvhZTSvy5PfikUeDbVV3x+F0oz5zeGwiQfsWX+Lc7Ixi61LuiGv
Czco8PFw0nzOIaaK0p5AsrXX+gdz6+0ZVhNy0Mrc4/8FJEfyfg6lgHraGyE5YRP0
c8bmIMr1CL2Coi4QE+LznF/vbRECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSi4Bxv
92Cov0mpJUz9sYtYVTqAXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzI1ZmE4OWMtMTUxMS00ZWZjLTg0ZWQtNTFhZjg1YzllZDE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB5XY4PF2xw3orYZqFx9NTIF7bmjlBRkA35NTu/
jh5O0Z7eBgIxv+BnmCY8IPrhSKVntUrsxLXFqS9QNt1m8Jwpomk+njIvyy6C5M4p
2o/tA9Bz/Iv6Vsm7+N3oLzPLV9Adbq5RavFuZ6+NWC1BsVFX1HAs87NYsffXB2Nu
2ES3V0qOuhNlsZFCstif4H1t9wvuBaPWb5ZdtPWO+fH6KgZ/AUw+hq0uha2vtCSs
Vxa4aYH0Hvk6+X5tDVX2dJ4z09M/cb2m+/bql75g+nh+6EqL0tG1M54lO2cAFWEW
p3aEUyz5X09P1KzUMYHU60lP8uk0EjRr95/vGXjb5wfcrywT
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:55:24 2025 by rpki-client