Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7649a8-cae4-4d67-90f1-f01144285a2f.roa
File: dd7649a8-cae4-4d67-90f1-f01144285a2f.roa (raw, json)
Hash identifier: mopX4RgaI5iDFNL8ZePR4jeCIHRY4+9uTojpI7W4mHE=
Subject key identifier: DC:77:A4:40:3F:A4:44:91:3B:49:F3:3A:45:36:D8:14:23:24:1F:0B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 251512873CFEA5B6F2E48AA225AF96A39FA44BD0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7649a8-cae4-4d67-90f1-f01144285a2f.roa
Signing time: Tue 05 Aug 2025 18:50:16 +0000
ROA not before: Tue 05 Aug 2025 18:50:16 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:15:12:87:3c:fe:a5:b6:f2:e4:8a:a2:25:af:96:a3:9f:a4:4b:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 18:50:16 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=1a7d1597c2e6da4712e39373eec6de710abae0a83b6e47fa07a64473a2a8246b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b9:e2:fb:c9:0a:17:e1:9c:ed:15:4f:ec:0a:
58:84:e1:b0:5c:c8:bf:3d:fa:b5:d1:46:d6:33:8c:
1f:25:20:76:64:9a:76:82:1f:47:40:85:02:33:c5:
d2:5a:4a:2d:a4:41:db:6a:f9:be:fa:38:ab:40:35:
ea:14:ae:80:02:3f:06:71:48:93:fb:fe:4b:4e:97:
39:84:25:01:15:2c:d5:a4:22:df:2e:af:7a:32:e0:
6c:ca:ef:dc:61:60:81:31:4d:19:0f:7d:b4:95:c6:
b8:1c:8b:00:22:2c:26:59:9d:85:05:1f:76:d2:e8:
c6:13:1a:ee:42:4c:22:d4:00:05:a1:c1:bb:9f:ed:
c2:11:a6:b1:52:3e:b4:de:de:59:e9:ca:0a:8c:11:
bb:08:1e:0e:7a:e3:68:b3:db:4e:53:c4:dc:58:7d:
9e:91:a0:79:5d:6a:8b:60:3c:9f:a4:08:a5:e3:aa:
75:3a:9e:67:35:3b:a5:bb:37:f0:9c:86:91:0c:7a:
aa:01:e3:5a:57:f0:04:f7:e1:90:5e:45:6a:1b:f3:
b2:9a:9e:37:2d:71:39:d1:28:84:96:a5:fb:6e:36:
c9:cf:c1:d1:d7:02:30:64:33:fb:a6:f3:3b:ea:7d:
ce:6e:ab:85:90:87:3d:dc:cd:ee:10:a2:36:c2:bd:
01:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:77:A4:40:3F:A4:44:91:3B:49:F3:3A:45:36:D8:14:23:24:1F:0B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7649a8-cae4-4d67-90f1-f01144285a2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4040::/48
Signature Algorithm: sha256WithRSAEncryption
75:9e:5b:62:1d:37:9c:77:62:ad:be:d9:c1:b2:7c:17:ed:7e:
f9:fc:67:79:c9:42:8f:93:17:d2:94:76:8e:d5:9a:d0:71:0d:
61:c3:b8:c6:62:9b:64:70:ab:c2:3a:56:27:2d:1b:d2:f5:cd:
52:2d:7c:4d:31:32:bd:76:13:5b:49:0e:5c:9d:fa:a0:04:b6:
8d:e8:3d:d6:62:7a:f3:2d:ae:8b:31:bb:c8:24:29:1d:07:56:
3d:46:0e:d2:50:61:55:be:99:59:e8:88:44:98:c2:a1:d1:0a:
ce:3b:0d:93:37:b1:56:38:ac:fd:0b:40:20:d8:5b:a9:0f:40:
94:a8:da:9b:cf:97:b3:bd:97:af:35:fb:ff:7e:04:1b:39:3a:
71:fa:ff:17:1d:9d:31:3a:2d:4d:97:b3:0a:14:bf:d2:6d:d4:
87:cd:3b:5d:bb:6e:82:0e:7f:09:71:86:c3:ee:63:fb:64:61:
01:cf:0c:c4:ad:97:f7:f0:a8:3c:b3:2c:da:cf:01:62:a1:65:
2b:fb:c8:86:e6:68:3c:69:48:15:4d:37:a3:9e:e2:c6:de:78:
ac:f9:0b:0f:ab:bf:81:a3:12:34:ec:2d:12:a6:46:e1:cb:86:
09:1f:51:ee:9f:37:20:d7:21:40:96:1f:8a:d1:24:84:bc:90:
cb:27:25:d7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJRUShzz+pbby5IqiJa+Wo5+kS9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxODUwMTZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhN2QxNTk3YzJlNmRhNDcxMmUzOTM3M2VlYzZkZTcxMGFiYWUwYTgzYjZl
NDdmYTA3YTY0NDczYTJhODI0NmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMm54vvJChfhnO0VT+wKWIThsFzIvz36tdFG1jOMHyUgdmSadoIfR0CFAjPF
0lpKLaRB22r5vvo4q0A16hSugAI/BnFIk/v+S06XOYQlARUs1aQi3y6vejLgbMrv
3GFggTFNGQ99tJXGuByLACIsJlmdhQUfdtLoxhMa7kJMItQABaHBu5/twhGmsVI+
tN7eWenKCowRuwgeDnrjaLPbTlPE3Fh9npGgeV1qi2A8n6QIpeOqdTqeZzU7pbs3
8JyGkQx6qgHjWlfwBPfhkF5FahvzspqeNy1xOdEohJal+242yc/B0dcCMGQz+6bz
O+p9zm6rhZCHPdzN7hCiNsK9AVMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTcd6RA
P6REkTtJ8zpFNtgUIyQfCzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGQ3NjQ5YTgtY2FlNC00ZDY3LTkwZjEtZjAxMTQ0Mjg1YTJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
QDANBgkqhkiG9w0BAQsFAAOCAQEAdZ5bYh03nHdirb7ZwbJ8F+1++fxneclCj5MX
0pR2jtWa0HENYcO4xmKbZHCrwjpWJy0b0vXNUi18TTEyvXYTW0kOXJ36oAS2jeg9
1mJ68y2uizG7yCQpHQdWPUYO0lBhVb6ZWeiIRJjCodEKzjsNkzexVjis/QtAINhb
qQ9AlKjam8+Xs72XrzX7/34EGzk6cfr/Fx2dMTotTZezChS/0m3Uh807Xbtugg5/
CXGGw+5j+2RhAc8MxK2X9/CoPLMs2s8BYqFlK/vIhuZoPGlIFU03o57ixt54rPkL
D6u/gaMSNOwtEqZG4cuGCR9R7p83INchQJYfitEkhLyQyycl1w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:45 2025 by rpki-client