Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
File: 3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa (raw, json)
Hash identifier: Uw2YdKQjzU0Bw2v6Z63ELHfSeVnIqhh6aA+Ps3TyYu4=
Subject key identifier: D5:28:DC:0D:53:17:F1:32:BF:21:94:EC:E4:1F:09:C5:BA:7C:1C:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69C9C1785EC243D1C5C85447FFAA30DE49D583FA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
Signing time: Tue 05 Aug 2025 20:11:36 +0000
ROA not before: Tue 05 Aug 2025 20:11:36 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d016::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:c9:c1:78:5e:c2:43:d1:c5:c8:54:47:ff:aa:30:de:49:d5:83:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:11:36 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=bee449789d7354dec2fce3dda587ff2139070bdee6f19285bfc11ef4a4afa0f4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7f:f9:04:8d:b1:43:95:27:82:d7:49:90:bb:
44:ad:fc:d3:cf:1c:8a:fe:99:6d:2a:87:83:2e:52:
a4:2b:f4:f6:ef:a5:64:f2:ca:9d:c5:24:a3:df:98:
37:7d:dc:c8:ea:e9:17:44:17:5d:c5:15:32:75:c4:
43:74:21:14:a7:e3:6c:00:d5:7f:10:12:23:7a:63:
be:15:ce:a9:45:4c:f8:01:0f:4b:fc:ed:4c:1a:df:
55:d8:42:19:c7:90:b5:33:30:e2:1c:5a:a7:57:79:
36:96:33:9d:e5:e7:3e:0c:df:b7:5f:89:0c:f7:5c:
cf:09:fc:38:61:cc:b3:f7:f4:4b:92:92:28:90:02:
c6:14:a1:c7:fa:84:e0:c7:d4:1d:ad:8b:5b:bc:01:
2f:5e:9d:1b:c1:31:ad:91:8e:2e:2c:2c:cc:07:d1:
48:e6:7b:22:00:e8:9b:df:07:ec:b0:8a:35:4c:c5:
cf:13:6a:3c:45:9f:f5:0e:96:a3:ee:12:af:42:fc:
4f:27:8a:1f:7b:39:29:d3:6f:9e:a8:53:75:d4:00:
85:98:55:1f:40:37:f0:ab:0a:c3:84:6e:d9:67:0f:
96:4b:a3:fa:a5:cf:e7:9e:4b:a4:28:51:02:16:87:
18:cb:07:45:fc:7f:75:8e:fd:95:64:b9:27:2a:0a:
df:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:28:DC:0D:53:17:F1:32:BF:21:94:EC:E4:1F:09:C5:BA:7C:1C:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3cf7ae9d-d863-4db2-9635-fb86479cf09a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d016::/38
Signature Algorithm: sha256WithRSAEncryption
6f:9e:18:9c:06:e7:4b:bd:1f:01:4d:59:c5:42:7e:d7:64:d7:
5c:8e:e5:09:fc:d0:f1:82:e1:94:bc:9d:2e:6e:f4:b2:9b:14:
d3:13:e2:95:39:69:63:de:b0:a6:ab:2f:44:3e:2b:bf:0a:dd:
09:66:9a:80:a7:81:02:ad:30:18:d0:5c:af:8c:42:95:11:42:
07:da:e5:7a:1f:12:e2:a2:b5:8e:1e:ee:b7:1c:b1:e2:db:c3:
51:27:f8:eb:50:0a:a4:39:4a:cc:ee:cf:91:1f:44:6a:13:2a:
84:9e:97:cf:96:12:8e:25:2f:26:b3:ab:08:01:0b:41:37:18:
38:9d:96:6a:82:1c:cf:5b:c5:a5:d2:07:ed:a8:6b:a8:60:f5:
41:e2:93:e2:5e:37:85:4c:82:c1:f5:c4:5a:02:da:0b:50:7f:
8f:42:38:63:67:19:f9:81:a8:4d:d5:ad:52:4a:e4:ce:b6:4a:
e5:e4:cc:61:1b:7d:20:4f:48:69:74:b0:2c:7d:92:48:1a:31:
f8:5f:ac:63:c1:25:6d:fd:18:35:52:12:2b:b4:bf:cf:fd:97:
70:7c:c9:38:6a:16:e1:9c:f8:b7:f7:c8:ae:b0:f4:19:ed:21:
2e:6b:18:2b:61:78:87:be:0e:e8:b2:6a:58:e9:1f:64:1c:98:
51:c0:68:3e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUacnBeF7CQ9HFyFRH/6ow3knVg/owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDExMzZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlZTQ0OTc4OWQ3MzU0ZGVjMmZjZTNkZGE1ODdmZjIxMzkwNzBiZGVlNmYx
OTI4NWJmYzExZWY0YTRhZmEwZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL9/+QSNsUOVJ4LXSZC7RK38088civ6ZbSqHgy5SpCv09u+lZPLKncUko9+Y
N33cyOrpF0QXXcUVMnXEQ3QhFKfjbADVfxASI3pjvhXOqUVM+AEPS/ztTBrfVdhC
GceQtTMw4hxap1d5NpYzneXnPgzft1+JDPdczwn8OGHMs/f0S5KSKJACxhShx/qE
4MfUHa2LW7wBL16dG8ExrZGOLiwszAfRSOZ7IgDom98H7LCKNUzFzxNqPEWf9Q6W
o+4Sr0L8TyeKH3s5KdNvnqhTddQAhZhVH0A38KsKw4Ru2WcPlkuj+qXP555LpChR
AhaHGMsHRfx/dY79lWS5JyoK3/sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVKNwN
UxfxMr8hlOzkHwnFunwcojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2NmN2FlOWQtZDg2My00ZGIyLTk2MzUtZmI4NjQ3OWNmMDlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BYA
MA0GCSqGSIb3DQEBCwUAA4IBAQBvnhicBudLvR8BTVnFQn7XZNdcjuUJ/NDxguGU
vJ0ubvSymxTTE+KVOWlj3rCmqy9EPiu/Ct0JZpqAp4ECrTAY0FyvjEKVEUIH2uV6
HxLiorWOHu63HLHi28NRJ/jrUAqkOUrM7s+RH0RqEyqEnpfPlhKOJS8ms6sIAQtB
Nxg4nZZqghzPW8Wl0gftqGuoYPVB4pPiXjeFTILB9cRaAtoLUH+PQjhjZxn5gahN
1a1SSuTOtkrl5MxhG30gT0hpdLAsfZJIGjH4X6xjwSVt/Rg1UhIrtL/P/ZdwfMk4
ahbhnPi398iusPQZ7SEuaxgrYXiHvg7osmpY6R9kHJhRwGg+
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:57:10 2025 by rpki-client