Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
File: 3ef5e7b8-24ad-41af-8334-2eff292a769d.roa (raw, json)
Hash identifier: PXDsu++Sa3Q/Sj0o4NItgxFserRipAf48QgktJj35tw=
Subject key identifier: C1:9E:EF:ED:86:69:B9:3C:B6:2F:E4:7E:A3:D0:4B:17:1D:A3:B5:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 26A0D5F4F76BBF7BC927B27071829C9B04BC38B9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
Signing time: Tue 05 Aug 2025 19:10:18 +0000
ROA not before: Tue 05 Aug 2025 19:10:18 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:a0:d5:f4:f7:6b:bf:7b:c9:27:b2:70:71:82:9c:9b:04:bc:38:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:10:18 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=8007f4b57e35223018fe8d016207c4936c7dde7fae55a142a4ad9fa7a563ac00, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b5:d6:28:35:d9:9c:b6:17:1e:1a:20:62:b3:
a7:fc:76:99:6b:9a:27:15:f6:8c:3a:b7:ef:4f:be:
4f:2f:82:60:12:3e:06:d2:5a:6f:9d:0f:0d:93:75:
ea:e0:2c:ab:b0:cb:6b:0b:4b:0c:0c:a7:de:f8:40:
3c:6f:24:86:4d:f3:2b:21:6d:fd:36:00:49:0b:55:
a7:f4:a2:c4:5b:37:c8:26:22:8f:8a:2c:74:eb:f0:
f7:5a:27:dc:be:48:3e:48:1a:f2:05:2e:67:30:86:
fe:a1:71:f4:96:76:22:dc:2c:bd:4c:bf:9a:6f:64:
1d:f8:5d:d6:d0:33:cf:3f:d1:37:ea:bf:b9:9e:7b:
82:24:96:e5:0d:e7:5b:e7:2c:7c:97:2f:b9:23:40:
00:a0:1f:be:08:51:cd:7e:d2:4b:66:11:33:ef:52:
46:fc:ed:32:4b:31:3c:b9:8b:a0:b2:f8:54:c1:51:
00:2f:6b:1e:cb:e4:a9:d7:b2:68:7c:a6:7b:04:fb:
e0:28:ee:89:1f:25:27:6f:5d:15:35:72:68:8e:f9:
b3:47:e5:da:48:e1:87:06:f8:3e:73:e5:25:e4:06:
89:e3:59:3a:17:3f:44:ff:39:9d:2d:77:e2:61:89:
41:23:57:7d:ad:20:29:51:72:87:48:80:14:dc:ad:
d0:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:9E:EF:ED:86:69:B9:3C:B6:2F:E4:7E:A3:D0:4B:17:1D:A3:B5:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
7a:76:13:68:1a:ab:25:3a:61:d2:09:42:85:ce:ec:42:2f:e9:
1e:00:4b:75:35:29:34:78:7a:8f:9f:c0:6d:50:41:f2:6e:fa:
0d:1a:e5:c2:12:0e:9f:91:a0:16:21:36:f1:a1:8f:bc:04:df:
38:56:58:b5:28:a8:a7:62:3c:35:58:07:b5:48:88:33:86:38:
b0:61:da:2a:aa:d5:5d:82:bd:18:0b:1f:2c:c8:56:43:77:7d:
ad:4e:34:3e:b9:07:0d:a7:d1:45:66:8f:1e:4f:f6:56:3b:cf:
60:db:ca:84:e6:6c:cc:e2:2f:d7:40:f9:e6:4a:f5:0a:ba:79:
11:9d:83:7a:4c:05:74:ab:8a:1c:d8:ce:ea:99:74:11:92:c3:
c0:54:44:53:de:dc:ac:43:25:18:60:61:20:cf:d3:e0:71:c1:
13:09:c5:31:22:72:30:22:38:59:e6:9f:40:c2:29:a4:a9:ec:
79:b4:43:9c:01:fd:75:56:62:a1:c9:db:e7:e0:53:3f:12:3c:
8c:18:47:c1:3a:6d:64:6f:73:44:51:8e:f0:54:b0:9e:ce:9d:
f5:98:e9:9c:a9:ec:eb:f8:6c:ed:cc:c9:f7:4b:41:8b:83:54:
10:f1:db:bc:0a:70:5c:39:b8:70:65:8e:3e:53:ab:8f:7f:fb:
88:a4:12:83
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJqDV9Pdrv3vJJ7JwcYKcmwS8OLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTEwMThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwMDdmNGI1N2UzNTIyMzAxOGZlOGQwMTYyMDdjNDkzNmM3ZGRlN2ZhZTU1
YTE0MmE0YWQ5ZmE3YTU2M2FjMDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK211ig12Zy2Fx4aIGKzp/x2mWuaJxX2jDq370++Ty+CYBI+BtJab50PDZN1
6uAsq7DLawtLDAyn3vhAPG8khk3zKyFt/TYASQtVp/SixFs3yCYij4osdOvw91on
3L5IPkga8gUuZzCG/qFx9JZ2ItwsvUy/mm9kHfhd1tAzzz/RN+q/uZ57giSW5Q3n
W+csfJcvuSNAAKAfvghRzX7SS2YRM+9SRvztMksxPLmLoLL4VMFRAC9rHsvkqdey
aHymewT74CjuiR8lJ29dFTVyaI75s0fl2kjhhwb4PnPlJeQGieNZOhc/RP85nS13
4mGJQSNXfa0gKVFyh0iAFNyt0M8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTBnu/t
hmm5PLYv5H6j0EsXHaO1HzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2VmNWU3YjgtMjRhZC00MWFmLTgzMzQtMmVmZjI5MmE3NjlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9g
wDANBgkqhkiG9w0BAQsFAAOCAQEAenYTaBqrJTph0glChc7sQi/pHgBLdTUpNHh6
j5/AbVBB8m76DRrlwhIOn5GgFiE28aGPvATfOFZYtSiop2I8NVgHtUiIM4Y4sGHa
KqrVXYK9GAsfLMhWQ3d9rU40PrkHDafRRWaPHk/2VjvPYNvKhOZszOIv10D55kr1
Crp5EZ2DekwFdKuKHNjO6pl0EZLDwFREU97crEMlGGBhIM/T4HHBEwnFMSJyMCI4
WeafQMIppKnsebRDnAH9dVZiocnb5+BTPxI8jBhHwTptZG9zRFGO8FSwns6d9Zjp
nKns6/hs7czJ90tBi4NUEPHbvApwXDm4cGWOPlOrj3/7iKQSgw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:05:16 2025 by rpki-client