Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d791d74-cfd7-4000-a1e5-34325a5e1541.roa
File: 9d791d74-cfd7-4000-a1e5-34325a5e1541.roa (raw, json)
Hash identifier: JVB5E0SIn+4L/B+txFCYkWWIXf+D1vGnXqIOY1xZatU=
Subject key identifier: DB:64:D2:3C:BB:61:F2:1C:DE:A5:0D:F0:AC:85:EC:FF:70:65:5B:2A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 380BD47340615BA20653A7E6D89408E8003A68A7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d791d74-cfd7-4000-a1e5-34325a5e1541.roa
Signing time: Tue 19 Aug 2025 16:50:15 +0000
ROA not before: Tue 19 Aug 2025 16:50:15 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:0b:d4:73:40:61:5b:a2:06:53:a7:e6:d8:94:08:e8:00:3a:68:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 19 16:50:15 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=34139ea8e6cb62a96369a28a1e949862763cfe1a40d3d1d614dca27058abc53f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d1:87:50:5c:fd:ae:35:18:3c:fb:c5:2d:0a:
c0:d8:58:a7:e7:92:0a:39:9b:6c:24:dc:6c:d3:bb:
18:1c:56:1a:cf:3c:48:9c:49:1e:cb:63:46:68:f0:
e7:1a:43:6a:2c:99:31:60:47:9c:7a:d9:8d:74:d8:
ae:65:c0:87:68:c2:87:cf:60:20:b6:2b:46:35:cb:
5c:27:9b:44:19:06:cf:67:3b:ab:a2:f6:64:a8:dc:
3d:71:bb:0a:44:6b:be:c7:42:da:d5:de:31:41:f6:
0c:a4:be:a7:9c:f0:76:c2:62:4a:8e:9e:51:42:cd:
59:18:6a:fd:14:af:67:18:9f:58:15:3c:bd:b6:8c:
00:08:f0:a3:22:9f:6b:8d:65:bf:72:5b:bf:c8:2d:
46:a8:c5:74:02:26:74:bc:73:d2:c3:af:51:87:e0:
ea:7d:ef:9d:99:12:09:84:ad:ed:4a:83:46:38:08:
a8:b6:57:65:92:d3:c3:d8:a3:08:c1:f6:09:2f:0e:
e8:42:61:98:36:cf:ac:5d:92:db:52:e2:46:d8:16:
e1:77:62:c7:34:c4:99:aa:e7:f9:7a:01:6b:d3:fc:
cd:76:b5:00:d4:e6:35:38:e2:79:52:a1:1d:5e:1e:
82:71:c6:8e:4b:18:59:67:19:9a:bd:2a:98:86:58:
29:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:64:D2:3C:BB:61:F2:1C:DE:A5:0D:F0:AC:85:EC:FF:70:65:5B:2A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d791d74-cfd7-4000-a1e5-34325a5e1541.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:5000::/40
Signature Algorithm: sha256WithRSAEncryption
a2:90:2c:3c:1d:92:da:ac:54:d5:a0:42:97:40:40:39:8b:7b:
ef:88:e9:26:c7:12:17:5a:a1:53:45:6e:c8:58:35:9c:68:ca:
33:f2:ea:1a:27:d2:5b:2b:6e:72:07:77:be:71:62:92:82:42:
94:b0:e5:3e:5e:82:3e:84:26:1d:f5:f7:8a:12:01:82:3a:46:
50:3b:3f:df:70:e0:b2:5d:1e:86:47:d6:7b:40:a7:c6:62:ce:
87:f4:90:45:58:a4:65:9b:ea:7d:a0:10:bc:59:56:ed:b2:48:
49:ed:03:5f:db:e1:5d:61:36:e5:b0:e6:bf:bf:e2:24:82:b6:
0f:24:a3:01:14:2c:ff:5a:b4:7c:0d:da:a6:26:15:4d:f7:6a:
48:91:c5:88:1f:f3:bf:9b:e4:f0:8d:58:be:fd:b4:fa:cc:c2:
dc:60:fa:32:c7:84:26:61:f1:9e:3b:92:0c:82:6e:9a:11:8a:
2e:e5:d0:db:69:e0:b6:ed:0e:c6:36:21:b1:a9:7a:3b:ea:ea:
53:8f:b5:6b:be:fe:58:98:3f:22:53:ba:0b:91:2c:92:e1:53:
b8:d3:59:3d:20:13:36:99:28:53:27:98:b1:4f:b1:80:cb:a6:
1b:1d:36:e4:ad:43:9a:45:fa:44:2c:a3:55:e3:49:39:59:1f:
06:98:d0:58
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOAvUc0BhW6IGU6fm2JQI6AA6aKcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTkxNjUwMTVaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0MTM5ZWE4ZTZjYjYyYTk2MzY5YTI4YTFlOTQ5ODYyNzYzY2ZlMWE0MGQz
ZDFkNjE0ZGNhMjcwNThhYmM1M2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbRh1Bc/a41GDz7xS0KwNhYp+eSCjmbbCTcbNO7GBxWGs88SJxJHstjRmjw
5xpDaiyZMWBHnHrZjXTYrmXAh2jCh89gILYrRjXLXCebRBkGz2c7q6L2ZKjcPXG7
CkRrvsdC2tXeMUH2DKS+p5zwdsJiSo6eUULNWRhq/RSvZxifWBU8vbaMAAjwoyKf
a41lv3Jbv8gtRqjFdAImdLxz0sOvUYfg6n3vnZkSCYSt7UqDRjgIqLZXZZLTw9ij
CMH2CS8O6EJhmDbPrF2S21LiRtgW4XdixzTEmarn+XoBa9P8zXa1ANTmNTjieVKh
HV4egnHGjksYWWcZmr0qmIZYKYECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTbZNI8
u2HyHN6lDfCshez/cGVbKjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQ3OTFkNzQtY2ZkNy00MDAwLWExZTUtMzQzMjVhNWUxNTQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCikCw8HZLarFTVoEKXQEA5i3vviOkmxxIXWqFT
RW7IWDWcaMoz8uoaJ9JbK25yB3e+cWKSgkKUsOU+XoI+hCYd9feKEgGCOkZQOz/f
cOCyXR6GR9Z7QKfGYs6H9JBFWKRlm+p9oBC8WVbtskhJ7QNf2+FdYTblsOa/v+Ik
grYPJKMBFCz/WrR8DdqmJhVN92pIkcWIH/O/m+TwjVi+/bT6zMLcYPoyx4QmYfGe
O5IMgm6aEYou5dDbaeC27Q7GNiGxqXo76upTj7Vrvv5YmD8iU7oLkSyS4VO401k9
IBM2mShTJ5ixT7GAy6YbHTbkrUOaRfpELKNV40k5WR8GmNBY
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:26 2025 by rpki-client