Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
File: c7743543-1a04-47c2-8128-1b90de9136a9.roa (raw, json)
Hash identifier: J5HZ59Q/5HGJ3nWYQo2Sw6H4QNn4FnJUcmxeypVCD3c=
Subject key identifier: 02:17:12:A0:35:E8:C1:B2:85:DD:D1:3C:18:2D:59:03:95:E3:B6:3B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 556E72E714E035371D0F832CF784C80D9A24C8B3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
Signing time: Tue 05 Aug 2025 19:01:41 +0000
ROA not before: Tue 05 Aug 2025 19:01:41 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8090::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:6e:72:e7:14:e0:35:37:1d:0f:83:2c:f7:84:c8:0d:9a:24:c8:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:01:41 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=2e54c1b4e8faff30c684e6996be31e7c9846d0d54fa9143881173b08f68dd08c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:66:af:d1:e4:2f:d0:cb:93:41:d6:42:18:d2:
68:0d:33:62:09:fe:b8:a5:8d:bd:2b:7b:48:00:40:
07:03:65:90:56:c3:6c:6c:e2:66:50:10:f6:fd:25:
d2:cc:fa:92:4b:18:b1:d4:4c:de:ee:0b:46:8d:13:
14:3f:94:ae:e3:9b:19:73:b5:c4:6c:5a:db:09:08:
5f:5e:cd:18:b0:e7:48:0f:6e:1e:78:c6:78:dc:9b:
20:cd:0e:20:a0:df:2a:5d:67:2d:04:d3:cc:35:08:
b2:b9:0b:d2:ee:57:f2:d3:08:75:9b:57:4f:f5:66:
46:76:8e:a9:a2:a1:c6:a0:00:f0:08:32:02:6f:90:
b7:58:3f:d4:94:fc:c4:af:d8:ee:cd:85:a4:1c:98:
c8:b4:2c:92:74:df:f3:b7:df:db:ab:9d:4b:2d:57:
40:1b:f1:3a:92:e7:53:44:89:7f:97:5f:81:b9:0a:
1b:09:3b:7e:b4:84:e6:9b:cb:e9:42:77:fb:95:43:
dd:08:75:11:10:0b:14:66:11:cb:b5:a7:26:2f:30:
6c:8d:41:eb:58:74:22:ec:1e:01:8d:8d:38:03:86:
28:ab:a1:4b:f8:d8:54:ac:55:92:af:3d:01:7e:e9:
0e:66:a1:8f:c0:17:14:12:d4:fc:8c:d1:90:78:54:
02:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:17:12:A0:35:E8:C1:B2:85:DD:D1:3C:18:2D:59:03:95:E3:B6:3B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c7743543-1a04-47c2-8128-1b90de9136a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8090::/48
Signature Algorithm: sha256WithRSAEncryption
3f:dc:33:3c:e6:fe:30:97:f1:0f:f9:1f:75:69:f6:71:9f:70:
dc:4e:04:db:78:42:16:f3:53:88:c6:76:74:b4:25:ec:28:c5:
c4:da:64:0f:8c:b4:c7:53:ac:d2:34:d7:7b:79:d9:86:d8:74:
a6:30:ac:28:36:e9:a7:8d:ab:e2:5b:ef:36:65:c8:f9:d1:b2:
8f:fb:33:0e:90:d9:5d:b3:8c:be:be:af:61:a8:5f:59:8f:4a:
54:73:3d:2b:8e:37:e0:56:f0:a8:fa:ef:03:39:db:f1:2d:43:
6f:22:1b:b3:66:40:bc:a0:25:1c:d4:3f:d8:30:1f:ad:17:81:
48:74:d5:1d:17:dc:09:1e:9b:6b:91:57:16:f1:b9:74:5a:92:
55:0f:62:cf:2d:f1:e7:92:1a:3b:7b:d9:2b:38:d5:b5:ba:9e:
58:bc:b7:e6:31:ab:d0:ef:f7:b5:4a:63:c2:3a:d4:1b:bc:37:
69:db:ca:a9:d0:1f:8a:54:d1:0c:47:7b:b7:ff:95:0f:82:c3:
16:ad:ff:79:01:f4:9c:c4:a6:9c:0f:15:a4:ed:b5:f3:e0:c1:
a1:d6:7e:9b:9a:15:72:9f:93:a7:d8:77:e7:df:2a:70:4f:7c:
9c:b2:0b:4c:f4:52:ba:66:d9:ae:17:42:92:6d:87:eb:00:98:
27:b5:1c:5c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVW5y5xTgNTcdD4Ms94TIDZokyLMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAxNDFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlNTRjMWI0ZThmYWZmMzBjNjg0ZTY5OTZiZTMxZTdjOTg0NmQwZDU0ZmE5
MTQzODgxMTczYjA4ZjY4ZGQwOGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJxmr9HkL9DLk0HWQhjSaA0zYgn+uKWNvSt7SABABwNlkFbDbGziZlAQ9v0l
0sz6kksYsdRM3u4LRo0TFD+UruObGXO1xGxa2wkIX17NGLDnSA9uHnjGeNybIM0O
IKDfKl1nLQTTzDUIsrkL0u5X8tMIdZtXT/VmRnaOqaKhxqAA8AgyAm+Qt1g/1JT8
xK/Y7s2FpByYyLQsknTf87ff26udSy1XQBvxOpLnU0SJf5dfgbkKGwk7frSE5pvL
6UJ3+5VD3Qh1ERALFGYRy7WnJi8wbI1B61h0IuweAY2NOAOGKKuhS/jYVKxVkq89
AX7pDmahj8AXFBLU/IzRkHhUAikCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQCFxKg
NejBsoXd0TwYLVkDleO2OzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc3NDM1NDMtMWEwNC00N2MyLTgxMjgtMWI5MGRlOTEzNmE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
kDANBgkqhkiG9w0BAQsFAAOCAQEAP9wzPOb+MJfxD/kfdWn2cZ9w3E4E23hCFvNT
iMZ2dLQl7CjFxNpkD4y0x1Os0jTXe3nZhth0pjCsKDbpp42r4lvvNmXI+dGyj/sz
DpDZXbOMvr6vYahfWY9KVHM9K4434FbwqPrvAznb8S1DbyIbs2ZAvKAlHNQ/2DAf
rReBSHTVHRfcCR6ba5FXFvG5dFqSVQ9izy3x55IaO3vZKzjVtbqeWLy35jGr0O/3
tUpjwjrUG7w3advKqdAfilTRDEd7t/+VD4LDFq3/eQH0nMSmnA8VpO218+DBodZ+
m5oVcp+Tp9h3598qcE98nLILTPRSumbZrhdCkm2H6wCYJ7UcXA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:34 2025 by rpki-client