Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
File: 357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa (raw, json)
Hash identifier: /ZVsDIpPulw1eLEsrJh2GmBDx5KEmZpDAas02aZbNF0=
Subject key identifier: 51:73:4D:89:94:A9:6C:B5:46:B1:49:05:6F:0D:5B:E8:E0:D6:4B:53
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 38F13F6112587234BF833A10E97E8E9DE69A2F1B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
Signing time: Tue 05 Aug 2025 19:20:07 +0000
ROA not before: Tue 05 Aug 2025 19:20:07 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:f1:3f:61:12:58:72:34:bf:83:3a:10:e9:7e:8e:9d:e6:9a:2f:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:20:07 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=38e74c3db6cc1aae1c4d54ab7959cb046776c74455ee29d7d47a2ea08cb76cd8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7e:2a:bb:63:4c:c4:c5:85:f7:7a:a3:02:98:
07:46:cc:4d:4c:23:81:e4:37:96:2e:7b:5d:de:e3:
44:96:45:45:26:b9:f4:8f:6b:44:3e:05:59:10:50:
b4:fe:c0:20:67:5a:86:25:f0:21:8d:94:44:ef:f3:
53:d4:2d:ee:43:7b:99:29:ea:a6:97:9b:2f:73:d2:
e9:29:ba:0f:7e:18:51:f8:46:bd:a3:74:fc:dc:14:
20:0c:d8:78:03:b5:2b:ce:3d:d4:ce:aa:df:22:1b:
cc:ba:a4:43:7f:2c:33:99:9c:08:aa:00:6d:d2:c9:
a1:2c:dc:b2:eb:78:1f:b3:35:f6:c0:0e:16:e1:92:
b8:26:c6:90:a6:44:27:53:c8:2f:a6:56:85:b3:f1:
38:18:4a:d9:62:60:80:a4:42:bb:e5:20:98:30:76:
1a:30:fb:a8:09:d1:6e:d9:7b:1f:10:d2:97:29:d5:
19:b1:a4:68:36:95:e8:b7:1e:fa:40:3c:a9:65:8b:
d4:a9:99:d9:25:b0:c7:8e:b6:05:50:91:15:ae:d6:
4b:c3:a6:13:a5:47:c3:3c:cf:8c:21:53:08:47:9a:
73:7f:aa:58:54:dc:84:b2:bc:2f:d3:2a:11:cc:6b:
57:5f:4c:57:05:30:dd:d0:bc:b4:a5:c7:d5:27:c1:
60:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:73:4D:89:94:A9:6C:B5:46:B1:49:05:6F:0D:5B:E8:E0:D6:4B:53
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1000::/40
Signature Algorithm: sha256WithRSAEncryption
46:a3:f3:bf:8c:a6:00:a4:63:11:31:45:38:21:cc:e2:67:3b:
2a:b7:f0:c6:16:95:df:f0:d3:2d:64:60:b5:06:fa:ad:37:c4:
38:97:e6:e5:7a:8a:a8:22:fd:7f:55:e8:cc:1b:58:73:34:c1:
07:be:20:d9:a8:0e:6b:13:35:46:44:a6:cc:d7:55:f2:50:89:
65:87:0e:de:fc:eb:95:0a:e1:cd:e8:8c:aa:fe:9e:0d:e0:56:
42:76:a1:08:06:59:99:de:68:a5:35:7c:a7:a7:bc:c6:38:08:
fd:01:80:88:0e:94:e8:0a:fe:fe:8d:8d:42:d8:cf:ae:f1:44:
15:14:a9:9b:88:66:58:9a:ed:6e:61:b4:73:05:aa:f5:49:71:
39:78:dc:81:59:1c:f6:f7:d1:60:2a:16:b2:8f:99:78:28:e9:
1a:fe:09:d4:99:88:b1:e7:42:4f:ed:32:fb:e6:5a:5a:f2:4a:
be:c2:04:34:b3:c1:f9:c3:c5:a7:53:b7:76:a7:33:4d:a8:85:
1c:eb:6b:d3:49:63:40:3d:01:d6:08:48:82:c9:00:eb:9e:b3:
a4:85:4e:37:f4:99:59:e1:b7:33:5c:00:84:eb:aa:e6:51:56:
4b:ca:c8:ca:f5:9a:fb:4a:b8:d1:7f:44:a1:8d:ed:5d:23:5e:
e4:2f:e0:13
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOPE/YRJYcjS/gzoQ6X6OneaaLxswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIwMDdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4ZTc0YzNkYjZjYzFhYWUxYzRkNTRhYjc5NTljYjA0Njc3NmM3NDQ1NWVl
MjlkN2Q0N2EyZWEwOGNiNzZjZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJR+KrtjTMTFhfd6owKYB0bMTUwjgeQ3li57Xd7jRJZFRSa59I9rRD4FWRBQ
tP7AIGdahiXwIY2URO/zU9Qt7kN7mSnqppebL3PS6Sm6D34YUfhGvaN0/NwUIAzY
eAO1K8491M6q3yIbzLqkQ38sM5mcCKoAbdLJoSzcsut4H7M19sAOFuGSuCbGkKZE
J1PIL6ZWhbPxOBhK2WJggKRCu+UgmDB2GjD7qAnRbtl7HxDSlynVGbGkaDaV6Lce
+kA8qWWL1KmZ2SWwx462BVCRFa7WS8OmE6VHwzzPjCFTCEeac3+qWFTchLK8L9Mq
EcxrV19MVwUw3dC8tKXH1SfBYCsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRRc02J
lKlstUaxSQVvDVvo4NZLUzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzU3YzY2MjItOTE2MS00NGQ3LWFiMTMtNmVhNmUwYmVkMmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBGo/O/jKYApGMRMUU4IcziZzsqt/DGFpXf8NMt
ZGC1BvqtN8Q4l+bleoqoIv1/VejMG1hzNMEHviDZqA5rEzVGRKbM11XyUIllhw7e
/OuVCuHN6Iyq/p4N4FZCdqEIBlmZ3milNXynp7zGOAj9AYCIDpToCv7+jY1C2M+u
8UQVFKmbiGZYmu1uYbRzBar1SXE5eNyBWRz299FgKhayj5l4KOka/gnUmYix50JP
7TL75lpa8kq+wgQ0s8H5w8WnU7d2pzNNqIUc62vTSWNAPQHWCEiCyQDrnrOkhU43
9JlZ4bczXACE66rmUVZLysjK9Zr7SrjRf0Shje1dI17kL+AT
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:00:00 2025 by rpki-client