Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
File: 8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa (raw, json)
Hash identifier: dXZfvvRHnKC6a/ugSkOjxgQoZgNG6vGG+corI86T3Yg=
Subject key identifier: D5:27:51:BE:45:FB:12:52:39:5C:12:E4:A8:BC:8B:43:1C:D5:60:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 57A7F443CE766898034D43B2AE080046B34AC34F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
Signing time: Tue 05 Aug 2025 20:00:23 +0000
ROA not before: Tue 05 Aug 2025 20:00:23 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:a7:f4:43:ce:76:68:98:03:4d:43:b2:ae:08:00:46:b3:4a:c3:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:00:23 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=15454bd34809df6e530bacae5f87b575d4d08a7f234865d8aeb63a46e5954b6d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:63:9c:b4:9d:d2:22:a2:62:ff:27:14:4b:a9:
5e:7a:cf:17:a2:b4:9c:3e:98:89:46:c8:02:4d:63:
de:dc:6d:77:bf:61:69:8f:ed:3e:84:7a:95:f0:9a:
05:33:d0:bb:5c:86:58:11:fa:e6:cc:ff:e7:ca:1c:
d5:d4:50:5f:56:0d:2f:04:52:0f:81:59:c6:bd:c9:
36:40:c2:d2:4b:05:ed:60:01:7c:81:b0:b6:1c:1f:
da:3d:3a:e2:54:d8:0e:76:92:79:c8:bf:29:d9:b9:
db:56:85:14:fa:6e:89:91:c9:68:5c:b6:17:ea:84:
5a:e8:37:f2:ba:1e:95:b4:b5:71:db:11:c1:9d:d4:
9f:56:6c:5c:5f:88:c8:66:8a:70:d3:06:a9:80:0a:
5a:fc:1a:72:6a:4a:c6:34:0c:93:27:c6:e9:ae:09:
da:d5:c6:d3:7e:c4:a3:e7:04:20:8b:4d:3b:4f:cc:
eb:7e:21:46:d1:3e:6b:80:11:d7:77:60:17:9f:41:
24:33:5d:96:22:49:6d:b1:93:94:d8:23:85:52:86:
31:a0:aa:d8:82:c0:3e:95:89:f2:5e:27:e7:dd:4b:
c2:49:ed:d9:32:af:79:1f:11:9a:c8:b1:9c:4a:cf:
53:df:f2:28:c1:51:38:e9:f7:9c:78:fc:1e:a6:36:
f3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:27:51:BE:45:FB:12:52:39:5C:12:E4:A8:BC:8B:43:1C:D5:60:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ca5077b-0987-4a65-b8ff-a1e27f76cd1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a:800::/38
Signature Algorithm: sha256WithRSAEncryption
97:33:79:6a:b3:a1:1c:9b:f6:39:64:2d:8e:5f:87:3e:4b:93:
d3:ce:bf:96:fc:65:04:ce:0a:62:4c:1d:59:a6:61:8d:28:b4:
76:04:58:73:d9:d2:84:1b:f4:c5:94:7e:49:d1:69:56:22:e7:
b8:aa:d1:dd:3d:a6:12:90:cf:f7:e0:f1:15:61:cf:6b:5f:c6:
7b:75:60:2f:60:e9:67:9f:d5:26:f4:e7:97:46:56:23:18:62:
6e:bc:95:5d:71:b9:8f:8f:c0:35:97:dc:db:ee:1f:04:69:de:
0e:f7:6a:02:95:bc:22:95:0c:95:59:d9:89:93:df:69:7d:68:
52:d2:31:ce:25:b9:b9:99:72:a9:67:00:56:d6:b4:7d:66:53:
74:e4:29:8a:42:04:98:da:f5:d7:05:b3:71:b5:23:03:91:dc:
cd:11:fc:27:9c:e8:9f:eb:50:76:22:c2:1d:ae:a6:e7:a5:80:
ba:2e:a2:ec:3e:9d:ed:b5:d4:54:9d:2c:b0:47:0d:4c:57:25:
18:e7:17:36:6c:c6:20:e4:5a:9d:0e:ce:8c:61:33:37:e8:9c:
7f:09:5e:8e:21:2c:49:39:c1:94:fb:bc:6f:19:86:75:86:78:
e4:49:02:6e:0a:32:01:8e:0c:52:aa:4e:3f:d1:1d:6b:a0:75:
25:54:42:e0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUV6f0Q852aJgDTUOyrggARrNKw08wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAwMjNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1NDU0YmQzNDgwOWRmNmU1MzBiYWNhZTVmODdiNTc1ZDRkMDhhN2YyMzQ4
NjVkOGFlYjYzYTQ2ZTU5NTRiNmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpjnLSd0iKiYv8nFEupXnrPF6K0nD6YiUbIAk1j3txtd79haY/tPoR6lfCa
BTPQu1yGWBH65sz/58oc1dRQX1YNLwRSD4FZxr3JNkDC0ksF7WABfIGwthwf2j06
4lTYDnaSeci/Kdm521aFFPpuiZHJaFy2F+qEWug38roelbS1cdsRwZ3Un1ZsXF+I
yGaKcNMGqYAKWvwacmpKxjQMkyfG6a4J2tXG037Eo+cEIItNO0/M634hRtE+a4AR
13dgF59BJDNdliJJbbGTlNgjhVKGMaCq2ILAPpWJ8l4n591Lwknt2TKveR8Rmsix
nErPU9/yKMFROOn3nHj8HqY280UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVJ1G+
RfsSUjlcEuSovItDHNVgtDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNhNTA3N2ItMDk4Ny00YTY1LWI4ZmYtYTFlMjdmNzZjZDFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BoI
MA0GCSqGSIb3DQEBCwUAA4IBAQCXM3lqs6Ecm/Y5ZC2OX4c+S5PTzr+W/GUEzgpi
TB1ZpmGNKLR2BFhz2dKEG/TFlH5J0WlWIue4qtHdPaYSkM/34PEVYc9rX8Z7dWAv
YOlnn9Um9OeXRlYjGGJuvJVdcbmPj8A1l9zb7h8Ead4O92oClbwilQyVWdmJk99p
fWhS0jHOJbm5mXKpZwBW1rR9ZlN05CmKQgSY2vXXBbNxtSMDkdzNEfwnnOif61B2
IsIdrqbnpYC6LqLsPp3ttdRUnSywRw1MVyUY5xc2bMYg5FqdDs6MYTM36Jx/CV6O
ISxJOcGU+7xvGYZ1hnjkSQJuCjIBjgxSqk4/0R1roHUlVELg
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:37 2025 by rpki-client