Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
File: 3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa (raw, json)
Hash identifier: ZAlSEc3ouTLt0zicMxCI0Z1mUl7Lj9eZ/ZRukeMEN4c=
Subject key identifier: D2:76:46:95:82:99:DB:D6:D7:3D:F3:73:D4:1D:64:1B:C1:66:39:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 41AC695959DB30152D4B5BB51CCD4CD75F43B5DA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
Signing time: Tue 05 Aug 2025 19:20:17 +0000
ROA not before: Tue 05 Aug 2025 19:20:17 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:ac:69:59:59:db:30:15:2d:4b:5b:b5:1c:cd:4c:d7:5f:43:b5:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:20:17 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=087520c069c217718d7881ccf9b2b50bc409dedcc1e91c0d2292aebf2b70636c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:79:b4:ae:27:c8:79:5a:e2:df:b8:dd:bd:5b:
82:f1:25:52:c7:73:62:18:62:cf:f1:b4:af:d8:5b:
60:a6:90:37:e0:c4:78:fb:0d:85:5f:b2:3e:e5:37:
c6:bf:d7:96:e4:6e:65:0b:13:07:70:a5:67:d3:75:
40:c5:86:ca:42:4f:28:10:18:d7:1d:8f:c4:9d:44:
de:f0:f9:b1:12:ea:5e:97:e4:0d:a8:17:9a:97:50:
1e:6c:35:fc:63:dd:b7:a0:9c:6a:29:ee:c3:11:bd:
13:5d:0e:69:31:75:5a:45:a4:53:06:b9:e9:3f:d9:
c1:b7:2b:1c:64:73:40:38:60:29:63:8e:d3:15:ac:
ac:5d:82:8a:9e:ef:24:2c:45:e6:5d:f3:b2:8b:72:
c9:bc:c4:75:b5:0e:c2:d5:50:47:cb:fc:32:91:b1:
21:bf:e3:1f:d3:71:0a:cb:c1:b5:a1:16:74:8a:01:
26:11:0b:3d:7e:4f:78:34:23:0f:7b:e5:83:88:bd:
dd:9c:23:0c:5e:18:e9:91:2c:a7:b3:da:ca:97:27:
5a:56:a3:85:f3:98:03:1a:1a:1b:af:6e:e8:18:a9:
1b:ec:49:d6:e3:97:76:ef:dd:36:7b:e3:8c:87:63:
79:c9:8d:47:3d:ff:64:38:4c:fe:22:35:d8:15:d6:
5f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:76:46:95:82:99:DB:D6:D7:3D:F3:73:D4:1D:64:1B:C1:66:39:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8040::/48
Signature Algorithm: sha256WithRSAEncryption
af:24:4d:28:42:0b:94:59:66:8f:e1:59:bc:e5:6e:4d:5f:0d:
f3:d5:46:82:f0:10:9b:20:98:fe:99:7a:12:e3:d6:53:5a:77:
ff:c4:52:01:af:10:45:dc:24:ce:5d:bb:96:bb:a4:97:dc:64:
a0:56:f2:95:65:7a:d1:e1:d4:21:5e:3f:26:9e:b1:23:16:e3:
8e:61:d0:9d:32:a8:8b:73:a6:10:57:24:ae:16:37:2f:bd:06:
8a:81:fd:b0:99:ce:15:8e:77:d5:d2:49:9d:d6:28:1b:36:89:
0a:7e:2a:a3:39:54:3e:b8:4a:8d:c4:23:f1:70:cc:56:cf:89:
6a:5f:24:e5:31:9a:47:f3:68:63:f8:40:e0:6e:86:e3:9e:fa:
89:0b:94:c6:16:98:97:6b:ec:76:3f:c7:45:d0:2b:f3:b9:ca:
67:4f:e6:f0:68:c3:61:18:71:7e:d9:a8:a6:30:d4:1a:2c:5d:
8d:a0:50:23:c8:64:94:69:a5:7f:fd:ab:3c:47:74:20:ce:24:
2c:d7:67:1f:2d:64:27:15:88:b8:dd:67:0a:69:ae:80:02:be:
28:be:e1:1d:9b:79:73:60:3f:58:6c:d8:0c:75:6a:ae:ba:fd:
cb:8d:f7:19:8b:e2:40:f9:71:1b:32:21:bc:90:c0:8a:30:a4:
87:96:4a:b3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQaxpWVnbMBUtS1u1HM1M119DtdowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTIwMTdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4NzUyMGMwNjljMjE3NzE4ZDc4ODFjY2Y5YjJiNTBiYzQwOWRlZGNjMWU5
MWMwZDIyOTJhZWJmMmI3MDYzNmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALx5tK4nyHla4t+43b1bgvElUsdzYhhiz/G0r9hbYKaQN+DEePsNhV+yPuU3
xr/XluRuZQsTB3ClZ9N1QMWGykJPKBAY1x2PxJ1E3vD5sRLqXpfkDagXmpdQHmw1
/GPdt6CcainuwxG9E10OaTF1WkWkUwa56T/ZwbcrHGRzQDhgKWOO0xWsrF2Cip7v
JCxF5l3zsotyybzEdbUOwtVQR8v8MpGxIb/jH9NxCsvBtaEWdIoBJhELPX5PeDQj
D3vlg4i93ZwjDF4Y6ZEsp7PaypcnWlajhfOYAxoaG69u6BipG+xJ1uOXdu/dNnvj
jIdjecmNRz3/ZDhM/iI12BXWX2sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTSdkaV
gpnb1tc983PUHWQbwWY5azAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Y1Y2MxY2EtMGRiYS00NGE3LThiYjMtZWZlODQ4Y2M3OWJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
QDANBgkqhkiG9w0BAQsFAAOCAQEAryRNKEILlFlmj+FZvOVuTV8N89VGgvAQmyCY
/pl6EuPWU1p3/8RSAa8QRdwkzl27lrukl9xkoFbylWV60eHUIV4/Jp6xIxbjjmHQ
nTKoi3OmEFckrhY3L70GioH9sJnOFY531dJJndYoGzaJCn4qozlUPrhKjcQj8XDM
Vs+Jal8k5TGaR/NoY/hA4G6G4576iQuUxhaYl2vsdj/HRdAr87nKZ0/m8GjDYRhx
ftmopjDUGixdjaBQI8hklGmlf/2rPEd0IM4kLNdnHy1kJxWIuN1nCmmugAK+KL7h
HZt5c2A/WGzYDHVqrrr9y433GYviQPlxGzIhvJDAijCkh5ZKsw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:55 2025 by rpki-client