Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
File: cfca2455-b58e-43e0-a15f-276f8a5b527f.roa (raw, json)
Hash identifier: C2NFE930Adssg0lWMjTNmtNDwFo0yT3AAS76gq5CK2U=
Subject key identifier: 0F:FC:3A:63:0B:80:26:CB:4A:96:2C:42:4E:70:F7:37:11:27:6D:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3515DA39D45BCABDBE8C22C61F174C97EE73CEAD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
Signing time: Tue 05 Aug 2025 19:01:43 +0000
ROA not before: Tue 05 Aug 2025 19:01:43 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:15:da:39:d4:5b:ca:bd:be:8c:22:c6:1f:17:4c:97:ee:73:ce:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:01:43 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=4ed9938be97e590f4d6e988875870ee1df011588b24cb4a9796cc51c601b2006, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:56:fc:14:5e:5e:96:17:92:83:d8:af:0b:7a:
60:45:e9:9d:aa:a4:f2:9b:b9:57:5b:3b:34:f0:29:
87:94:e9:7c:c4:58:a9:0c:16:79:e9:f2:6d:83:42:
0b:a1:23:7c:37:3c:21:98:9c:7c:a5:44:61:3a:84:
be:13:87:2a:4b:04:19:43:df:cd:59:af:50:f2:ae:
9f:fd:cf:0e:f4:2e:20:27:f8:c9:71:21:79:b7:44:
1a:76:d1:29:88:60:ac:2f:f4:ac:11:aa:91:0d:12:
d6:2f:dd:fd:72:bd:21:53:12:de:2f:76:0f:c1:74:
71:d7:32:90:19:ff:ad:f3:a3:c0:96:d2:5b:c2:f6:
65:a4:91:10:8b:52:f7:68:86:58:60:10:33:c9:48:
1b:0d:8e:ea:5d:bd:6d:64:d5:5e:68:a9:dd:53:0f:
c7:eb:0d:0b:4c:a2:25:4c:56:75:33:b4:f7:1e:e3:
9f:3c:76:84:8f:ab:a8:3b:11:6b:94:04:23:85:a2:
ee:75:ff:40:34:c2:4c:0f:24:a7:f9:de:48:7c:43:
99:8e:0d:9c:23:9d:31:09:a8:38:1b:25:ab:13:20:
fb:63:2c:5a:8a:30:a7:6d:3d:15:2a:85:9b:c8:ae:
2e:1f:a2:5a:29:e2:6a:77:39:72:e4:c8:48:8e:83:
ac:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:FC:3A:63:0B:80:26:CB:4A:96:2C:42:4E:70:F7:37:11:27:6D:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e040::/48
Signature Algorithm: sha256WithRSAEncryption
3c:24:f4:03:68:83:5a:0e:ee:67:55:5d:2f:d0:35:52:06:b7:
73:52:8d:27:c1:c2:09:8c:9c:09:4c:3e:2c:f9:9f:88:84:2f:
fd:f1:4a:29:03:e0:7e:66:8c:28:de:f4:f1:ee:7f:00:1a:f7:
f0:4f:59:fc:50:51:54:0c:b5:e3:76:f9:c8:93:b3:ea:b9:50:
79:0b:d0:dd:53:bb:49:b1:9d:3f:51:93:94:72:7d:6b:61:05:
29:65:c5:8e:59:36:6a:c9:a5:6b:d4:d5:21:b2:dd:8a:ac:de:
28:c7:4d:a6:47:e6:0b:ec:ea:b3:63:3f:3c:f4:1a:b2:da:3d:
a0:3f:e5:8c:70:e7:12:12:7a:d0:2d:0c:79:6f:b4:d3:54:fe:
49:94:57:7b:d2:f1:94:7d:17:2e:56:3c:21:fc:6a:9b:de:09:
a7:7c:8f:4b:f3:cf:42:58:06:93:0d:88:01:65:4d:54:d5:30:
c3:e6:12:b7:52:ed:8c:43:31:29:67:0a:dd:4b:8d:86:21:80:
af:f6:4e:ac:96:7f:0d:8f:cf:9c:40:7a:78:7b:ba:f1:9c:1f:
19:d9:cb:2b:5a:1d:c3:43:83:53:ea:3b:6e:e5:a4:ac:2d:15:
5b:f2:2d:70:b8:50:d8:94:78:ec:f3:33:33:82:86:5d:80:d7:
84:c4:bd:40
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNRXaOdRbyr2+jCLGHxdMl+5zzq0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTAxNDNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlZDk5MzhiZTk3ZTU5MGY0ZDZlOTg4ODc1ODcwZWUxZGYwMTE1ODhiMjRj
YjRhOTc5NmNjNTFjNjAxYjIwMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIxW/BReXpYXkoPYrwt6YEXpnaqk8pu5V1s7NPAph5TpfMRYqQwWeenybYNC
C6EjfDc8IZicfKVEYTqEvhOHKksEGUPfzVmvUPKun/3PDvQuICf4yXEhebdEGnbR
KYhgrC/0rBGqkQ0S1i/d/XK9IVMS3i92D8F0cdcykBn/rfOjwJbSW8L2ZaSREItS
92iGWGAQM8lIGw2O6l29bWTVXmip3VMPx+sNC0yiJUxWdTO09x7jnzx2hI+rqDsR
a5QEI4Wi7nX/QDTCTA8kp/neSHxDmY4NnCOdMQmoOBslqxMg+2MsWoowp209FSqF
m8iuLh+iWinianc5cuTISI6DrDcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQP/Dpj
C4Amy0qWLEJOcPc3ESdtmjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2ZjYTI0NTUtYjU4ZS00M2UwLWExNWYtMjc2ZjhhNWI1MjdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
QDANBgkqhkiG9w0BAQsFAAOCAQEAPCT0A2iDWg7uZ1VdL9A1Uga3c1KNJ8HCCYyc
CUw+LPmfiIQv/fFKKQPgfmaMKN708e5/ABr38E9Z/FBRVAy143b5yJOz6rlQeQvQ
3VO7SbGdP1GTlHJ9a2EFKWXFjlk2asmla9TVIbLdiqzeKMdNpkfmC+zqs2M/PPQa
sto9oD/ljHDnEhJ60C0MeW+001T+SZRXe9LxlH0XLlY8Ifxqm94Jp3yPS/PPQlgG
kw2IAWVNVNUww+YSt1LtjEMxKWcK3UuNhiGAr/ZOrJZ/DY/PnEB6eHu68ZwfGdnL
K1odw0ODU+o7buWkrC0VW/ItcLhQ2JR47PMzM4KGXYDXhMS9QA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:14 2025 by rpki-client