Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3b5c68d3-e5a1-4742-a90c-59b1e29cfc00.roa
File: 3b5c68d3-e5a1-4742-a90c-59b1e29cfc00.roa (raw, json)
Hash identifier: vqfc7T9kwgovAGxgFNLq+6aOapJoWBKrDVERO8/HPO0=
Subject key identifier: B2:A4:57:CF:6D:0E:CC:92:D0:BF:4E:E2:3C:D4:AB:AF:F1:91:F7:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36F53CBCEF26999036AD9F8C7F9D0DCE894EDD20
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3b5c68d3-e5a1-4742-a90c-59b1e29cfc00.roa
Signing time: Wed 06 Aug 2025 00:51:19 +0000
ROA not before: Wed 06 Aug 2025 00:51:19 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:f5:3c:bc:ef:26:99:90:36:ad:9f:8c:7f:9d:0d:ce:89:4e:dd:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:51:19 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=cb5ef781683e10f22f5321ba9810c2a3c799e09cfdf7bbc42ec1a66846383f11, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:68:6e:19:bb:d8:d3:d4:1a:af:1b:19:f3:fa:
a4:50:31:cb:37:13:9f:40:81:cf:9b:57:4a:71:2f:
4f:20:45:3c:0e:9f:c4:39:09:b6:42:a2:c1:80:4f:
d5:fa:c6:d4:3c:2d:ba:26:9d:88:f2:31:9a:26:47:
09:81:8b:fc:be:8f:7d:15:e3:7f:a8:a3:95:52:b1:
f1:bd:51:0e:83:0c:7f:16:bb:37:5a:15:ea:16:3b:
17:77:d6:45:fc:10:3e:34:3b:41:c3:f3:69:82:e2:
a2:8f:29:d5:33:94:b3:86:02:9a:8b:a6:61:dd:46:
1a:5e:b7:bf:a4:a6:7c:ac:f6:5b:2e:8b:9c:6d:66:
fb:db:9e:a2:fa:bc:9c:0a:b8:9d:c5:3f:fb:dd:a4:
75:18:a4:6d:25:7f:70:ad:c0:6a:28:02:a6:1d:42:
b3:b9:06:1a:f8:3f:3a:b6:fa:6a:57:84:9c:7d:72:
85:42:05:7e:c5:5d:e5:58:af:e4:2c:32:7b:77:4a:
8c:ae:26:56:a6:40:22:7d:a1:31:44:5f:1f:b8:ed:
6c:16:19:11:c5:3c:ef:b2:0a:db:52:66:77:a6:dc:
5a:c3:2f:2c:86:0b:19:69:a1:97:54:0d:8e:fc:53:
ab:15:7f:ed:f6:51:eb:de:5b:a6:5e:19:b8:32:ea:
71:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A4:57:CF:6D:0E:CC:92:D0:BF:4E:E2:3C:D4:AB:AF:F1:91:F7:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3b5c68d3-e5a1-4742-a90c-59b1e29cfc00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:c000::/40
Signature Algorithm: sha256WithRSAEncryption
46:d4:7d:31:f3:2c:6e:d7:bf:e5:fc:49:06:f9:16:3d:61:0d:
f4:73:20:14:24:59:15:56:94:14:4f:55:97:03:b5:ee:05:94:
f1:5d:08:ca:40:1c:f4:b7:28:1c:8f:b8:32:41:3d:0c:72:7f:
5d:35:94:ce:59:05:2b:16:ce:1f:38:f3:99:98:6e:4d:8b:d0:
62:88:bd:c8:48:10:0a:c3:28:88:a8:19:50:11:a8:15:b6:69:
d2:64:30:10:1f:d9:f4:d7:ed:a4:9e:72:08:e8:11:a1:53:0d:
ba:a7:05:9d:9f:90:30:31:16:4c:c1:31:92:37:ec:96:1f:6b:
5c:fd:dc:28:93:24:38:ec:94:15:b6:1a:7e:64:c6:ff:29:51:
cd:b5:da:b8:2f:69:42:50:74:99:04:b8:c5:24:53:46:65:aa:
b1:0b:b2:e3:82:65:23:ad:57:8f:87:a1:b7:a7:8a:6a:2b:12:
62:1b:84:07:fa:e8:bc:9d:9c:21:1c:ee:90:3c:86:38:a2:cf:
11:25:65:52:e6:28:d0:1a:48:0a:23:f4:21:e5:c6:5e:3f:d5:
ad:a5:41:de:4f:3e:1c:58:95:d6:c3:ef:32:7b:32:79:8f:5e:
f0:28:06:64:ed:0b:42:d9:d4:33:32:be:70:9c:74:9e:86:b6:
9e:10:1d:17
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNvU8vO8mmZA2rZ+Mf50NzolO3SAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUxMTlaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiNWVmNzgxNjgzZTEwZjIyZjUzMjFiYTk4MTBjMmEzYzc5OWUwOWNmZGY3
YmJjNDJlYzFhNjY4NDYzODNmMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJtobhm72NPUGq8bGfP6pFAxyzcTn0CBz5tXSnEvTyBFPA6fxDkJtkKiwYBP
1frG1DwtuiadiPIxmiZHCYGL/L6PfRXjf6ijlVKx8b1RDoMMfxa7N1oV6hY7F3fW
RfwQPjQ7QcPzaYLioo8p1TOUs4YCmoumYd1GGl63v6SmfKz2Wy6LnG1m+9ueovq8
nAq4ncU/+92kdRikbSV/cK3AaigCph1Cs7kGGvg/Orb6aleEnH1yhUIFfsVd5Viv
5Cwye3dKjK4mVqZAIn2hMURfH7jtbBYZEcU877IK21Jmd6bcWsMvLIYLGWmhl1QN
jvxTqxV/7fZR695bpl4ZuDLqcfECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSypFfP
bQ7MktC/TuI81Kuv8ZH3QTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2I1YzY4ZDMtZTVhMS00NzQyLWE5MGMtNTliMWUyOWNmYzAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/A
MA0GCSqGSIb3DQEBCwUAA4IBAQBG1H0x8yxu17/l/EkG+RY9YQ30cyAUJFkVVpQU
T1WXA7XuBZTxXQjKQBz0tygcj7gyQT0Mcn9dNZTOWQUrFs4fOPOZmG5Ni9BiiL3I
SBAKwyiIqBlQEagVtmnSZDAQH9n01+2knnII6BGhUw26pwWdn5AwMRZMwTGSN+yW
H2tc/dwokyQ47JQVthp+ZMb/KVHNtdq4L2lCUHSZBLjFJFNGZaqxC7LjgmUjrVeP
h6G3p4pqKxJiG4QH+ui8nZwhHO6QPIY4os8RJWVS5ijQGkgKI/Qh5cZeP9WtpUHe
Tz4cWJXWw+8yezJ5j17wKAZk7QtC2dQzMr5wnHSehraeEB0X
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:13 2025 by rpki-client