Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
File: f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa (raw, json)
Hash identifier: /g0Tc9cjLlWcOqt9dclBG3lE32PwZ4k8i0hGUgAoLUo=
Subject key identifier: B9:AD:1B:57:D0:7B:5F:E4:C1:AC:EE:5C:82:2A:C9:A3:C1:67:7B:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 686B982A6289075A51BBD7159BC2FE1C654F1D14
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
Signing time: Tue 05 Aug 2025 20:11:17 +0000
ROA not before: Tue 05 Aug 2025 20:11:17 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:6b:98:2a:62:89:07:5a:51:bb:d7:15:9b:c2:fe:1c:65:4f:1d:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:11:17 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=aa77094af742d56bb8a44dd377d1ed96d6787e1979f476d6296399de41fc6b59, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ed:f8:36:18:31:c1:96:d3:7c:38:d5:58:ca:
b6:53:79:cb:c7:72:b1:d6:0e:1b:9e:90:69:f6:5b:
cf:1d:d1:54:4b:26:0f:98:50:7a:bb:6c:20:c3:ad:
8d:da:b7:c1:fa:c3:50:35:99:a4:3b:f5:b1:89:10:
f1:da:c8:64:9d:39:08:4b:0d:09:a4:29:a4:31:bc:
4a:c5:56:3d:ab:b7:cf:cf:07:e1:96:29:24:45:dd:
a3:47:35:82:23:4a:c2:8f:4e:f4:ec:3b:25:69:21:
a0:51:ac:8e:5b:7c:f5:57:2c:d4:df:bc:84:f2:05:
84:ce:c2:a0:10:e8:ea:e1:db:e1:54:a1:51:75:ee:
49:a6:98:e0:40:07:b2:ff:de:c1:2d:df:d8:cd:50:
91:e8:fd:88:6b:8d:26:78:35:62:3f:d9:6a:22:6a:
f3:79:4d:1b:c5:1f:77:67:40:d3:fe:7b:94:da:39:
a2:8c:10:f2:18:9a:fd:ad:cc:e4:fd:6d:56:06:40:
3d:28:ce:d7:2e:89:97:b1:9d:2a:05:93:fb:40:40:
da:e4:b8:b5:91:ee:ae:16:dc:06:aa:3b:79:8c:9d:
84:76:4d:54:b8:f6:00:94:1b:de:2b:f3:fc:31:0a:
0a:32:d3:d6:be:ad:11:06:58:f5:56:27:b2:8e:3f:
1b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:AD:1B:57:D0:7B:5F:E4:C1:AC:EE:5C:82:2A:C9:A3:C1:67:7B:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019::/36
Signature Algorithm: sha256WithRSAEncryption
b5:c5:01:7b:32:60:85:bd:70:d4:14:46:57:d1:57:31:64:ca:
53:af:4d:df:84:29:c0:30:12:ab:8c:33:80:79:b5:14:71:1b:
18:c9:1d:ac:48:46:d4:22:6f:67:bc:bc:40:a3:c1:bc:18:36:
f5:2e:20:9e:89:bb:18:7c:21:86:07:03:db:17:87:81:9b:2c:
72:f0:f6:53:d5:d6:dd:42:6e:73:92:43:15:5f:08:09:3c:22:
a5:2f:6f:b6:1c:82:d4:fd:26:3b:db:2c:86:47:1a:07:00:7b:
a7:e2:68:01:71:24:3b:6c:50:6c:2c:da:43:35:f4:ec:f6:f7:
1d:7c:7d:0f:0c:bd:be:3d:3d:a1:f3:38:28:6b:0b:d1:d3:ff:
d5:f5:51:bc:0b:ab:be:43:52:ad:8f:c5:1c:1a:e8:4d:79:73:
42:12:db:01:93:3a:48:0e:99:be:9a:f2:95:a2:47:e4:58:08:
e1:53:2f:9c:2b:cd:bd:ea:6a:ad:c3:85:5b:4c:c7:2e:13:f7:
13:09:69:7b:3b:7f:0a:c6:3b:37:3c:f8:60:37:3d:77:0c:2e:
3e:ed:2b:d2:54:a4:a9:45:86:bb:ad:6a:12:7d:a2:eb:7b:8b:
b2:9f:d1:37:cc:e1:84:a3:a0:a4:1e:6e:7a:4a:eb:b7:53:84:
b1:d7:bf:7f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaGuYKmKJB1pRu9cVm8L+HGVPHRQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDExMTdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhNzcwOTRhZjc0MmQ1NmJiOGE0NGRkMzc3ZDFlZDk2ZDY3ODdlMTk3OWY0
NzZkNjI5NjM5OWRlNDFmYzZiNTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOHt+DYYMcGW03w41VjKtlN5y8dysdYOG56QafZbzx3RVEsmD5hQertsIMOt
jdq3wfrDUDWZpDv1sYkQ8drIZJ05CEsNCaQppDG8SsVWPau3z88H4ZYpJEXdo0c1
giNKwo9O9Ow7JWkhoFGsjlt89Vcs1N+8hPIFhM7CoBDo6uHb4VShUXXuSaaY4EAH
sv/ewS3f2M1Qkej9iGuNJng1Yj/ZaiJq83lNG8Ufd2dA0/57lNo5oowQ8hia/a3M
5P1tVgZAPSjO1y6Jl7GdKgWT+0BA2uS4tZHurhbcBqo7eYydhHZNVLj2AJQb3ivz
/DEKCjLT1r6tEQZY9VYnso4/G1UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS5rRtX
0Htf5MGs7lyCKsmjwWd7gzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdmY2NjMmEtYWE4YS00Y2JjLTg5ZDctZDZhOGNhMTIxYmEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BkA
MA0GCSqGSIb3DQEBCwUAA4IBAQC1xQF7MmCFvXDUFEZX0VcxZMpTr03fhCnAMBKr
jDOAebUUcRsYyR2sSEbUIm9nvLxAo8G8GDb1LiCeibsYfCGGBwPbF4eBmyxy8PZT
1dbdQm5zkkMVXwgJPCKlL2+2HILU/SY72yyGRxoHAHun4mgBcSQ7bFBsLNpDNfTs
9vcdfH0PDL2+PT2h8zgoawvR0//V9VG8C6u+Q1Ktj8UcGuhNeXNCEtsBkzpIDpm+
mvKVokfkWAjhUy+cK8296mqtw4VbTMcuE/cTCWl7O38Kxjs3PPhgNz13DC4+7SvS
VKSpRYa7rWoSfaLre4uyn9E3zOGEo6CkHm56Suu3U4Sx179/
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:19 2025 by rpki-client