Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
File: 93932fd5-a431-4690-94d6-ed2f97f585c1.roa (raw, json)
Hash identifier: RyL75EkU0/rHRgehzI9Ef017tCqiVwWh52WG+fQpgZU=
Subject key identifier: 49:DB:B8:EE:03:9E:BE:ED:40:82:49:51:9C:96:DE:3C:DE:9A:41:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49C4F01F7C9056C550E6ECBCB79131ADE245538E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
Signing time: Tue 05 Aug 2025 20:00:54 +0000
ROA not before: Tue 05 Aug 2025 20:00:54 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:c4:f0:1f:7c:90:56:c5:50:e6:ec:bc:b7:91:31:ad:e2:45:53:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:00:54 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=7b6bdf8a9637e6e012615f8338b535be177c5bcc4b6966a53c97a5e5d5d6a768, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:81:b5:d6:77:dd:74:ae:eb:e6:30:38:f7:b4:
d8:6b:ef:dd:6c:9a:3b:66:bd:7c:33:7c:ab:27:b8:
1c:32:ba:41:a6:98:18:f6:e5:fc:cc:db:8f:03:04:
94:21:b7:55:8a:e3:84:3f:35:f5:65:ae:9d:4a:0d:
d4:9e:d4:30:85:e1:68:57:9a:30:13:65:21:f8:e5:
4d:ac:c8:6a:0b:d7:b9:72:e3:d8:ba:db:cc:38:33:
68:80:77:f5:7f:f1:a1:df:17:3d:ea:d3:29:31:0d:
ea:71:f9:f8:1d:d4:e5:e4:ef:36:9e:5e:12:b4:15:
19:cd:00:f1:30:96:d1:71:cb:c4:08:6b:a6:3e:8e:
84:c4:e7:4a:07:4b:e0:fa:c4:58:41:51:ef:80:94:
cb:75:eb:71:89:c6:b1:61:e5:69:69:2c:2d:26:bd:
84:9e:db:ae:43:20:e3:35:61:a2:65:70:ff:63:17:
c7:48:5e:48:ac:51:c3:47:c6:97:4a:75:80:7a:2b:
f8:87:51:c9:7c:f8:b7:42:e5:66:d7:41:10:6c:a8:
fb:17:88:62:13:cc:ad:27:58:62:2f:81:1b:52:0d:
4b:da:d2:27:a3:21:2f:7c:59:81:4c:33:4b:d9:d3:
13:d9:f6:9f:73:45:73:61:a2:46:46:32:6c:bb:c6:
3c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:DB:B8:EE:03:9E:BE:ED:40:82:49:51:9C:96:DE:3C:DE:9A:41:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93932fd5-a431-4690-94d6-ed2f97f585c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:800::/38
Signature Algorithm: sha256WithRSAEncryption
a2:bd:af:ff:9b:f2:1c:f0:a1:d9:c7:85:82:d9:bc:93:55:ee:
01:61:0a:5c:97:51:db:fe:d9:cc:98:04:d5:f4:a9:89:96:17:
5d:9f:f3:54:c3:ad:9e:7f:7c:7d:b8:75:b3:27:8d:fa:ed:0d:
3c:10:08:cc:c4:da:02:47:b9:4b:cf:7d:6f:52:28:ee:c9:a1:
20:19:c1:c3:d5:c4:3a:20:55:39:f3:7f:89:32:be:78:77:6a:
18:c0:91:c4:0d:09:6e:1c:b8:3f:45:d5:89:b9:2e:e4:94:ec:
b9:95:aa:36:8c:e0:12:38:ea:44:0e:4c:6c:ae:b6:49:e2:5f:
dd:a2:3a:bc:b6:fe:77:b4:1b:04:e4:45:d3:fa:f6:ca:dc:e7:
6d:c7:f8:0c:0c:76:93:8d:ee:70:c9:08:83:c3:fa:4b:b5:26:
1c:7b:db:aa:6e:8e:b9:00:f5:3e:99:ae:64:aa:e1:ee:d2:30:
9e:5d:5d:4a:db:ce:5b:4c:0a:b0:9f:15:bc:23:19:91:44:eb:
2c:9e:5a:db:0d:ca:d0:ef:ba:42:3d:28:4c:a9:74:4a:fd:79:
f3:e3:8d:61:97:ed:b0:19:ef:d5:4b:1d:e0:f5:ff:50:f7:e0:
ff:d5:fa:df:85:f8:88:4b:4d:36:1c:30:22:2b:0d:a7:b3:80:
a0:e7:04:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUScTwH3yQVsVQ5uy8t5ExreJFU44wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAwNTRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiNmJkZjhhOTYzN2U2ZTAxMjYxNWY4MzM4YjUzNWJlMTc3YzViY2M0YjY5
NjZhNTNjOTdhNWU1ZDVkNmE3NjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAImBtdZ33XSu6+YwOPe02Gvv3WyaO2a9fDN8qye4HDK6QaaYGPbl/MzbjwME
lCG3VYrjhD819WWunUoN1J7UMIXhaFeaMBNlIfjlTazIagvXuXLj2LrbzDgzaIB3
9X/xod8XPerTKTEN6nH5+B3U5eTvNp5eErQVGc0A8TCW0XHLxAhrpj6OhMTnSgdL
4PrEWEFR74CUy3XrcYnGsWHlaWksLSa9hJ7brkMg4zVhomVw/2MXx0heSKxRw0fG
l0p1gHor+IdRyXz4t0LlZtdBEGyo+xeIYhPMrSdYYi+BG1INS9rSJ6MhL3xZgUwz
S9nTE9n2n3NFc2GiRkYybLvGPDkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRJ27ju
A56+7UCCSVGclt483ppBszAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM5MzJmZDUtYTQzMS00NjkwLTk0ZDYtZWQyZjk3ZjU4NWMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BII
MA0GCSqGSIb3DQEBCwUAA4IBAQCiva//m/Ic8KHZx4WC2byTVe4BYQpcl1Hb/tnM
mATV9KmJlhddn/NUw62ef3x9uHWzJ4367Q08EAjMxNoCR7lLz31vUijuyaEgGcHD
1cQ6IFU583+JMr54d2oYwJHEDQluHLg/RdWJuS7klOy5lao2jOASOOpEDkxsrrZJ
4l/dojq8tv53tBsE5EXT+vbK3Odtx/gMDHaTje5wyQiDw/pLtSYce9uqbo65APU+
ma5kquHu0jCeXV1K285bTAqwnxW8IxmRROssnlrbDcrQ77pCPShMqXRK/Xnz441h
l+2wGe/VSx3g9f9Q9+D/1frfhfiIS002HDAiKw2ns4Cg5wTX
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:30 2025 by rpki-client