Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
File: 58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa (raw, json)
Hash identifier: OorG5O2dfFxo6SCKkY2mu07bHQJlpv1xSBdhkPpb51M=
Subject key identifier: 54:6A:1F:D6:87:F9:5C:12:14:3C:FF:06:26:51:1F:0D:A3:E7:32:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B770C7E033AC596B75DD77B146E3E3A74E86D75
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
Signing time: Tue 05 Aug 2025 19:30:15 +0000
ROA not before: Tue 05 Aug 2025 19:30:15 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:77:0c:7e:03:3a:c5:96:b7:5d:d7:7b:14:6e:3e:3a:74:e8:6d:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:30:15 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=890caf5e3f154aa9f89d67f41cf188f204a3dea725e1caa5b53c965c3db28e51, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:15:12:d5:e2:56:b9:8c:eb:ec:2e:b1:81:a1:
a2:8f:fc:dd:fd:37:16:cb:27:40:2b:8b:d9:00:aa:
64:8d:67:d1:6a:c9:ba:a5:84:25:02:0e:c2:f3:60:
3a:c3:6e:19:d0:a0:08:6e:f4:55:13:02:a1:f2:39:
38:0e:1f:37:40:5b:61:ba:72:f8:90:5c:74:a5:6e:
78:13:7c:78:8a:10:72:9a:31:13:4b:71:60:0f:9b:
6d:29:38:c0:30:d8:92:4a:c6:90:2b:81:86:0f:5b:
6f:21:d6:a7:5b:a5:06:85:83:4b:46:0a:eb:b6:f9:
10:6c:19:16:4a:83:ca:2b:54:96:d2:f3:d8:5a:6b:
08:53:47:a7:73:4a:56:19:9a:25:1c:ec:6b:ce:9a:
9d:e4:7c:2b:35:8a:1a:27:39:fe:d9:38:f3:b3:55:
4d:eb:4f:51:bb:a8:d5:2f:e6:ff:7e:fa:d4:79:95:
a4:8b:da:c3:2c:33:41:9e:98:94:e3:2a:92:4a:30:
73:ae:1d:99:66:39:e4:6c:bc:ab:de:f8:40:62:2e:
e5:f8:d1:30:7e:6c:ba:82:58:05:04:09:d8:7e:e9:
9c:b1:33:e2:b4:c0:95:82:89:48:26:3e:1b:99:52:
cf:97:76:92:79:d0:8b:e0:2a:e8:03:3a:67:5b:80:
38:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:6A:1F:D6:87:F9:5C:12:14:3C:FF:06:26:51:1F:0D:A3:E7:32:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2040::/48
Signature Algorithm: sha256WithRSAEncryption
08:6f:51:ce:67:2a:39:35:a3:46:40:71:74:29:2a:00:bb:7d:
62:34:64:29:1c:66:87:e8:93:c2:4c:05:3f:85:e2:79:d2:62:
b6:bc:26:88:5e:7f:a6:af:b6:60:04:81:4b:01:4f:44:dc:81:
f9:7f:e2:59:74:fe:f8:20:51:5c:41:1a:a7:e5:cf:bb:44:1a:
40:2b:51:78:e2:07:59:65:66:be:1e:de:93:88:35:22:83:5f:
84:b5:3e:51:93:fc:3b:76:82:8c:22:19:57:34:c3:9b:0b:da:
ee:e3:d0:ef:d5:f1:03:5b:09:4c:74:de:89:93:b3:0c:56:9b:
27:e1:d7:4a:36:c2:ed:8d:07:dd:8c:1d:52:43:d7:e7:00:b2:
e3:74:0e:ec:28:40:35:63:0d:e6:21:4c:6a:03:d9:8d:5b:48:
42:4e:b7:bf:9e:f5:ea:47:5b:7a:32:e5:c8:42:ec:2a:64:ee:
5b:a5:a9:fe:dc:f5:a6:40:1f:52:11:3b:ea:69:fe:f2:14:85:
14:04:f1:b7:de:45:6d:82:87:58:c5:68:a1:1b:a6:81:06:ea:
43:26:ae:9f:52:fd:0d:33:4f:64:39:fd:b6:86:6f:b0:9d:4f:
51:ea:df:35:6b:09:3b:cb:a9:8a:6e:b5:3b:1c:60:5e:09:33:
82:ee:f2:06
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUS3cMfgM6xZa3Xdd7FG4+OnTobXUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMwMTVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5MGNhZjVlM2YxNTRhYTlmODlkNjdmNDFjZjE4OGYyMDRhM2RlYTcyNWUx
Y2FhNWI1M2M5NjVjM2RiMjhlNTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMVEtXiVrmM6+wusYGhoo/83f03FssnQCuL2QCqZI1n0WrJuqWEJQIOwvNg
OsNuGdCgCG70VRMCofI5OA4fN0BbYbpy+JBcdKVueBN8eIoQcpoxE0txYA+bbSk4
wDDYkkrGkCuBhg9bbyHWp1ulBoWDS0YK67b5EGwZFkqDyitUltLz2FprCFNHp3NK
VhmaJRzsa86aneR8KzWKGic5/tk487NVTetPUbuo1S/m/3761HmVpIvawywzQZ6Y
lOMqkkowc64dmWY55Gy8q974QGIu5fjRMH5suoJYBQQJ2H7pnLEz4rTAlYKJSCY+
G5lSz5d2knnQi+Aq6AM6Z1uAODMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRUah/W
h/lcEhQ8/wYmUR8No+cy0DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTg1NTdhODktYjQzMS00OWMzLWJjMGUtZDQ5ZTJkNGM3OWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg
QDANBgkqhkiG9w0BAQsFAAOCAQEACG9RzmcqOTWjRkBxdCkqALt9YjRkKRxmh+iT
wkwFP4XiedJitrwmiF5/pq+2YASBSwFPRNyB+X/iWXT++CBRXEEap+XPu0QaQCtR
eOIHWWVmvh7ek4g1IoNfhLU+UZP8O3aCjCIZVzTDmwva7uPQ79XxA1sJTHTeiZOz
DFabJ+HXSjbC7Y0H3YwdUkPX5wCy43QO7ChANWMN5iFMagPZjVtIQk63v5716kdb
ejLlyELsKmTuW6Wp/tz1pkAfUhE76mn+8hSFFATxt95FbYKHWMVooRumgQbqQyau
n1L9DTNPZDn9toZvsJ1PUerfNWsJO8upim61OxxgXgkzgu7yBg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:54:08 2025 by rpki-client