Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
File: 9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa (raw, json)
Hash identifier: Fnb/oBlWIQmsCWP/6/sZzEHsxn8DAl/9LRLD/DsK4mA=
Subject key identifier: EF:74:A4:9F:96:43:6B:1F:9A:3A:9A:49:CE:EB:27:8A:28:68:A9:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1BFF5D7B199CF0D9596B08A63BBE522960575AE5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
Signing time: Tue 05 Aug 2025 19:20:05 +0000
ROA not before: Tue 05 Aug 2025 19:20:05 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:ff:5d:7b:19:9c:f0:d9:59:6b:08:a6:3b:be:52:29:60:57:5a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:20:05 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=f22bcef39898d78072ba738f6057e4455ffc46acb2af6a5560b0df4ee4142c9c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e2:6e:e2:df:74:36:9c:28:48:da:f1:45:cb:
66:b8:9e:12:f6:50:68:46:2e:d8:21:db:f1:9b:d2:
2b:27:aa:27:fc:56:e4:36:b0:94:8d:43:30:10:bf:
7f:f7:5f:e7:1a:4c:e6:5d:d0:a6:3a:be:91:13:80:
51:21:de:64:b7:e5:25:d3:27:79:30:7c:9d:ae:4a:
2f:dd:be:70:5c:5e:88:2e:f7:13:d5:bd:42:aa:8e:
78:94:ad:c9:56:ad:52:84:75:7d:f4:f9:77:0d:ec:
17:66:79:af:0d:fd:96:c5:33:f0:9e:a4:cb:20:22:
4c:33:b5:19:b8:57:9b:b0:14:53:9f:c8:70:e3:5a:
34:48:8e:cd:9d:87:df:76:a2:21:31:5d:bd:ad:c8:
c4:29:99:3b:27:bf:83:ff:d3:12:4f:14:e4:20:73:
0f:27:43:a9:74:70:36:2b:bf:cf:92:e8:c0:23:86:
bc:ce:89:45:77:05:9a:76:91:9e:a9:5c:11:be:02:
20:81:53:f2:77:6a:9a:52:22:ba:87:2a:ea:16:40:
3c:b0:58:6c:a6:4e:67:85:c0:c1:a1:36:c5:8d:2e:
59:be:92:96:56:a5:62:2d:d7:b2:84:78:d2:12:7e:
7b:61:7c:93:a3:c5:84:bb:32:05:f8:c4:00:cf:cc:
a4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:74:A4:9F:96:43:6B:1F:9A:3A:9A:49:CE:EB:27:8A:28:68:A9:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fd987fa-30e8-40bc-89c2-d89705d5fb83.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a000::/40
Signature Algorithm: sha256WithRSAEncryption
aa:27:41:32:80:cc:08:80:30:35:41:56:82:f4:e7:a9:91:f7:
1b:1e:7d:66:aa:9e:aa:81:f8:a4:ca:85:b2:f7:2e:c3:4a:38:
68:18:43:dc:b7:0a:90:74:db:f0:ee:2e:3d:90:e3:18:bb:24:
af:5a:2a:09:c6:ce:57:4d:99:95:d2:bc:3c:f7:76:ce:d5:35:
5a:54:c9:19:95:c5:2e:17:d7:06:75:2d:e8:7c:84:f2:a1:b7:
51:88:03:44:87:97:dd:da:f2:03:a4:da:ac:0a:b9:e4:38:af:
a0:0a:91:0d:b1:12:8f:b9:15:7f:c0:f5:a0:6a:d3:30:9e:3d:
6f:51:82:06:d3:d5:c8:02:0a:56:36:86:68:1a:e8:e3:bf:d6:
e4:be:c1:c7:92:ed:87:b8:6c:cf:a5:02:a8:1f:e5:ef:b6:91:
6d:64:6e:d0:83:b7:e6:32:2c:3c:55:c3:b6:62:bc:30:8e:89:
80:d9:97:49:03:73:45:ef:6d:55:a1:ee:68:6a:c7:71:42:75:
10:7b:75:c9:0f:3c:e9:38:8c:4f:ce:69:41:eb:a4:5a:d5:70:
b6:56:64:38:e1:ba:8c:bc:dc:a0:8e:26:a8:17:2d:f0:13:ca:
62:f8:cf:55:fe:5f:8b:09:19:aa:05:b6:0a:0c:14:c6:bd:30:
f0:fa:d4:f9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG/9dexmc8NlZawimO75SKWBXWuUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIwMDVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyMmJjZWYzOTg5OGQ3ODA3MmJhNzM4ZjYwNTdlNDQ1NWZmYzQ2YWNiMmFm
NmE1NTYwYjBkZjRlZTQxNDJjOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvibuLfdDacKEja8UXLZrieEvZQaEYu2CHb8ZvSKyeqJ/xW5DawlI1DMBC/
f/df5xpM5l3Qpjq+kROAUSHeZLflJdMneTB8na5KL92+cFxeiC73E9W9QqqOeJSt
yVatUoR1ffT5dw3sF2Z5rw39lsUz8J6kyyAiTDO1GbhXm7AUU5/IcONaNEiOzZ2H
33aiITFdva3IxCmZOye/g//TEk8U5CBzDydDqXRwNiu/z5LowCOGvM6JRXcFmnaR
nqlcEb4CIIFT8ndqmlIiuocq6hZAPLBYbKZOZ4XAwaE2xY0uWb6SllalYi3XsoR4
0hJ+e2F8k6PFhLsyBfjEAM/MpD8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTvdKSf
lkNrH5o6mknO6yeKKGipWDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZkOTg3ZmEtMzBlOC00MGJjLTg5YzItZDg5NzA1ZDVmYjgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACg
MA0GCSqGSIb3DQEBCwUAA4IBAQCqJ0EygMwIgDA1QVaC9OepkfcbHn1mqp6qgfik
yoWy9y7DSjhoGEPctwqQdNvw7i49kOMYuySvWioJxs5XTZmV0rw893bO1TVaVMkZ
lcUuF9cGdS3ofITyobdRiANEh5fd2vIDpNqsCrnkOK+gCpENsRKPuRV/wPWgatMw
nj1vUYIG09XIAgpWNoZoGujjv9bkvsHHku2HuGzPpQKoH+XvtpFtZG7Qg7fmMiw8
VcO2YrwwjomA2ZdJA3NF721Voe5oasdxQnUQe3XJDzzpOIxPzmlB66Ra1XC2VmQ4
4bqMvNygjiaoFy3wE8pi+M9V/l+LCRmqBbYKDBTGvTDw+tT5
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:12 2025 by rpki-client