Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
File: 8cfa3133-8fd4-4816-ad14-c49146075f82.roa (raw, json)
Hash identifier: /V3JzcOtf16K6b9Arva7LKBWkPPRc1b272zeL7OqwLU=
Subject key identifier: 88:90:D9:7D:D2:76:2E:4D:81:34:C8:38:93:4A:AB:5B:69:2B:B6:54
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 212EA45450AC080DF912D57183CE03180B149CD8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
Signing time: Tue 05 Aug 2025 19:21:59 +0000
ROA not before: Tue 05 Aug 2025 19:21:59 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:2e:a4:54:50:ac:08:0d:f9:12:d5:71:83:ce:03:18:0b:14:9c:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:21:59 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=5d243ba084603ba117826896305da72ec145124dea21f63c63b0c6641ac1f0df, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:12:39:a8:75:6a:45:bc:92:3d:57:df:10:25:
87:e0:93:f3:01:65:73:ee:1e:db:39:f3:1c:df:db:
d8:95:38:d7:bb:44:42:08:69:d8:69:55:01:d0:3c:
fe:1f:94:a7:39:f9:06:22:05:50:06:6d:5e:c6:07:
b3:04:43:c1:44:50:af:af:3d:12:46:b7:9d:2f:ce:
d9:74:8a:7e:bd:e0:c0:bc:70:35:fd:8a:45:55:b4:
50:84:11:ab:c5:9d:d7:b3:0d:31:f1:26:e3:da:b5:
a2:a1:cd:6f:c5:0b:04:f6:f1:39:b4:5b:82:c3:72:
ad:b7:f1:d5:dc:2f:e2:f5:c6:e0:a5:4a:c5:5b:4e:
5a:06:12:f4:93:e7:3b:7a:51:a2:d6:e7:cf:54:5b:
95:e4:2f:d6:32:d2:85:d2:6e:25:38:58:1f:d7:34:
dd:00:98:7a:53:7c:77:16:2e:08:7e:c7:ea:50:55:
d8:d8:58:18:66:54:76:b2:74:07:ce:76:de:93:26:
05:ce:85:6a:7f:ce:9b:9e:38:2e:23:72:97:24:74:
ae:2d:1e:40:a7:75:db:f2:ad:3a:6d:11:4f:4d:99:
41:40:87:cf:c1:e1:bd:eb:fc:ad:c7:ff:11:15:52:
6c:c4:41:0f:44:18:0f:f1:29:0a:96:9c:49:5d:cf:
ff:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:90:D9:7D:D2:76:2E:4D:81:34:C8:38:93:4A:AB:5B:69:2B:B6:54
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8cfa3133-8fd4-4816-ad14-c49146075f82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6000::/40
Signature Algorithm: sha256WithRSAEncryption
60:87:b1:a1:28:0f:ec:72:93:89:9f:53:cd:40:7c:12:cf:f3:
e5:9b:c0:98:17:69:41:b8:74:99:3e:4f:55:a0:29:60:4b:1d:
3b:79:a9:46:a7:24:68:66:19:db:7a:b3:3f:f6:ac:41:8a:1f:
01:c1:42:1f:f7:56:b4:6c:4a:61:61:df:06:0e:8e:1e:74:0b:
19:8b:da:8e:56:1f:14:fb:92:5d:cb:15:48:d8:02:3d:7a:d8:
4e:f4:d5:0a:0e:2a:7d:4c:fa:34:fa:b6:5a:80:b9:7a:54:e6:
cb:6c:41:5f:53:93:62:14:29:85:c8:a7:06:8a:ae:6d:1d:25:
5a:7d:f8:e7:d4:4e:6b:92:f2:40:5e:70:86:91:8e:52:4a:5a:
40:16:c5:5f:da:fc:67:49:83:2e:b7:a0:8f:aa:89:20:e0:05:
75:53:42:8e:27:9d:9e:db:5d:64:23:32:ef:13:49:6b:4d:6b:
7c:06:3f:4a:d9:e2:4b:80:de:b5:dc:dc:5e:27:04:bb:16:a0:
b7:6c:7c:c0:a6:47:ad:64:21:c0:74:21:ae:59:f9:58:ec:71:
11:85:eb:2b:5f:12:26:db:52:70:e4:90:00:e3:02:cf:28:bc:
a5:c0:0b:3a:66:ec:85:bf:10:c1:ba:dc:e4:5c:3d:b0:4b:34:
2b:eb:5b:8d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIS6kVFCsCA35EtVxg84DGAsUnNgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIxNTlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkMjQzYmEwODQ2MDNiYTExNzgyNjg5NjMwNWRhNzJlYzE0NTEyNGRlYTIx
ZjYzYzYzYjBjNjY0MWFjMWYwZGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMSOah1akW8kj1X3xAlh+CT8wFlc+4e2znzHN/b2JU417tEQghp2GlVAdA8
/h+Upzn5BiIFUAZtXsYHswRDwURQr689Eka3nS/O2XSKfr3gwLxwNf2KRVW0UIQR
q8Wd17MNMfEm49q1oqHNb8ULBPbxObRbgsNyrbfx1dwv4vXG4KVKxVtOWgYS9JPn
O3pRotbnz1RbleQv1jLShdJuJThYH9c03QCYelN8dxYuCH7H6lBV2NhYGGZUdrJ0
B8523pMmBc6Fan/Om544LiNylyR0ri0eQKd12/KtOm0RT02ZQUCHz8Hhvev8rcf/
ERVSbMRBD0QYD/EpCpacSV3P/20CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSIkNl9
0nYuTYE0yDiTSqtbaSu2VDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGNmYTMxMzMtOGZkNC00ODE2LWFkMTQtYzQ5MTQ2MDc1ZjgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJg
MA0GCSqGSIb3DQEBCwUAA4IBAQBgh7GhKA/scpOJn1PNQHwSz/Plm8CYF2lBuHSZ
Pk9VoClgSx07ealGpyRoZhnberM/9qxBih8BwUIf91a0bEphYd8GDo4edAsZi9qO
Vh8U+5JdyxVI2AI9ethO9NUKDip9TPo0+rZagLl6VObLbEFfU5NiFCmFyKcGiq5t
HSVaffjn1E5rkvJAXnCGkY5SSlpAFsVf2vxnSYMut6CPqokg4AV1U0KOJ52e211k
IzLvE0lrTWt8Bj9K2eJLgN613NxeJwS7FqC3bHzApketZCHAdCGuWflY7HERhesr
XxIm21Jw5JAA4wLPKLylwAs6ZuyFvxDButzkXD2wSzQr61uN
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:04 2025 by rpki-client