Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
File: 3f1caa71-8276-42c2-bf3a-470ac560fb89.roa (raw, json)
Hash identifier: jx2UzzRIMKdA/h6Qbs/Yt3EHecBa/CyvrKIg9dic/uo=
Subject key identifier: 3D:B1:5F:73:A1:69:81:E7:D4:20:61:90:B9:FC:27:E4:98:A7:0E:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F3D01D2A8DF32A13CA5BB62A273E9D512A01664
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
Signing time: Tue 05 Aug 2025 20:10:48 +0000
ROA not before: Tue 05 Aug 2025 20:10:48 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:3d:01:d2:a8:df:32:a1:3c:a5:bb:62:a2:73:e9:d5:12:a0:16:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:10:48 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=0bff5cec104ceecbfe4e7c0f8eadcb0bd3bfadb694146e81d9cc15bacdd81110, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c4:ce:0b:5c:8e:4e:4b:f3:a7:b2:80:a5:8e:
83:70:a1:05:1f:f4:bd:f8:75:b8:67:c5:d0:f7:40:
4b:9d:a2:68:91:5a:02:81:b2:73:32:78:89:87:5c:
cc:9f:85:40:83:9d:8c:e0:d3:f1:fa:7c:e7:50:9b:
6a:ca:04:56:fb:d0:35:0c:78:29:3e:ab:77:8f:cc:
2b:50:15:3a:59:40:04:78:6f:76:7b:41:a8:fe:ad:
e3:9f:5a:49:f8:19:fb:d7:6b:73:ad:55:ad:1b:50:
5b:20:51:7e:14:ba:91:0a:1c:68:6f:22:d7:79:26:
e6:bd:60:13:74:26:28:d6:d1:02:f4:d4:65:b2:11:
9e:3f:bf:b5:3a:7a:97:64:a3:2d:50:92:63:1c:85:
34:05:f4:ec:f5:f9:b9:62:b0:2f:d9:6d:96:96:a9:
5a:1d:77:4a:58:6c:7a:9c:e0:7e:68:66:f4:45:51:
ca:0d:ce:b0:2d:57:5e:48:b0:22:0f:63:30:a5:e1:
5c:52:e6:88:90:7b:a6:b5:5f:92:ac:e0:54:84:f4:
bc:c7:0d:c5:f1:00:e7:5e:c3:56:c4:5d:9e:7f:09:
56:c8:c8:e3:b1:e6:73:72:a6:d0:22:89:bc:14:ab:
ed:61:be:4c:ce:3e:98:19:85:6e:2b:ac:49:14:4a:
b1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B1:5F:73:A1:69:81:E7:D4:20:61:90:B9:FC:27:E4:98:A7:0E:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d::/37
Signature Algorithm: sha256WithRSAEncryption
6a:c2:d6:39:37:9b:92:69:d4:d5:82:db:b0:00:19:3b:38:3c:
70:ec:6c:45:42:fd:0a:d7:2a:cb:e0:95:5c:33:6e:0e:16:cc:
56:3b:e9:f5:85:72:05:7d:2b:73:aa:eb:7a:8d:5b:d1:82:51:
44:76:9a:fc:e4:f1:7f:ba:f7:08:47:67:1d:ea:d0:5f:43:cd:
9c:ab:0d:3d:ff:3a:39:ee:85:da:4d:f2:45:d6:77:5f:6a:43:
2f:a6:3f:a1:2f:8c:1c:bf:e8:69:0e:c2:50:b0:ba:f0:d6:96:
86:bb:2a:1e:fe:e0:92:34:79:ae:ef:75:13:04:bf:7f:ab:24:
a8:f2:f0:24:f0:25:94:85:01:49:66:1b:89:62:97:a9:fd:05:
b1:88:84:f6:ef:a7:01:63:0b:e9:e5:e2:5e:e2:f0:c4:c3:d1:
dc:c2:ee:a7:f9:66:9a:75:3c:fd:25:2e:f8:9a:89:9c:78:40:
89:1f:6c:7f:47:1b:ac:60:ce:dc:8a:cb:fc:3e:16:6e:32:1c:
de:07:7d:08:f1:6c:d9:ae:0a:82:01:3c:16:02:4e:30:cd:8d:
94:5a:27:51:73:5b:ce:84:17:89:c5:13:91:5d:12:66:04:19:
6f:28:0b:d8:b8:55:ed:9f:27:cf:cb:fc:7d:68:50:5e:50:91:
dc:b9:f0:a6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHz0B0qjfMqE8pbtionPp1RKgFmQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDEwNDhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiZmY1Y2VjMTA0Y2VlY2JmZTRlN2MwZjhlYWRjYjBiZDNiZmFkYjY5NDE0
NmU4MWQ5Y2MxNWJhY2RkODExMTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3Ezgtcjk5L86eygKWOg3ChBR/0vfh1uGfF0PdAS52iaJFaAoGyczJ4iYdc
zJ+FQIOdjODT8fp851CbasoEVvvQNQx4KT6rd4/MK1AVOllABHhvdntBqP6t459a
SfgZ+9drc61VrRtQWyBRfhS6kQocaG8i13km5r1gE3QmKNbRAvTUZbIRnj+/tTp6
l2SjLVCSYxyFNAX07PX5uWKwL9ltlpapWh13Slhsepzgfmhm9EVRyg3OsC1XXkiw
Ig9jMKXhXFLmiJB7prVfkqzgVIT0vMcNxfEA517DVsRdnn8JVsjI47Hmc3Km0CKJ
vBSr7WG+TM4+mBmFbiusSRRKsR0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9sV9z
oWmB59QgYZC5/CfkmKcOhjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2YxY2FhNzEtODI3Ni00MmMyLWJmM2EtNDcwYWM1NjBmYjg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0A
MA0GCSqGSIb3DQEBCwUAA4IBAQBqwtY5N5uSadTVgtuwABk7ODxw7GxFQv0K1yrL
4JVcM24OFsxWO+n1hXIFfStzqut6jVvRglFEdpr85PF/uvcIR2cd6tBfQ82cqw09
/zo57oXaTfJF1ndfakMvpj+hL4wcv+hpDsJQsLrw1paGuyoe/uCSNHmu73UTBL9/
qySo8vAk8CWUhQFJZhuJYpep/QWxiIT276cBYwvp5eJe4vDEw9Hcwu6n+WaadTz9
JS74momceECJH2x/RxusYM7cisv8PhZuMhzeB30I8WzZrgqCATwWAk4wzY2UWidR
c1vOhBeJxRORXRJmBBlvKAvYuFXtnyfPy/x9aFBeUJHcufCm
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:54 2025 by rpki-client