Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a507fd37-f907-46ea-8c80-857b97a67610.roa
File: a507fd37-f907-46ea-8c80-857b97a67610.roa (raw, json)
Hash identifier: MuxTeklmU2P4eA3eJMlALeIoBncZtWXOwQW98/1j2FU=
Subject key identifier: 9E:FA:AF:B5:0A:54:50:6B:DA:31:BE:FA:54:B0:89:8F:45:F4:76:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27E13E3C66283F833D45E850395819AD44F7243E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a507fd37-f907-46ea-8c80-857b97a67610.roa
Signing time: Tue 05 Aug 2025 19:31:34 +0000
ROA not before: Tue 05 Aug 2025 19:31:34 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:e1:3e:3c:66:28:3f:83:3d:45:e8:50:39:58:19:ad:44:f7:24:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:31:34 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=93788d0d5b3d299d97c8d184d47fd7ae002cd6e6b31ccd366e5d2eedefb7831d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:62:50:5b:1a:47:70:a7:49:2a:32:25:ff:a3:
de:e2:e1:c2:f2:ba:4a:73:9d:84:61:5e:fe:e9:e0:
55:17:c2:18:be:69:d6:e2:9d:18:89:4c:07:08:36:
1c:a5:c9:07:d5:73:1d:45:55:ae:1b:b7:bf:64:c0:
77:b9:82:de:12:ca:cc:1f:13:31:a8:b3:bc:a3:94:
2b:0f:3f:e2:6d:f6:06:5a:9b:13:2e:63:ea:f5:6c:
30:5e:e5:f6:cb:b0:bf:5b:d7:20:5a:37:eb:6b:bd:
05:b3:05:dd:27:0f:f6:b9:fc:2f:12:74:87:38:bd:
84:7d:37:20:d9:da:d3:d0:5a:e7:25:06:57:24:20:
34:a8:b7:c4:10:af:03:33:c8:b1:be:08:2e:f6:81:
2d:75:c3:15:22:0b:69:bf:4f:ae:1e:c4:c5:c2:e8:
8d:df:42:56:8b:e8:2d:8a:53:c6:f1:b8:2f:a5:99:
89:f4:2e:63:82:11:93:e8:19:82:78:d2:94:e1:58:
c3:82:70:f9:0e:81:4e:3d:a4:17:d3:11:a7:20:11:
00:d9:21:6d:0b:aa:c9:c3:29:90:00:03:0c:2f:9e:
01:cc:d4:88:11:30:0d:d5:3e:39:d3:2f:39:ba:8b:
fd:a2:69:17:5c:48:62:5f:c7:29:84:8d:ac:a6:aa:
c9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:FA:AF:B5:0A:54:50:6B:DA:31:BE:FA:54:B0:89:8F:45:F4:76:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a507fd37-f907-46ea-8c80-857b97a67610.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e000::/40
Signature Algorithm: sha256WithRSAEncryption
0d:42:0c:5c:ee:0c:a6:e4:b7:28:52:82:fd:5e:fc:d0:6c:40:
66:ea:52:5d:e7:2b:6d:c8:99:fd:37:91:51:6a:21:5d:62:7a:
70:49:53:1e:a4:47:b2:39:b5:eb:08:56:c6:39:32:7e:88:a4:
a5:e2:ec:da:f5:b9:c6:01:d6:32:4e:3b:df:a9:c6:9f:dc:d8:
bb:11:cd:1e:17:72:0f:92:59:2e:15:d9:1f:2e:c0:c3:6d:ba:
21:da:c6:40:dd:f8:44:1a:03:42:5f:17:16:ec:b0:fe:d9:13:
98:44:ca:b4:65:68:a2:4e:c1:eb:c5:3e:c6:2b:e2:f7:3f:51:
19:0a:5a:d7:56:84:19:0f:0e:5a:c6:7d:fa:b4:ab:5b:9a:2d:
a2:81:44:d9:12:6f:12:53:fc:9c:6b:63:4a:3c:2a:87:d9:8e:
64:79:41:3a:f5:6e:05:0d:e3:5c:1d:56:a2:50:36:fc:de:d3:
9f:8f:11:d1:97:21:15:3f:ed:a8:e2:1d:a5:1e:c9:a2:a3:5c:
bf:63:41:0c:e1:ab:a0:24:2f:9d:3b:5c:91:5a:f8:e8:23:9f:
69:1b:dc:90:59:75:ad:cd:06:42:8b:e6:fa:27:31:98:40:30:
33:9e:9c:4e:8a:db:18:c9:d7:e0:e3:fc:0d:97:dc:2e:d3:c3:
46:f6:6f:e5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJ+E+PGYoP4M9RehQOVgZrUT3JD4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMxMzRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzNzg4ZDBkNWIzZDI5OWQ5N2M4ZDE4NGQ0N2ZkN2FlMDAyY2Q2ZTZiMzFj
Y2QzNjZlNWQyZWVkZWZiNzgzMWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9iUFsaR3CnSSoyJf+j3uLhwvK6SnOdhGFe/ungVRfCGL5p1uKdGIlMBwg2
HKXJB9VzHUVVrhu3v2TAd7mC3hLKzB8TMaizvKOUKw8/4m32BlqbEy5j6vVsMF7l
9suwv1vXIFo362u9BbMF3ScP9rn8LxJ0hzi9hH03INna09Ba5yUGVyQgNKi3xBCv
AzPIsb4ILvaBLXXDFSILab9Prh7ExcLojd9CVovoLYpTxvG4L6WZifQuY4IRk+gZ
gnjSlOFYw4Jw+Q6BTj2kF9MRpyARANkhbQuqycMpkAADDC+eAczUiBEwDdU+OdMv
ObqL/aJpF1xIYl/HKYSNrKaqyY0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSe+q+1
ClRQa9oxvvpUsImPRfR2qjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTUwN2ZkMzctZjkwNy00NmVhLThjODAtODU3Yjk3YTY3NjEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HLg
MA0GCSqGSIb3DQEBCwUAA4IBAQANQgxc7gym5LcoUoL9XvzQbEBm6lJd5yttyJn9
N5FRaiFdYnpwSVMepEeyObXrCFbGOTJ+iKSl4uza9bnGAdYyTjvfqcaf3Ni7Ec0e
F3IPklkuFdkfLsDDbboh2sZA3fhEGgNCXxcW7LD+2ROYRMq0ZWiiTsHrxT7GK+L3
P1EZClrXVoQZDw5axn36tKtbmi2igUTZEm8SU/yca2NKPCqH2Y5keUE69W4FDeNc
HVaiUDb83tOfjxHRlyEVP+2o4h2lHsmio1y/Y0EM4augJC+dO1yRWvjoI59pG9yQ
WXWtzQZCi+b6JzGYQDAznpxOitsYydfg4/wNl9wu08NG9m/l
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:18 2025 by rpki-client