Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
File: c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa (raw, json)
Hash identifier: wnckSCNUmAafIAMrgmzQjHIn+6F43G+yy7y6tdlYh8U=
Subject key identifier: F5:66:75:5C:B8:A3:CD:E3:0E:0D:16:19:66:CD:6E:1B:53:31:AA:6C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D68CDE6BE9A783833030A0A66ECE464D9002A3E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
Signing time: Tue 05 Aug 2025 19:30:16 +0000
ROA not before: Tue 05 Aug 2025 19:30:16 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:68:cd:e6:be:9a:78:38:33:03:0a:0a:66:ec:e4:64:d9:00:2a:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:30:16 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=3868fc454f874a1f18b821392335cfb1d4c322117039a3b2f366a6a2b7986bc5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:08:ce:87:25:5a:09:dc:41:19:06:69:69:51:
fb:bf:c5:3b:2f:bc:9f:5f:0f:e8:80:6e:88:15:c4:
97:e1:fb:48:6e:aa:0c:69:27:d1:1c:52:33:c5:d9:
4e:3b:32:12:a4:f9:e0:57:87:3d:57:3e:09:11:2e:
41:f4:37:b5:03:62:39:fc:83:b0:da:2d:aa:b3:ba:
ff:e4:a9:f4:b2:f3:55:53:bc:2f:d5:d6:d6:f6:fe:
a0:9b:7d:81:5d:b2:85:66:da:38:79:73:96:50:cf:
b7:a1:b3:20:4e:93:02:cf:34:73:38:86:4d:57:8e:
e0:71:b1:33:2f:2b:0f:cc:18:21:14:47:ac:c9:e5:
0d:44:4d:42:a0:5b:05:98:97:40:86:03:c9:cd:17:
2e:08:ce:20:3e:09:62:9c:30:2c:eb:e8:3a:17:90:
4d:12:1d:db:ae:3e:53:89:de:9a:fc:7f:56:4f:9d:
75:3d:ad:66:30:3d:e6:17:b1:1e:4a:c9:f5:84:84:
07:29:86:52:d2:9a:a3:1b:9f:05:22:f9:e9:3f:a4:
93:ed:70:14:0a:cb:e2:e0:b3:19:70:b4:68:55:18:
3c:26:c5:fa:b4:13:37:a4:f8:91:e5:1e:2e:f2:ef:
66:29:fe:de:6f:4f:3d:0a:fd:99:fc:20:67:25:a3:
2f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:66:75:5C:B8:A3:CD:E3:0E:0D:16:19:66:CD:6E:1B:53:31:AA:6C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2000::/40
Signature Algorithm: sha256WithRSAEncryption
99:d4:92:c3:1b:d8:d7:70:1f:5f:20:2d:85:40:0d:b4:ed:4f:
c8:a8:b8:76:fd:0a:27:f6:dc:e6:94:b7:6e:76:aa:8a:23:f7:
ea:f2:36:80:c0:91:4f:3c:f0:c7:9a:c9:22:d5:32:73:e8:b5:
13:b3:e4:84:b3:dc:87:64:78:99:66:46:9d:8c:e9:1c:85:1a:
fd:79:ba:29:b7:a1:da:6a:39:fc:7d:cf:4b:5a:93:94:05:e4:
c8:c2:25:24:c8:73:7b:47:1e:c2:14:30:30:b0:b4:ce:2f:9c:
93:4d:41:83:51:42:79:dc:33:ae:e5:6d:46:b3:e5:ed:e9:36:
12:cb:30:86:14:53:6b:6c:fd:bf:7a:1d:64:c5:f7:2d:c9:50:
53:1e:94:4b:fb:54:c9:6d:94:c1:0e:e1:39:39:2c:ac:cd:50:
db:af:ae:42:f3:1b:d2:68:3a:93:52:62:9d:8d:8a:c9:f2:2d:
ba:b1:88:4a:be:6c:42:c6:6c:51:40:85:b6:a2:5f:c4:4d:b6:
6f:2f:3a:61:8e:a2:b5:78:26:12:b8:90:63:bc:26:96:6b:1f:
1f:de:30:bc:a9:32:cb:a1:af:64:64:c9:0f:e9:39:f6:e5:d0:
ff:60:19:58:71:07:b5:83:2d:14:fd:71:a4:31:c3:c9:cc:fe:
f3:ef:06:89
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDWjN5r6aeDgzAwoKZuzkZNkAKj4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMwMTZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4NjhmYzQ1NGY4NzRhMWYxOGI4MjEzOTIzMzVjZmIxZDRjMzIyMTE3MDM5
YTNiMmYzNjZhNmEyYjc5ODZiYzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANUIzoclWgncQRkGaWlR+7/FOy+8n18P6IBuiBXEl+H7SG6qDGkn0RxSM8XZ
TjsyEqT54FeHPVc+CREuQfQ3tQNiOfyDsNotqrO6/+Sp9LLzVVO8L9XW1vb+oJt9
gV2yhWbaOHlzllDPt6GzIE6TAs80cziGTVeO4HGxMy8rD8wYIRRHrMnlDURNQqBb
BZiXQIYDyc0XLgjOID4JYpwwLOvoOheQTRId264+U4nemvx/Vk+ddT2tZjA95hex
HkrJ9YSEBymGUtKaoxufBSL56T+kk+1wFArL4uCzGXC0aFUYPCbF+rQTN6T4keUe
LvLvZin+3m9PPQr9mfwgZyWjL2ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT1ZnVc
uKPN4w4NFhlmzW4bUzGqbDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzNmNGIwZTAtZGY2ZC00ODFhLThkNzUtNzcwOWU1NDVkMWU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIg
MA0GCSqGSIb3DQEBCwUAA4IBAQCZ1JLDG9jXcB9fIC2FQA207U/IqLh2/Qon9tzm
lLdudqqKI/fq8jaAwJFPPPDHmski1TJz6LUTs+SEs9yHZHiZZkadjOkchRr9ebop
t6Haajn8fc9LWpOUBeTIwiUkyHN7Rx7CFDAwsLTOL5yTTUGDUUJ53DOu5W1Gs+Xt
6TYSyzCGFFNrbP2/eh1kxfctyVBTHpRL+1TJbZTBDuE5OSyszVDbr65C8xvSaDqT
UmKdjYrJ8i26sYhKvmxCxmxRQIW2ol/ETbZvLzphjqK1eCYSuJBjvCaWax8f3jC8
qTLLoa9kZMkP6Tn25dD/YBlYcQe1gy0U/XGkMcPJzP7z7waJ
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:44 2025 by rpki-client