Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa
File: 3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa (raw, json)
Hash identifier: zij1kqcf93NIHmkBg2i4hHdhojNs2dMewHlnlL5DUlg=
Subject key identifier: F2:82:CD:BC:1E:53:95:B3:28:25:1C:9F:BC:7A:DD:6B:3A:48:60:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6FEAB9FDF2936DAB2236BD0D3C49DD7383957B7D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa
Signing time: Tue 05 Aug 2025 19:00:18 +0000
ROA not before: Tue 05 Aug 2025 19:00:18 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:40a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:ea:b9:fd:f2:93:6d:ab:22:36:bd:0d:3c:49:dd:73:83:95:7b:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:00:18 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=f03fecdd5344a512a05c87a696e7cada961c1331d45d45fce38c1f9c87520ee8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7f:e4:c2:9a:ba:53:13:22:67:16:1c:c6:52:
6f:98:72:64:35:87:ab:26:ed:ba:a9:e1:e7:8c:68:
24:e6:fb:f1:1e:73:d1:69:63:95:b9:9d:a5:d0:a1:
ad:77:d5:82:b4:1f:ee:53:d3:9f:fb:df:5a:8c:6e:
00:12:0a:b9:d0:dd:80:1d:8e:6d:e3:bb:68:78:df:
bd:81:40:c5:da:2a:25:79:8c:e7:63:c2:dc:f0:5a:
bc:73:6e:41:e5:18:2b:8b:60:d3:28:62:a4:b8:f3:
4e:12:75:3a:40:7b:ae:f0:35:d3:3a:4a:88:22:84:
17:7b:ba:cd:9a:bc:8c:1c:09:06:a6:ad:91:1b:c7:
93:f8:78:b8:6e:71:2f:97:78:30:8a:27:19:87:2c:
c0:a9:9b:ce:52:44:73:8f:02:fd:a1:34:95:b2:88:
66:1b:b1:b9:52:7d:04:68:bf:c1:60:77:dd:d3:be:
22:bf:0c:c0:e2:a7:6b:c0:4c:10:c0:e9:f1:d2:37:
a6:43:ce:07:0c:b3:f9:59:ff:78:4d:0f:31:c6:73:
e2:be:14:7f:67:9c:3c:65:4c:3e:49:e0:e5:bf:ea:
5b:71:35:06:cb:47:c1:3a:19:3e:c4:c8:fc:2b:d6:
72:c9:3d:66:08:be:37:90:3a:57:5d:27:72:c9:ac:
a4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:82:CD:BC:1E:53:95:B3:28:25:1C:9F:BC:7A:DD:6B:3A:48:60:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:40a0::/48
Signature Algorithm: sha256WithRSAEncryption
bc:ff:65:1f:4f:00:3d:f2:19:db:e7:69:f2:90:d4:5f:58:bb:
ca:f7:e2:6a:b4:85:a0:a3:82:d3:ea:2c:d0:9b:43:35:d1:5e:
59:da:c5:e3:9c:f8:b2:7c:e0:8b:1f:28:ab:61:dc:9d:37:cd:
ae:ff:29:cc:61:86:d1:65:70:17:c3:84:d6:32:1b:87:7e:68:
65:a9:a7:cd:2e:b4:a9:78:d8:37:02:42:fc:75:9c:cd:14:c4:
52:32:d0:62:b8:f8:14:c2:5f:e6:9c:77:ab:41:4a:e3:07:ac:
60:fc:37:85:55:6b:24:00:fa:f8:63:95:9f:8b:33:ac:38:82:
98:a3:95:67:ee:a6:91:47:0d:c2:b5:0d:8a:33:11:13:ac:a3:
df:01:bd:f3:08:0b:41:6f:f5:25:e5:7b:68:25:63:a2:65:48:
b4:53:72:3a:0e:17:2a:87:9c:1b:0e:ca:62:de:e2:57:47:a3:
c3:06:2c:16:40:c6:a1:c3:d7:77:7a:73:c8:16:b5:22:ec:78:
5f:b4:99:10:ff:d8:80:a0:b3:04:c0:0b:9f:61:a8:68:20:f6:
5d:79:25:a2:d4:ae:c0:1d:b7:2b:5f:cb:40:22:aa:80:48:d8:
5d:62:70:9d:89:08:e5:34:4b:0d:71:de:45:73:a0:d4:e3:bb:
25:b9:eb:37
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUb+q5/fKTbasiNr0NPEndc4OVe30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAwMThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwM2ZlY2RkNTM0NGE1MTJhMDVjODdhNjk2ZTdjYWRhOTYxYzEzMzFkNDVk
NDVmY2UzOGMxZjljODc1MjBlZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAId/5MKaulMTImcWHMZSb5hyZDWHqybtuqnh54xoJOb78R5z0WljlbmdpdCh
rXfVgrQf7lPTn/vfWoxuABIKudDdgB2ObeO7aHjfvYFAxdoqJXmM52PC3PBavHNu
QeUYK4tg0yhipLjzThJ1OkB7rvA10zpKiCKEF3u6zZq8jBwJBqatkRvHk/h4uG5x
L5d4MIonGYcswKmbzlJEc48C/aE0lbKIZhuxuVJ9BGi/wWB33dO+Ir8MwOKna8BM
EMDp8dI3pkPOBwyz+Vn/eE0PMcZz4r4Uf2ecPGVMPkng5b/qW3E1BstHwToZPsTI
/CvWcsk9Zgi+N5A6V10ncsmspA8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTygs28
HlOVsyglHJ+8et1rOkhg9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2RiNjZjODgtMGJiMC00NGQ2LWI2YTAtYWQ3ZGQwODczYzU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
oDANBgkqhkiG9w0BAQsFAAOCAQEAvP9lH08APfIZ2+dp8pDUX1i7yvfiarSFoKOC
0+os0JtDNdFeWdrF45z4snzgix8oq2HcnTfNrv8pzGGG0WVwF8OE1jIbh35oZamn
zS60qXjYNwJC/HWczRTEUjLQYrj4FMJf5px3q0FK4wesYPw3hVVrJAD6+GOVn4sz
rDiCmKOVZ+6mkUcNwrUNijMRE6yj3wG98wgLQW/1JeV7aCVjomVItFNyOg4XKoec
Gw7KYt7iV0ejwwYsFkDGocPXd3pzyBa1Iux4X7SZEP/YgKCzBMALn2GoaCD2XXkl
otSuwB23K1/LQCKqgEjYXWJwnYkI5TRLDXHeRXOg1OO7JbnrNw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:54:08 2025 by rpki-client