Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3401cced-770c-4585-9f39-cb17444bbb38.roa
File: 3401cced-770c-4585-9f39-cb17444bbb38.roa (raw, json)
Hash identifier: 39RQOCZpNS1wU5Ol5zcNhB3nT0P5iJ0u3A/5pJg1ROM=
Subject key identifier: 70:04:56:D8:E6:4E:46:A2:BB:71:EB:53:9D:10:C0:B1:90:9A:D4:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C09715B3A09E180D66E2A495795AF2723A19143
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3401cced-770c-4585-9f39-cb17444bbb38.roa
Signing time: Fri 15 Aug 2025 15:51:04 +0000
ROA not before: Fri 15 Aug 2025 15:51:04 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:09:71:5b:3a:09:e1:80:d6:6e:2a:49:57:95:af:27:23:a1:91:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 15 15:51:04 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=23aa4d05b3c4ed1a9f3880593bd847c344df7278359be8b0c6377966be89af7f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:39:e2:9f:9b:54:7f:c8:96:4f:be:2b:42:45:
64:77:c7:dc:35:b6:1b:4e:3f:8d:da:12:04:e3:98:
b1:2d:45:99:55:aa:56:3c:da:92:eb:46:2b:50:45:
21:79:85:5b:ef:33:87:79:28:83:5a:fb:d1:3a:58:
6f:22:c8:91:e5:51:5e:18:39:cd:f8:e5:1c:e4:9f:
ef:ba:51:3e:a5:9d:82:8f:33:5c:dc:b3:1a:6a:d3:
00:24:0c:19:7d:81:fd:d1:fa:03:dd:b1:55:fd:d1:
fe:8a:4a:a8:84:ac:28:6c:d8:91:d9:1f:e8:7f:ac:
b8:f8:1e:12:2e:89:49:7e:25:8c:39:75:73:be:df:
dc:4b:d8:34:89:30:a5:22:67:ef:55:e0:a5:97:06:
04:74:e2:ae:60:f4:7f:61:78:83:20:b6:ce:43:ab:
9f:40:03:2b:48:0f:2d:e6:51:c8:d2:65:fc:8d:42:
a4:3d:f0:2d:e0:a5:71:2d:22:f1:48:f1:91:19:d3:
ac:30:24:86:5f:9a:11:28:95:f0:17:31:ae:14:19:
27:d9:09:fc:ba:2c:48:38:fc:0e:23:40:df:35:7a:
8d:02:3d:fe:09:10:d1:e0:74:ea:4b:e2:73:7d:e4:
f1:99:f0:cb:44:e5:f5:2b:a5:c2:8e:9a:0b:64:d6:
34:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:04:56:D8:E6:4E:46:A2:BB:71:EB:53:9D:10:C0:B1:90:9A:D4:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3401cced-770c-4585-9f39-cb17444bbb38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032::/32
Signature Algorithm: sha256WithRSAEncryption
1a:63:42:50:a1:51:66:4f:39:1f:d7:f4:78:17:7a:9d:ee:e2:
d2:b0:fe:0b:e8:89:ff:03:0a:4d:08:0b:f1:34:7d:11:2a:4e:
cc:8f:4c:4d:15:7a:ca:09:00:76:ac:e9:b7:a8:f7:dc:de:e2:
87:56:a5:45:eb:cf:f8:02:83:78:c9:5e:bf:b2:22:a1:da:77:
c5:d1:92:1a:6a:89:2a:0b:57:47:ce:4d:0b:8b:c0:a6:cc:da:
78:b3:f6:cd:a1:c6:42:84:42:99:62:16:40:4a:90:55:ea:46:
8a:7b:1b:0d:8e:4b:50:f5:ed:70:79:f3:44:07:8e:ef:a6:b6:
be:1e:45:58:2f:f0:7e:57:e4:5d:92:8e:4a:b5:ba:0a:6e:cd:
89:8f:8b:5f:e4:b8:25:a2:9c:5b:5e:2b:8c:79:27:c5:1b:77:
02:b4:72:7e:a4:b2:3d:be:cf:b0:c8:14:fb:be:0f:f9:89:07:
f3:a8:23:cd:1e:06:44:3e:68:0a:57:db:b8:24:0f:29:c5:e4:
02:b7:fd:94:f0:d7:52:17:a8:f3:94:96:c3:30:eb:22:9a:37:
91:2e:49:ff:7d:94:f2:d0:13:76:14:b6:5c:a1:06:85:76:ad:
d3:78:1d:4f:41:4e:9a:92:4b:ae:19:a1:54:fe:38:f0:3a:24:
e8:f8:78:e7
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUPAlxWzoJ4YDWbipJV5WvJyOhkUMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MTUxNTUxMDRaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzYWE0ZDA1YjNjNGVkMWE5ZjM4ODA1OTNiZDg0N2MzNDRkZjcyNzgzNTli
ZThiMGM2Mzc3OTY2YmU4OWFmN2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKw54p+bVH/Ilk++K0JFZHfH3DW2G04/jdoSBOOYsS1FmVWqVjzakutGK1BF
IXmFW+8zh3kog1r70TpYbyLIkeVRXhg5zfjlHOSf77pRPqWdgo8zXNyzGmrTACQM
GX2B/dH6A92xVf3R/opKqISsKGzYkdkf6H+suPgeEi6JSX4ljDl1c77f3EvYNIkw
pSJn71XgpZcGBHTirmD0f2F4gyC2zkOrn0ADK0gPLeZRyNJl/I1CpD3wLeClcS0i
8UjxkRnTrDAkhl+aESiV8BcxrhQZJ9kJ/LosSDj8DiNA3zV6jQI9/gkQ0eB06kvi
c33k8Znwy0Tl9Sulwo6aC2TWNEECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRwBFbY
5k5Gortx61OdEMCxkJrUijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzQwMWNjZWQtNzcwYy00NTg1LTlmMzktY2IxNzQ0NGJiYjM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DIw
DQYJKoZIhvcNAQELBQADggEBABpjQlChUWZPOR/X9HgXep3u4tKw/gvoif8DCk0I
C/E0fREqTsyPTE0VesoJAHas6beo99ze4odWpUXrz/gCg3jJXr+yIqHad8XRkhpq
iSoLV0fOTQuLwKbM2niz9s2hxkKEQpliFkBKkFXqRop7Gw2OS1D17XB580QHju+m
tr4eRVgv8H5X5F2Sjkq1ugpuzYmPi1/kuCWinFteK4x5J8UbdwK0cn6ksj2+z7DI
FPu+D/mJB/OoI80eBkQ+aApX27gkDynF5AK3/ZTw11IXqPOUlsMw6yKaN5EuSf99
lPLQE3YUtlyhBoV2rdN4HU9BTpqSS64ZoVT+OPA6JOj4eOc=
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:24:37 2025 by rpki-client