Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
File: 3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa (raw, json)
Hash identifier: cGJ2FSVth2zcLmteU3sOcm297XnGCFf7nvKAQn8ZJmo=
Subject key identifier: 31:B7:1A:6F:F1:59:C5:ED:12:45:66:86:D7:33:EC:8C:C9:F1:54:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3CC14D035244117193412303F4F6B662C98816D2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
Signing time: Tue 05 Aug 2025 20:01:24 +0000
ROA not before: Tue 05 Aug 2025 20:01:24 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:c1:4d:03:52:44:11:71:93:41:23:03:f4:f6:b6:62:c9:88:16:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:01:24 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=d07616f21cec4bc9c02126119e714788c379b86eae6e9e5f0b9f934d66e0207c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:86:f6:13:e0:56:aa:b9:06:82:5b:7e:0d:b8:
38:ef:20:24:c2:41:8d:05:6d:50:e4:ed:4d:eb:a6:
f2:0b:ba:c8:c4:9f:23:b9:8a:8f:27:39:3e:9b:4c:
f5:5e:ba:68:f1:81:92:4f:b1:ed:e2:0d:0c:56:cd:
35:69:7e:ba:60:80:f3:dd:f0:9f:e6:de:4f:a7:f5:
5a:a3:5e:6a:c6:db:70:64:91:dc:08:eb:81:92:63:
28:d1:da:ad:d5:43:7f:70:a1:57:8c:f8:5f:a9:e2:
85:7c:19:ee:2e:63:38:bc:12:52:72:2e:75:de:1d:
7b:e1:ba:0f:a2:5b:b6:d0:54:08:81:7f:17:25:7f:
57:27:da:5d:65:54:df:b2:1d:97:c4:2f:19:d6:3a:
ad:cb:72:f0:92:5d:2b:f8:a1:09:fe:6a:e2:62:f2:
3a:95:a9:86:11:11:ee:f9:b6:2e:25:c2:44:52:f2:
bb:0f:e9:e1:8a:db:21:40:12:c0:26:b9:9a:42:02:
a5:bb:ff:a6:ef:65:20:6d:8f:07:2e:5f:8f:c0:ab:
81:2a:6c:40:94:a2:ae:16:4e:db:5b:a1:72:73:50:
6f:97:3a:75:7c:86:31:20:ae:ca:21:16:a0:df:52:
99:b6:ba:0a:5a:c7:59:c6:f7:a5:99:d3:20:59:d0:
2d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B7:1A:6F:F1:59:C5:ED:12:45:66:86:D7:33:EC:8C:C9:F1:54:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a15af39-6818-4eeb-bbaf-283b7bfffba9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036::/32
Signature Algorithm: sha256WithRSAEncryption
b3:33:7b:69:db:88:3d:ff:5a:a3:c4:0b:72:a8:b9:f3:e6:ab:
20:bb:4c:36:00:1f:cc:76:ee:be:73:29:de:85:f2:a5:a8:c6:
f1:a7:fb:e4:fe:4d:14:a7:f9:6f:86:c0:65:a5:19:1b:9d:b1:
16:e2:73:1c:59:7c:cb:39:60:84:f6:31:cd:b5:75:06:eb:bf:
c0:da:be:6f:6c:f5:62:50:b7:83:e1:03:fd:e1:d9:44:4a:46:
b1:81:34:94:0d:d3:72:aa:46:a0:3f:fe:62:58:4b:de:1b:8a:
ae:b3:f8:40:ee:85:3f:c1:87:7b:22:d8:d8:31:73:ae:12:5e:
0e:10:fe:83:d5:85:23:ad:4d:cf:1c:6a:70:6c:f3:f1:39:d6:
7a:2d:ea:ae:0c:47:ed:9b:8a:5a:b8:70:23:22:6f:41:19:f0:
c6:ee:a8:81:5c:9a:88:82:e2:ac:af:c9:55:3c:66:67:fe:2b:
83:22:e5:42:23:ff:e1:47:d5:8e:d0:d8:b7:1f:40:30:bb:d3:
7a:03:80:75:21:7a:84:df:49:25:20:fb:e2:39:ef:62:97:4d:
7b:4d:a5:97:ec:1c:9e:6f:a3:ce:07:b3:31:6d:cc:ac:b7:d1:
d8:4a:13:5d:51:b9:fe:6a:55:c3:b2:19:15:ea:c1:1c:25:c9:
ec:09:22:2b
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUPMFNA1JEEXGTQSMD9Pa2YsmIFtIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDAxMjRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwNzYxNmYyMWNlYzRiYzljMDIxMjYxMTllNzE0Nzg4YzM3OWI4NmVhZTZl
OWU1ZjBiOWY5MzRkNjZlMDIwN2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqG9hPgVqq5BoJbfg24OO8gJMJBjQVtUOTtTeum8gu6yMSfI7mKjyc5PptM
9V66aPGBkk+x7eINDFbNNWl+umCA893wn+beT6f1WqNeasbbcGSR3AjrgZJjKNHa
rdVDf3ChV4z4X6nihXwZ7i5jOLwSUnIudd4de+G6D6JbttBUCIF/FyV/VyfaXWVU
37Idl8QvGdY6rcty8JJdK/ihCf5q4mLyOpWphhER7vm2LiXCRFLyuw/p4YrbIUAS
wCa5mkICpbv/pu9lIG2PBy5fj8CrgSpsQJSirhZO21uhcnNQb5c6dXyGMSCuyiEW
oN9Smba6ClrHWcb3pZnTIFnQLQMCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQxtxpv
8VnF7RJFZobXM+yMyfFUfzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2ExNWFmMzktNjgxOC00ZWViLWJiYWYtMjgzYjdiZmZmYmE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DYw
DQYJKoZIhvcNAQELBQADggEBALMze2nbiD3/WqPEC3KoufPmqyC7TDYAH8x27r5z
Kd6F8qWoxvGn++T+TRSn+W+GwGWlGRudsRbicxxZfMs5YIT2Mc21dQbrv8Davm9s
9WJQt4PhA/3h2URKRrGBNJQN03KqRqA//mJYS94biq6z+EDuhT/Bh3si2Ngxc64S
Xg4Q/oPVhSOtTc8canBs8/E51not6q4MR+2bilq4cCMib0EZ8MbuqIFcmoiC4qyv
yVU8Zmf+K4Mi5UIj/+FH1Y7Q2LcfQDC703oDgHUheoTfSSUg++I572KXTXtNpZfs
HJ5vo84HszFtzKy30dhKE11Ruf5qVcOyGRXqwRwlyewJIis=
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:49:38 2025 by rpki-client