Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6271c8-6f02-45f1-97d6-ce27b463d3b5.roa
File: 3a6271c8-6f02-45f1-97d6-ce27b463d3b5.roa (raw, json)
Hash identifier: toANSQMSnWnMXG50/d8HfGCc4I1kQcRyVOo+/jV0Kkk=
Subject key identifier: B9:72:F2:75:13:15:E4:22:78:AD:0B:E2:02:C5:BA:E8:9B:A9:0A:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 465DF193293E0ACBE09C26CB24A9433C30165620
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6271c8-6f02-45f1-97d6-ce27b463d3b5.roa
Signing time: Tue 05 Aug 2025 19:50:51 +0000
ROA not before: Tue 05 Aug 2025 19:50:51 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:5d:f1:93:29:3e:0a:cb:e0:9c:26:cb:24:a9:43:3c:30:16:56:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:50:51 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=f34fc841ef01f2b8e57cc126f8615f709bc49173c8dd2f95eb1369bf20449e90, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bd:ef:1b:bb:76:30:33:ee:5a:55:8f:13:a6:
cf:04:04:bf:43:2f:89:cc:4a:14:dc:a9:ae:9b:66:
4a:28:40:6b:44:7d:c1:25:e9:d2:b0:d0:c0:f2:01:
46:72:99:b0:d7:e4:b8:15:c1:7a:7c:46:87:30:4e:
90:a0:ba:8b:fd:b3:c4:58:6a:57:1c:a0:d7:11:bb:
33:88:14:70:ec:58:bb:a1:7f:74:17:e9:e9:04:11:
24:63:7d:b5:ea:8d:ec:f4:6a:f5:1d:08:b2:1b:ab:
36:0b:be:d5:57:81:50:f9:a9:4b:25:ea:9a:97:0e:
30:c3:ac:97:53:36:e9:a1:10:84:81:0b:0e:d5:c0:
60:9b:d6:da:3a:db:c2:8b:b8:32:34:3b:5a:cd:4d:
6d:21:c6:86:a3:d6:33:29:4c:b2:47:2e:2c:e7:36:
51:24:d8:6d:31:46:89:aa:06:28:3d:7b:f1:60:40:
9b:71:0b:4e:89:d6:a6:3d:78:bc:33:75:78:4c:96:
ea:2d:88:46:63:c3:fb:6d:41:60:b1:89:45:b0:ce:
4f:c6:2a:54:06:66:00:30:f8:e5:1a:08:24:e0:48:
2b:70:fd:41:74:8d:09:f8:8e:bb:d3:f8:64:2e:e4:
43:05:06:70:cb:d0:03:3f:0f:69:3c:f4:c9:05:e7:
c0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:72:F2:75:13:15:E4:22:78:AD:0B:E2:02:C5:BA:E8:9B:A9:0A:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6271c8-6f02-45f1-97d6-ce27b463d3b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:a000::/40
Signature Algorithm: sha256WithRSAEncryption
b9:dd:76:47:a2:c6:f6:5b:3f:5e:9a:95:21:72:9f:a7:6e:73:
1a:03:fb:9d:0d:37:08:a4:ad:99:3f:1d:82:7d:bc:1a:3f:c7:
8b:90:6e:6c:1a:f5:d5:f4:5a:c7:a6:aa:9a:ac:cd:ab:a6:fa:
31:ea:37:ba:c6:b7:e9:5c:42:09:57:e2:f5:c7:5e:b4:68:b8:
32:bc:89:43:f9:db:58:51:2d:13:83:7a:bd:d5:fa:c7:a0:78:
f3:a3:cb:b0:85:55:89:e3:f3:5d:02:53:cf:85:24:42:d4:5f:
f0:54:ee:ce:cb:ac:de:29:20:0e:53:2a:03:dd:ff:d2:3d:5f:
2c:d3:56:db:e3:59:1f:6b:9a:b1:2e:17:fb:f3:f2:8f:d3:f2:
1e:97:63:e4:cd:95:a0:42:ae:34:c5:de:cd:90:11:60:40:41:
8e:5b:8a:7c:4a:88:60:e3:83:2f:83:65:a5:19:28:69:3b:55:
af:c2:20:1a:79:97:c0:1f:bf:d5:44:ef:91:f5:8d:fc:28:99:
81:fa:17:81:12:f7:df:d4:65:d3:cc:c7:71:ba:49:6f:05:d4:
f2:48:3e:db:0e:4f:c8:61:cc:84:f9:2e:10:50:e3:26:da:f9:
b3:de:19:3f:74:6a:7f:b3:fe:43:b4:4d:10:dd:b6:bb:30:9f:
a1:75:d5:c6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURl3xkyk+CsvgnCbLJKlDPDAWViAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUwNTFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzNGZjODQxZWYwMWYyYjhlNTdjYzEyNmY4NjE1ZjcwOWJjNDkxNzNjOGRk
MmY5NWViMTM2OWJmMjA0NDllOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL297xu7djAz7lpVjxOmzwQEv0MvicxKFNyprptmSihAa0R9wSXp0rDQwPIB
RnKZsNfkuBXBenxGhzBOkKC6i/2zxFhqVxyg1xG7M4gUcOxYu6F/dBfp6QQRJGN9
teqN7PRq9R0IshurNgu+1VeBUPmpSyXqmpcOMMOsl1M26aEQhIELDtXAYJvW2jrb
wou4MjQ7Ws1NbSHGhqPWMylMskcuLOc2USTYbTFGiaoGKD178WBAm3ELTonWpj14
vDN1eEyW6i2IRmPD+21BYLGJRbDOT8YqVAZmADD45RoIJOBIK3D9QXSNCfiOu9P4
ZC7kQwUGcMvQAz8PaTz0yQXnwPkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS5cvJ1
ExXkInitC+ICxbrom6kKhzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2E2MjcxYzgtNmYwMi00NWYxLTk3ZDYtY2UyN2I0NjNkM2I1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dqg
MA0GCSqGSIb3DQEBCwUAA4IBAQC53XZHosb2Wz9empUhcp+nbnMaA/udDTcIpK2Z
Px2CfbwaP8eLkG5sGvXV9FrHpqqarM2rpvox6je6xrfpXEIJV+L1x160aLgyvIlD
+dtYUS0Tg3q91frHoHjzo8uwhVWJ4/NdAlPPhSRC1F/wVO7Oy6zeKSAOUyoD3f/S
PV8s01bb41kfa5qxLhf78/KP0/Iel2PkzZWgQq40xd7NkBFgQEGOW4p8Sohg44Mv
g2WlGShpO1WvwiAaeZfAH7/VRO+R9Y38KJmB+heBEvff1GXTzMdxuklvBdTySD7b
Dk/IYcyE+S4QUOMm2vmz3hk/dGp/s/5DtE0Q3ba7MJ+hddXG
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:20 2025 by rpki-client