Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
File: 3c7c4703-2876-4e04-b857-8c0298bd0897.roa (raw, json)
Hash identifier: usM2myPrUP7638Qxu9qeW/SZ+K8f+H/eWmjMr49Hlqg=
Subject key identifier: FE:29:EC:2B:38:B5:69:AE:40:5B:C8:6F:F5:FE:08:F4:95:E8:50:C6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77BF1FBBFDEB63D34FECA423AA5BE8F14D65D6BA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
Signing time: Fri 26 Sep 2025 18:41:20 +0000
ROA not before: Fri 26 Sep 2025 18:41:20 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:bf:1f:bb:fd:eb:63:d3:4f:ec:a4:23:aa:5b:e8:f1:4d:65:d6:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 18:41:20 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=1f7546329cf224461afd02ee6d37ce82560ba5f3298f03d77806bc19c89a51a4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:eb:a2:c0:d2:67:3e:3d:39:cd:bf:28:0a:5f:
0a:3b:89:5b:1b:7c:d7:cf:1d:c0:2a:de:9d:3b:d0:
82:39:c5:51:40:d5:6c:cb:ad:a2:53:90:92:47:ad:
37:1c:3c:1e:82:e0:04:44:7e:aa:c0:2f:16:9b:63:
d2:63:f4:d9:5f:b0:da:a4:ea:1a:79:f7:8e:38:71:
d0:d5:9f:c3:60:3e:34:f3:0e:4b:2a:b6:43:e2:67:
4e:d3:50:37:5c:8c:cd:7a:32:f2:b0:86:ad:5b:fb:
67:20:38:6f:b4:2b:bf:3a:53:76:ff:16:d2:81:96:
d9:b4:de:bf:96:bb:85:08:08:c5:aa:42:c5:7c:37:
67:45:dc:7f:f5:f4:d5:78:ff:1e:f5:c2:5a:04:ae:
9d:4e:e3:46:6b:e9:11:e6:62:1e:d2:ad:15:16:d7:
df:4a:80:90:3e:b9:ec:b6:ce:97:52:8c:35:5a:d0:
cc:a2:f1:da:e7:7e:4d:38:af:56:17:f6:de:83:ba:
3b:46:72:b3:1d:0a:d2:d3:98:b3:f3:f8:30:76:f1:
81:d6:63:bc:db:06:9d:3c:85:14:9a:83:f1:97:0c:
a4:d9:a0:84:3c:8f:c6:40:f8:77:b9:8a:03:3a:c3:
01:c2:68:51:d3:13:9d:24:4b:42:19:27:58:3c:ea:
fe:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:29:EC:2B:38:B5:69:AE:40:5B:C8:6F:F5:FE:08:F4:95:E8:50:C6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
1e:b8:b2:43:a4:10:53:a6:82:97:a1:ec:8e:08:f8:0d:07:db:
84:2d:df:c4:eb:61:14:52:49:b1:3b:03:b5:ce:72:4f:43:59:
d0:86:29:be:13:7a:53:1e:f9:92:82:fa:1c:50:6b:13:0b:e2:
a8:64:70:8d:52:2f:b0:c0:56:00:cf:66:fd:a4:e6:ec:eb:66:
8f:0d:cf:89:47:44:13:b8:cc:43:fd:e5:1d:e0:31:b3:dc:74:
0c:31:6b:97:59:a8:79:b0:ba:33:22:1d:6b:c9:19:bf:f4:b1:
b5:58:60:14:2f:a0:30:96:1b:69:6d:8d:80:b9:ff:09:fb:77:
ae:13:f5:60:39:dd:9a:4c:c6:d0:bb:91:cb:fc:a9:3b:38:95:
d1:a0:5e:70:9a:f7:a7:26:b7:18:05:6c:9f:64:4b:af:22:b4:
18:ac:5b:35:30:a8:74:4b:d2:64:1c:59:cc:ee:d5:91:71:1b:
a2:33:1a:70:52:83:7b:92:b7:d8:0b:d8:11:de:0b:88:4b:59:
71:9f:6c:42:76:dd:ce:46:0f:19:ed:be:c8:24:3a:21:5d:9c:
b6:3a:ef:5f:8f:8b:53:fd:26:ff:26:39:bd:e3:16:db:91:1a:
bd:09:98:10:fa:5b:8e:af:48:1d:f3:02:51:be:e9:a3:86:0b:
fc:8e:95:53
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd78fu/3rY9NP7KQjqlvo8U1l1rowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxODQxMjBaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmNzU0NjMyOWNmMjI0NDYxYWZkMDJlZTZkMzdjZTgyNTYwYmE1ZjMyOThm
MDNkNzc4MDZiYzE5Yzg5YTUxYTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbrosDSZz49Oc2/KApfCjuJWxt8188dwCrenTvQgjnFUUDVbMutolOQkket
Nxw8HoLgBER+qsAvFptj0mP02V+w2qTqGnn3jjhx0NWfw2A+NPMOSyq2Q+JnTtNQ
N1yMzXoy8rCGrVv7ZyA4b7QrvzpTdv8W0oGW2bTev5a7hQgIxapCxXw3Z0Xcf/X0
1Xj/HvXCWgSunU7jRmvpEeZiHtKtFRbX30qAkD657LbOl1KMNVrQzKLx2ud+TTiv
Vhf23oO6O0Zysx0K0tOYs/P4MHbxgdZjvNsGnTyFFJqD8ZcMpNmghDyPxkD4d7mK
AzrDAcJoUdMTnSRLQhknWDzq/qcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT+Kewr
OLVprkBbyG/1/gj0lehQxjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2M3YzQ3MDMtMjg3Ni00ZTA0LWI4NTctOGMwMjk4YmQwODk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+w
MA0GCSqGSIb3DQEBCwUAA4IBAQAeuLJDpBBTpoKXoeyOCPgNB9uELd/E62EUUkmx
OwO1znJPQ1nQhim+E3pTHvmSgvocUGsTC+KoZHCNUi+wwFYAz2b9pObs62aPDc+J
R0QTuMxD/eUd4DGz3HQMMWuXWah5sLozIh1ryRm/9LG1WGAUL6AwlhtpbY2Auf8J
+3euE/VgOd2aTMbQu5HL/Kk7OJXRoF5wmvenJrcYBWyfZEuvIrQYrFs1MKh0S9Jk
HFnM7tWRcRuiMxpwUoN7krfYC9gR3guIS1lxn2xCdt3ORg8Z7b7IJDohXZy2Ou9f
j4tT/Sb/Jjm94xbbkRq9CZgQ+luOr0gd8wJRvumjhgv8jpVT
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:16 2025 by rpki-client