Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
File: 3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa (raw, json)
Hash identifier: 89KlKvRWoH4UbN+qnOD5gEESlwZKYwHWh6Kqm4qNLJI=
Subject key identifier: D3:77:79:FB:0B:7C:F5:F4:AB:B9:75:20:03:C5:90:66:B2:37:9C:A5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A9C08B8F3969FEFB1A52E62E201302666F67D7C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
Signing time: Fri 26 Sep 2025 19:50:56 +0000
ROA not before: Fri 26 Sep 2025 19:50:56 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:9c:08:b8:f3:96:9f:ef:b1:a5:2e:62:e2:01:30:26:66:f6:7d:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:50:56 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=9aa05a616d48e7987aaa47d73ada239ffad7e43d359af159bc16a9fe02562447, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d0:1a:cb:57:9b:f0:3b:7a:64:51:cc:28:d5:
c7:af:18:fc:28:30:b8:7b:36:ce:4f:9b:17:27:be:
d5:ad:ff:cf:13:91:db:eb:39:48:78:9c:f6:a3:55:
0c:99:7b:a1:bb:51:e6:35:85:a7:0c:56:8a:60:b0:
2f:8f:f5:e4:d4:7d:47:cf:3f:c7:a1:5f:57:d0:61:
c2:a1:f8:25:b7:36:a6:6d:65:f8:c7:02:3c:73:7b:
0c:4a:cc:78:93:cc:c9:1f:7a:b0:60:cf:4b:41:9f:
a5:3a:d5:cd:34:7e:24:4b:c1:df:7a:a6:6b:49:1c:
46:50:d4:c4:c1:ec:72:45:80:cd:30:10:56:c3:f3:
ca:98:b4:5f:fd:2d:e3:8d:18:33:42:a1:52:13:de:
af:ad:73:27:97:ae:22:ce:b5:d5:48:a6:6a:76:67:
37:f8:99:6c:02:d0:2d:8f:33:33:00:9e:df:8f:15:
7e:9e:d9:45:f3:3a:ab:f6:8c:12:06:7d:8b:a4:11:
85:fd:68:c0:cd:d8:84:13:f9:d5:f4:89:9d:74:d7:
00:7a:82:e4:f8:c9:1b:0d:52:84:62:f6:22:c5:bf:
e5:d1:b0:8b:20:1e:56:d8:8e:b7:8f:69:c5:eb:e6:
2b:3e:e9:3e:01:15:81:cf:a8:97:ca:d6:ad:03:46:
46:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:77:79:FB:0B:7C:F5:F4:AB:B9:75:20:03:C5:90:66:B2:37:9C:A5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036::/32
Signature Algorithm: sha256WithRSAEncryption
3a:f2:e7:13:55:fb:6b:0a:65:2f:c6:3d:5b:53:56:cc:31:02:
69:15:e9:bd:c0:f4:61:2a:60:6b:da:41:8a:c0:f8:81:c7:e8:
41:ff:53:4d:8a:4b:6d:e2:53:a9:94:93:d9:f9:34:93:c8:16:
42:a1:0f:b1:29:f7:0b:5f:a4:16:0c:f8:23:f3:6e:72:c0:99:
fe:95:52:80:19:fb:ea:b7:17:36:0a:f0:be:9e:fe:bb:2f:7a:
44:f4:aa:a9:24:2f:bf:fb:ef:2b:b7:9d:87:55:4d:27:2f:b3:
ce:61:ad:a8:4c:f0:2c:12:5d:57:63:09:d3:8e:9c:48:4e:87:
78:dd:18:59:f5:98:25:e7:cc:5e:5e:30:52:14:38:56:f7:4f:
50:68:54:b8:fb:6a:f0:c6:56:cd:1e:ef:67:04:59:d6:d3:e6:
15:d5:da:af:90:78:f2:d8:1d:30:25:cb:77:59:fd:e8:b4:6f:
98:85:66:a0:d9:f5:10:54:fb:10:e0:15:da:ce:31:e5:8d:23:
78:af:b4:4f:90:86:37:37:59:7d:09:b5:44:b3:49:3d:00:55:
90:01:e4:a0:2b:e3:23:76:ff:7f:0f:7a:c0:9f:d8:d1:d3:28:
77:2a:80:a3:51:b9:bd:16:cd:4f:20:f8:a4:03:c6:b5:ae:b9:
3b:d6:c2:86
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUapwIuPOWn++xpS5i4gEwJmb2fXwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTUwNTZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhYTA1YTYxNmQ0OGU3OTg3YWFhNDdkNzNhZGEyMzlmZmFkN2U0M2QzNTlh
ZjE1OWJjMTZhOWZlMDI1NjI0NDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfQGstXm/A7emRRzCjVx68Y/CgwuHs2zk+bFye+1a3/zxOR2+s5SHic9qNV
DJl7obtR5jWFpwxWimCwL4/15NR9R88/x6FfV9BhwqH4Jbc2pm1l+McCPHN7DErM
eJPMyR96sGDPS0GfpTrVzTR+JEvB33qma0kcRlDUxMHsckWAzTAQVsPzypi0X/0t
440YM0KhUhPer61zJ5euIs611UimanZnN/iZbALQLY8zMwCe348Vfp7ZRfM6q/aM
EgZ9i6QRhf1owM3YhBP51fSJnXTXAHqC5PjJGw1ShGL2IsW/5dGwiyAeVtiOt49p
xevmKz7pPgEVgc+ol8rWrQNGRqsCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTTd3n7
C3z19Ku5dSADxZBmsjecpTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2ExNWFmMzktNjgxOC00ZWViLWJiYWYtMjgzYjdiZmZmYmE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DYw
DQYJKoZIhvcNAQELBQADggEBADry5xNV+2sKZS/GPVtTVswxAmkV6b3A9GEqYGva
QYrA+IHH6EH/U02KS23iU6mUk9n5NJPIFkKhD7Ep9wtfpBYM+CPzbnLAmf6VUoAZ
++q3FzYK8L6e/rsvekT0qqkkL7/77yu3nYdVTScvs85hrahM8CwSXVdjCdOOnEhO
h3jdGFn1mCXnzF5eMFIUOFb3T1BoVLj7avDGVs0e72cEWdbT5hXV2q+QePLYHTAl
y3dZ/ei0b5iFZqDZ9RBU+xDgFdrOMeWNI3ivtE+Qhjc3WX0JtUSzST0AVZAB5KAr
4yN2/38PesCf2NHTKHcqgKNRub0WzU8g+KQDxrWuuTvWwoY=
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:52:33 2025 by rpki-client