Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa
File: cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa (raw, json)
Hash identifier: zpeGWdNcurngRkkqCP3S+8qeHLf39EbeqP8ti/v+j5o=
Subject key identifier: 1B:55:4D:2C:B6:23:BE:18:77:07:C7:BB:60:35:8F:4A:46:0A:BA:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3BB39BD5D8AF955FD36E70494388D0AEAB9338BD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa
Signing time: Tue 05 Aug 2025 19:50:15 +0000
ROA not before: Tue 05 Aug 2025 19:50:15 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:b3:9b:d5:d8:af:95:5f:d3:6e:70:49:43:88:d0:ae:ab:93:38:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:50:15 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=357eea5a854310309818fe916b4ef5a0469ad63453da62547577753ff00ac60a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:72:5a:f0:9c:bc:5c:32:5f:81:4b:83:da:93:
93:52:20:c2:29:b2:3f:57:61:3b:d0:10:56:1f:38:
51:cb:39:f8:3c:4e:93:55:98:e9:99:78:99:1b:80:
31:19:3a:22:bb:96:6f:cd:30:b0:75:33:a1:49:06:
41:07:0f:9f:68:c9:fa:30:7c:07:69:2b:bc:fd:ca:
dd:27:9e:af:b5:5c:7a:77:cb:13:9d:69:db:0f:45:
ed:7b:c3:ae:d2:fb:79:83:17:e3:26:65:5d:8b:2a:
d2:f0:5e:f0:76:19:13:b4:ab:03:0d:47:dd:84:b9:
5f:73:74:c4:51:30:8a:89:9f:30:4a:11:be:82:fc:
28:8c:44:e9:63:1f:94:ff:93:52:95:c6:d9:c4:ac:
a5:6c:2f:da:b4:90:13:4f:2c:87:00:dd:45:c3:db:
46:cc:d8:aa:aa:bf:d0:7d:f3:1d:0c:16:a3:0d:e9:
d9:e0:8b:44:81:a1:3a:b1:d5:b1:a7:24:0d:ac:f9:
9c:28:5b:13:e0:36:0c:98:2b:dd:55:52:c8:48:3c:
dd:56:70:18:9b:46:aa:14:6b:0f:ce:91:f3:60:6f:
d0:2a:2b:7d:52:54:c7:2c:67:e9:0b:72:b8:5c:42:
f9:68:e3:d9:78:e7:48:b8:13:63:e8:c8:5a:eb:51:
9d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:55:4D:2C:B6:23:BE:18:77:07:C7:BB:60:35:8F:4A:46:0A:BA:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:c000::/40
Signature Algorithm: sha256WithRSAEncryption
51:d3:06:44:7c:61:16:04:a5:ea:76:32:fa:02:e7:45:33:ed:
ee:a2:41:1d:91:e1:4a:4c:22:90:54:bf:92:46:a1:d6:37:22:
d4:c3:b9:5b:e7:70:99:f9:a1:20:6d:d4:79:f3:2a:33:a7:26:
82:b2:65:85:f8:29:40:7f:9c:dc:29:e1:91:ef:70:1f:4b:4d:
2a:4c:de:3f:4c:5e:2d:22:e8:b2:da:ec:30:c8:be:aa:bd:1e:
28:88:64:54:47:56:c9:c8:1d:ad:da:40:c9:6c:5b:f2:df:ef:
0f:76:80:9a:9f:83:05:54:e3:1e:b1:62:9c:50:20:8a:06:78:
27:65:20:89:16:c2:98:be:af:68:dc:79:95:30:43:06:b6:0f:
01:d9:1b:7f:5b:c7:1e:b1:17:27:d2:2e:e2:42:e0:9a:a6:50:
43:d5:b5:38:9f:24:77:9e:86:f9:4d:9f:83:fd:4e:81:4a:61:
bf:b8:32:ed:85:a9:9e:47:36:ff:b9:03:94:95:af:7f:c6:c6:
f6:79:10:4a:75:14:47:e0:f5:f0:2d:32:f9:7d:e9:6e:37:09:
9f:fb:93:c3:31:b7:01:3e:39:33:1b:2b:c5:24:ca:bc:58:72:
a5:8a:e7:3c:8e:65:f5:33:af:ac:59:d6:b8:37:d0:19:8e:fa:
0f:c8:6e:e7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUO7Ob1divlV/TbnBJQ4jQrquTOL0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTUwMTVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1N2VlYTVhODU0MzEwMzA5ODE4ZmU5MTZiNGVmNWEwNDY5YWQ2MzQ1M2Rh
NjI1NDc1Nzc3NTNmZjAwYWM2MGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5yWvCcvFwyX4FLg9qTk1IgwimyP1dhO9AQVh84Ucs5+DxOk1WY6Zl4mRuA
MRk6IruWb80wsHUzoUkGQQcPn2jJ+jB8B2krvP3K3Seer7VcenfLE51p2w9F7XvD
rtL7eYMX4yZlXYsq0vBe8HYZE7SrAw1H3YS5X3N0xFEwiomfMEoRvoL8KIxE6WMf
lP+TUpXG2cSspWwv2rSQE08shwDdRcPbRszYqqq/0H3zHQwWow3p2eCLRIGhOrHV
sackDaz5nChbE+A2DJgr3VVSyEg83VZwGJtGqhRrD86R82Bv0CorfVJUxyxn6Qty
uFxC+Wjj2XjnSLgTY+jIWutRnUsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQbVU0s
tiO+GHcHx7tgNY9KRgq6mzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I4ZjRmMzctZmVjZC00YmM2LThlZGMtODBiZTlmMmZiZWRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DrA
MA0GCSqGSIb3DQEBCwUAA4IBAQBR0wZEfGEWBKXqdjL6AudFM+3uokEdkeFKTCKQ
VL+SRqHWNyLUw7lb53CZ+aEgbdR58yozpyaCsmWF+ClAf5zcKeGR73AfS00qTN4/
TF4tIuiy2uwwyL6qvR4oiGRUR1bJyB2t2kDJbFvy3+8PdoCan4MFVOMesWKcUCCK
BngnZSCJFsKYvq9o3HmVMEMGtg8B2Rt/W8cesRcn0i7iQuCaplBD1bU4nyR3nob5
TZ+D/U6BSmG/uDLthameRzb/uQOUla9/xsb2eRBKdRRH4PXwLTL5feluNwmf+5PD
MbcBPjkzGyvFJMq8WHKliuc8jmX1M6+sWda4N9AZjvoPyG7n
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:46:10 2025 by rpki-client