Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c99b00e-290a-4618-8076-435475c3020f.roa
File: 8c99b00e-290a-4618-8076-435475c3020f.roa (raw, json)
Hash identifier: dl1l0BcbW77DFdwFcG6//U/PRcX2Nido2UzpyQ/KseQ=
Subject key identifier: 3B:E3:48:06:30:B4:64:7E:F6:AD:E5:2A:99:67:B6:03:53:B3:1B:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68D028408B0BB662F53D52ABD6ED33CAF668C102
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c99b00e-290a-4618-8076-435475c3020f.roa
Signing time: Tue 05 Aug 2025 19:21:09 +0000
ROA not before: Tue 05 Aug 2025 19:21:09 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:d0:28:40:8b:0b:b6:62:f5:3d:52:ab:d6:ed:33:ca:f6:68:c1:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:21:09 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=157654e4ecbfe896857f1c00ed51a5f5355ec170d73179e0d2df9e99039c884a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5f:bd:23:f6:e9:21:74:23:99:14:3b:1d:12:
d9:0f:7b:10:05:bd:02:1f:24:68:86:6a:1e:35:31:
d3:08:25:83:e2:bc:62:69:ad:8d:91:c9:3a:fa:41:
4c:f5:fd:38:55:0c:a6:a8:83:ff:36:14:66:7a:f1:
93:f8:51:19:12:c1:7f:e9:b9:f9:8b:ae:8b:4f:c0:
3c:72:17:d7:56:61:46:14:59:8b:60:81:da:23:61:
15:87:b4:c1:ce:d7:19:2b:70:85:e1:fa:39:8e:d0:
6a:5a:fd:70:d3:5d:5b:f6:11:3e:a6:62:2e:42:f0:
79:34:b9:84:f3:23:d9:c4:a2:f2:aa:23:0d:c1:1f:
d8:c4:10:71:4e:4b:a4:70:f5:e2:c2:db:59:9a:b5:
4c:5c:ba:58:1b:d1:a4:f6:04:d6:0d:c6:1d:48:5a:
56:5a:d1:eb:1d:4c:9b:1d:12:f9:ee:28:7f:49:fd:
96:1d:c3:cc:08:4f:bc:6e:f8:7d:ba:1c:9e:9e:5d:
9c:d4:b7:08:1d:c2:ad:bb:8d:72:bc:c7:52:1f:fd:
5e:2c:91:aa:a1:0e:f2:d0:4e:ae:0d:4d:98:47:f9:
ac:a2:51:02:2a:59:1f:2d:35:54:c5:a2:c4:78:12:
3e:f1:a7:e1:49:ea:21:f3:64:2d:8a:25:e6:7f:65:
92:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E3:48:06:30:B4:64:7E:F6:AD:E5:2A:99:67:B6:03:53:B3:1B:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c99b00e-290a-4618-8076-435475c3020f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c080::/48
Signature Algorithm: sha256WithRSAEncryption
58:d7:86:d4:fa:c3:83:b7:58:69:ba:bd:4c:69:bf:a1:59:0e:
ee:ba:35:49:a9:9f:bf:fd:f1:18:5d:e7:9e:12:fe:3e:cf:6a:
bd:45:48:18:b6:95:57:6d:de:36:ef:fd:4b:92:65:10:a1:9a:
d9:0d:ef:59:6f:9b:4a:25:b1:dd:82:8d:58:fe:15:16:0c:63:
34:6c:91:79:29:93:f1:b4:3f:e9:b8:89:3b:b3:5c:26:12:94:
0d:1c:59:e7:8f:0f:dd:ce:6d:84:7e:9f:71:7f:e6:24:c9:18:
a9:ee:c5:2f:f7:01:96:a7:88:9f:39:3c:0b:69:30:8d:1b:a1:
39:6c:eb:4c:10:3e:58:41:d7:b6:0c:25:9d:a4:ac:7c:85:78:
60:97:68:8f:fd:b1:a2:f5:99:dd:ca:aa:69:d4:25:bb:8b:af:
5b:3e:a7:bc:98:03:87:19:2c:3e:04:e3:32:ea:db:20:74:e2:
0c:1d:6a:ba:be:ff:03:99:a9:6a:01:f7:ed:11:61:e9:86:1f:
7c:58:5a:af:93:c8:a6:52:bc:f6:e0:d5:59:02:61:1b:91:c4:
0c:ef:06:42:73:83:55:98:02:2a:29:f1:f1:f7:75:dd:84:52:
60:de:79:18:75:69:a1:5b:0d:55:3f:d9:d4:11:5d:d7:9d:8b:
67:98:6c:a5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaNAoQIsLtmL1PVKr1u0zyvZowQIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIxMDlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1NzY1NGU0ZWNiZmU4OTY4NTdmMWMwMGVkNTFhNWY1MzU1ZWMxNzBkNzMx
NzllMGQyZGY5ZTk5MDM5Yzg4NGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdfvSP26SF0I5kUOx0S2Q97EAW9Ah8kaIZqHjUx0wglg+K8YmmtjZHJOvpB
TPX9OFUMpqiD/zYUZnrxk/hRGRLBf+m5+Yuui0/APHIX11ZhRhRZi2CB2iNhFYe0
wc7XGStwheH6OY7Qalr9cNNdW/YRPqZiLkLweTS5hPMj2cSi8qojDcEf2MQQcU5L
pHD14sLbWZq1TFy6WBvRpPYE1g3GHUhaVlrR6x1Mmx0S+e4of0n9lh3DzAhPvG74
fbocnp5dnNS3CB3CrbuNcrzHUh/9XiyRqqEO8tBOrg1NmEf5rKJRAipZHy01VMWi
xHgSPvGn4UnqIfNkLYol5n9lktECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ740gG
MLRkfvat5SqZZ7YDU7MbzTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGM5OWIwMGUtMjkwYS00NjE4LTgwNzYtNDM1NDc1YzMwMjBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADA
gDANBgkqhkiG9w0BAQsFAAOCAQEAWNeG1PrDg7dYabq9TGm/oVkO7ro1Samfv/3x
GF3nnhL+Ps9qvUVIGLaVV23eNu/9S5JlEKGa2Q3vWW+bSiWx3YKNWP4VFgxjNGyR
eSmT8bQ/6biJO7NcJhKUDRxZ548P3c5thH6fcX/mJMkYqe7FL/cBlqeInzk8C2kw
jRuhOWzrTBA+WEHXtgwlnaSsfIV4YJdoj/2xovWZ3cqqadQlu4uvWz6nvJgDhxks
PgTjMurbIHTiDB1qur7/A5mpagH37RFh6YYffFhar5PIplK89uDVWQJhG5HEDO8G
QnODVZgCKinx8fd13YRSYN55GHVpoVsNVT/Z1BFd152LZ5hspQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:06:33 2025 by rpki-client