Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7b89972-677a-470e-88ff-f95e3c9a9443.roa
File: d7b89972-677a-470e-88ff-f95e3c9a9443.roa (raw, json)
Hash identifier: GSEbqtyOL4GpM6W7JApGGCac8Mu5bdt5o/Wsk4q3qgQ=
Subject key identifier: 21:E9:5B:68:26:C8:52:65:9B:C9:F2:5B:9A:2C:B4:A3:45:F6:84:D8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68FAA4CEAFD3D795997433DE2F0D4A4247D922A6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7b89972-677a-470e-88ff-f95e3c9a9443.roa
Signing time: Tue 05 Aug 2025 19:40:16 +0000
ROA not before: Tue 05 Aug 2025 19:40:16 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:fa:a4:ce:af:d3:d7:95:99:74:33:de:2f:0d:4a:42:47:d9:22:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:40:16 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=ac89c0a55520e77f411ffb86e0c4c2bf7f7b0c208c5060d0d609ee404f114fb8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:17:7e:04:9e:73:cb:b2:15:99:f4:31:3b:9c:
a9:b8:b6:58:70:77:ee:90:4e:37:3d:14:e2:41:2b:
d8:4c:38:03:97:43:38:b5:f3:44:54:2e:de:2d:4a:
b1:e5:da:89:65:af:e7:2e:47:49:9e:42:94:14:2f:
18:4f:60:34:63:3e:2c:9f:84:c3:a1:bc:db:57:94:
9c:17:a1:8e:bb:84:c3:76:2e:8f:87:0e:97:ad:21:
d6:0a:2a:97:cd:9f:0d:c0:89:9b:c4:9c:ce:8c:ec:
50:c7:bc:d3:85:8c:59:4a:e2:7b:27:dc:54:65:90:
91:48:9f:cb:15:e5:4d:d8:b5:2e:19:44:75:1b:73:
7b:e0:53:5c:45:ba:e2:aa:61:20:e9:d6:ec:3f:17:
e9:8e:62:b1:96:33:72:23:d9:29:04:93:36:5a:46:
4c:64:2b:45:c6:b8:3e:d1:ae:0b:55:25:78:42:61:
dc:fe:22:a5:93:a0:b7:f5:b1:8d:38:8a:4a:f6:71:
03:37:ae:3b:49:ed:fa:7d:70:a6:cc:5b:b3:b8:41:
3a:3c:39:82:0a:c1:67:4b:89:15:82:ee:48:65:3f:
52:99:0c:14:e6:1e:26:c9:48:74:9d:f0:c9:76:0a:
75:91:c0:19:ee:bc:95:05:71:64:7c:eb:b5:11:33:
05:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:E9:5B:68:26:C8:52:65:9B:C9:F2:5B:9A:2C:B4:A3:45:F6:84:D8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d7b89972-677a-470e-88ff-f95e3c9a9443.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:800::/40
Signature Algorithm: sha256WithRSAEncryption
23:af:51:25:a1:a7:06:45:12:c6:f2:b3:70:72:5b:f0:67:32:
95:f0:fb:32:80:5a:6e:32:77:10:7a:ca:0e:8e:9f:91:de:fb:
6a:a7:d8:e0:47:af:e1:c6:4c:a8:96:27:ad:d9:68:14:bc:08:
1a:19:67:45:fd:40:bb:a7:25:d1:8c:a9:4d:7f:88:a4:ad:4f:
3e:34:49:2f:d1:4a:ba:56:e3:32:9b:d9:af:e0:b0:07:3a:a4:
0b:e2:3f:9a:c3:a5:df:a9:9d:4f:d9:d1:47:3b:8c:91:b6:c8:
51:be:fe:8d:e9:85:f6:41:f8:ab:2b:b6:68:ea:12:f6:d3:cd:
18:74:76:34:7b:89:ae:ce:e9:ef:86:c1:4e:6c:57:ce:96:c5:
99:7f:06:5c:8f:ce:9f:41:e9:f2:14:40:42:f3:01:4b:b5:4f:
f3:a7:6c:be:79:73:3c:ee:48:a3:19:ee:56:51:a9:59:47:2e:
87:1f:5b:8b:ec:20:e6:1f:83:ed:70:7d:a1:3f:2c:54:d2:e7:
db:b4:eb:c9:bb:59:21:14:15:e8:e2:3a:be:71:b2:56:24:e8:
96:50:02:42:30:e1:9d:6b:ad:a9:e7:c0:52:b7:3e:f5:6a:68:
f6:f1:51:b7:be:91:90:3f:9e:64:9f:72:2d:ff:e9:8c:d0:28:
34:53:5a:9b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaPqkzq/T15WZdDPeLw1KQkfZIqYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTQwMTZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjODljMGE1NTUyMGU3N2Y0MTFmZmI4NmUwYzRjMmJmN2Y3YjBjMjA4YzUw
NjBkMGQ2MDllZTQwNGYxMTRmYjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOwXfgSec8uyFZn0MTucqbi2WHB37pBONz0U4kEr2Ew4A5dDOLXzRFQu3i1K
seXaiWWv5y5HSZ5ClBQvGE9gNGM+LJ+Ew6G821eUnBehjruEw3Yuj4cOl60h1goq
l82fDcCJm8SczozsUMe804WMWUrieyfcVGWQkUifyxXlTdi1LhlEdRtze+BTXEW6
4qphIOnW7D8X6Y5isZYzciPZKQSTNlpGTGQrRca4PtGuC1UleEJh3P4ipZOgt/Wx
jTiKSvZxAzeuO0nt+n1wpsxbs7hBOjw5ggrBZ0uJFYLuSGU/UpkMFOYeJslIdJ3w
yXYKdZHAGe68lQVxZHzrtREzBbsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQh6Vto
JshSZZvJ8luaLLSjRfaE2DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDdiODk5NzItNjc3YS00NzBlLTg4ZmYtZjk1ZTNjOWE5NDQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G0I
MA0GCSqGSIb3DQEBCwUAA4IBAQAjr1EloacGRRLG8rNwclvwZzKV8PsygFpuMncQ
esoOjp+R3vtqp9jgR6/hxkyoliet2WgUvAgaGWdF/UC7pyXRjKlNf4ikrU8+NEkv
0Uq6VuMym9mv4LAHOqQL4j+aw6XfqZ1P2dFHO4yRtshRvv6N6YX2QfirK7Zo6hL2
080YdHY0e4muzunvhsFObFfOlsWZfwZcj86fQenyFEBC8wFLtU/zp2y+eXM87kij
Ge5WUalZRy6HH1uL7CDmH4PtcH2hPyxU0ufbtOvJu1khFBXo4jq+cbJWJOiWUAJC
MOGda62p58BStz71amj28VG3vpGQP55kn3It/+mM0Cg0U1qb
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:17 2025 by rpki-client